Maximizing Confidentiality

Ensuring confidentiality in the LAN Domain is one of the simpler tasks. There are ­basically four steps to ensuring only authorized users can see confidential data:

1. Identify confidential data.

2. Require positive identification for all access requests and define strict access ­controls for all confidential data identified in Step 1.

3. Use encryption to store all confidential data identified in Step 1.

4. Use encryption to transfer all confidential data identified in Step 1.

You should already be enforcing identification and access controls in the LAN Domain. The new controls involve using encryption. Encryption is the process of scrambling data in such a way that they are unreadable by unauthorized users but can be unscrambled by authorized users to be readable again. Specifically, encryption takes cleartext data and turns them into ciphertext through the use of an algorithm and a key. Cleartext data are simply human-readable data. Ciphertext is the resulting unreadable output.

Encrypting stored data is easy. Today’s operating systems support encryption either directly or through integrated software. You can encrypt individual files, folders, volumes, or entire disk drives. After you decide how much data you want to encrypt, explore the various encryption options available for your operating system.

Transmission encryption means never sending information across the network in ­cleartext, otherwise known as being in the clear. The term in the clear means in a format anyone can read during transmission. You can use encryption at the application level or by only allowing encrypted connections between source and destination nodes. Many ­database management systems and document management systems can also refuse to transmit confidential data over unencrypted connections. Regardless of how you ­implement ­encryption, you should validate your controls to enforce encryption and use a packet analyzer to verify that your traffic is actually encrypted.

Maximizing Integrity

LAN nodes are just as susceptible to malicious software as any other computers. As LAN nodes become more powerful and based more on standard operating systems, they become more attractive targets. A compromised LAN node can be just a starting point. Once an attacker gets a foothold in your network, it becomes far easier to compromise other parts of your infrastructure.

You should use the malicious code policies and procedures from the ­Workstation Domain in the LAN Domain as well. The issues are the same. Ensure you have ­anti-malware 
software installed on every computer in the LAN Domain. Establish procedures to ensure all anti-malware software and data are kept up-to-date. Because some components in the LAN Domain are devices and not general-purpose computers, you should explore anti-malware features on each device and enable any available features. Your goal is to prevent malicious software from entering your LAN Domain.

Malware is not the only integrity concern. Users can also violate data integrity. Users can be malicious or unaware of their actions. Either way, it is important to control changes to critical data. Good access controls should stop any data changes by unauthorized users. You can also audit changes to critical data by authorized users. Audit data can provide valuable audit trails for later analysis. Good audit trails can help trace unauthorized changes back to their source. Getting to the root of unauthorized changes should provide the input needed to modify or add controls to keep the damage from happening again.

Maximizing Availability

It is important to develop and maintain a comprehensive recovery plan to replace lost or damaged data. As you use LANs to store more information in central repositories, it becomes more important to ensure the data are available when users request it. A crucial part of your security plan is creating secondary copies, or backups, of your data in case the primary copy is damaged or deleted. Because more users are sharing the same set of data, any loss affects a larger portion of your organization.

A solid recovery plan contains a schedule for creating backups as well as the ­procedures for recovering lost or damaged data. All current NOS products include capable utilities to back up and recover data. Third-party vendors also provide ­solutions that make enterprise-wide backups easier than managing individual computers. Explore the backup solutions available for your choice of server computers and select the one that meets your security needs with minimal administrative oversight.

Most backup and recovery solutions target networked computers. Don’t forget to include any network devices with valuable data in your backup and recovery plan. Some network devices store configuration settings and performance data. Backing up these devices can save valuable log and performance data and make reconfiguring a device after a failure much faster. In nearly all cases, it is faster to load backed-up configuration data than to re-enter it manually. Make sure your backup plan includes any devices with data you’ll need if a device fails.

Another important aspect of availability is ensuring your users can access LAN resources in an acceptable time frame. If the network is too slow, users can’t get to their requested information, and you are not supporting data availability. In some cases, this problem is just due to excessive network use or a lack of network capacity for normal use. In both cases, you must examine the behavior and reduce the load on your network, increase its capacity, or both.

In other cases, a lack of availability results from an attack. Suppose your ­organization sells automobile insurance. You attract new customers by offering to analyze their existing coverage and providing a competitive quote showing how your coverage saves them money. You depend on your database of coverage costs to generate the analysis report. You cannot conduct business if you cannot access your database. In this case, an attacker who renders your network unusable effectively stops your ability to conduct business. The type of attack that denies access to a ­critical resource or service is called a DoS attack.

The best defense against DoS attacks is to aggressively enforce access controls and monitor your network for unusual or excessive traffic. You’ll need to provide evidence that you’ve implemented both preventive and detective controls to combat DoS attacks.

Patch Management

Unpatched system vulnerabilities are attributed to 27% of the data breaches ­according to a Tripwire 2019 study. Patch management is critical when it comes to securing your systems. The primary purpose of patches is to fix known bugs and ­security flaws in the software. Additionally, applying patches helps maintain regulatory compliance. Many compliance standards require regular updating of ­software. Implementing patch management is necessary for companies to stay ­compliant with various industry norms and regulations. Failure to stay in compliance can result in data breaches and regulatory penalties.