© SidorArt/Shutterstock.
CHAPTER 9
Compliance Within the Workstation Domain
LOCKING YOUR FRONT DOOR but leaving your window open does not offer very good security. Let us assume you have good authentication and security on your network. You know who is signed into your network. If the workstation was breached, malicious software on the workstation can be used to access and extract sensitive and confidential data from the network. From the network’s view, the user and workstation can look legitimate. This increases the importance of ensuring the workstation is compliant with policies and has appropriate security controls in place.
Examining risk from an infrastructure view means following data through the end-to-end environment. As we move through the technology infrastructure, we find similar risks and need to secure each point along the data flow. The Workstation Domain refers to any computing device used by end users. Most times when someone uses the term “workstation,” they are talking about desktop or laptop computers. But it can be any end-user device that accesses information. For discussion purposes within this chapter when we use the term “workstation” we are referring to an end user’s desktop or laptop computer.
An end user typically authenticates in the User Domain to access data and services on the workstation. Once you know who they are, then the end user is authorized by the workstation itself. Each workstation has an identity much like an end user. Not only can you restrict what data and services a user can access but can also restrict specific workstations.
This chapter will explore considerations in auditing workstations and common controls found in the workstation domain.