Infrastructure Security Analysis

Infrastructure Cyber Security Analysis top image
Infrastructure Security Analysis side image
Two Cloud Datacentre Racks Left Picture
Two Cloud Datacentre Racks Left Picture
Two Cloud Datacentre Racks Left Picture

Steps in Cyber and Infrastructure Security Analysis

Digital Innovations Global follow the following steps as a minimum to provide complete cyber and infrastructure security analysis reviews for our clients.

  • Comprehend Internet, IT infrastructure, network (configuration and topology), network traffic and communication systems.
  • Prepare a security policy, processes, procedures, and their implementation plan.
  • Obtain approval of the above from management.
  • Implement the above policies and plans.
  • Maintain a standardised documentation of the entire IT infrastructure.
  • Periodically test and audit using the Secure Firewall Tester application, the entire network security (Internet, Intranet and Extranet) and to update it regularly, and maintain an audit trail of all changes.
  • Create security awareness among users through training, crash courses or “tip of the day” messages.
  • Undertake preventive security measures, before corrective measures become necessary.
  • Infrastructure Security Analysis using the Secure Firewall Tester pic

    Security Model
    It is said “Defence is in Depth”, and we follow this rule while designing and implementing any security system or model. This security model consists of 4 layers of security and each layer is described in detail in this post.

    Layered Security Model
    Most of us don’t work for organisations with budgets for procurement of security equipment or systems (or security personnel). In this context, we implement this Layered Security Model with the help of tools/technologies available free on the Internet. These tools perform data collection, analysis, reporting and generation of alarms.
    The four key layers of the security model are:

  • Layer-1: Perimeter Defence.
  • Layer-2: Operating Systems and Servers Protection.
  • Layer-3: Host Protection.
  • Layer-4: Information Protection.
  • Security Layer-1: Perimeter Defence Security Systems
    This layer is like the four walls and the roof of a secure house. It includes firewalls, routers and proxy servers. A national survey showed that 70-80% of attacks are internal i.e., from within the organisation’s internal network. Therefore, securing from internal attacks is the first line of defence. However, having only this line is not enough to protect any network and valuable information.
    One of the common attacks on this layer is DoS (Denial of Service) attack, which involves flooding the point of connection to outside world with unproductive traffic. This brings communications with the Internet to a standstill. Some of the common DoS attacks on routers are Smurf, Syn, Ack and Rst attacks.

    Security Layer-2: OS and Application Servers Security Systems
    This layer holds protection of operating system, the application servers, web servers, and mail servers. While traffic is regulated at the perimeter depending on the needs of the organisation, the applications utilising the traffic run on different application/web servers which in turn run on operating systems. An abuse of operating system privileges can potentially compromise network security. Users with access to the underlying operating system can jeopardise the availability and integrity of the firewall and expose critical network resources to both internal and external security threats. Hardening this layer will protect the network from number of internal threats.
    Vulnerabilities exist in operating systems, web servers, proxy servers, mail servers and application servers that need patches/service packs/hot fixes to fill those holes. An organisation may have multiple operating systems in its network. It is the responsibility of the OS vendors to make their products secure. In addition the user organisation also has the responsibility of applying the available security features.

    Some of the General Practices to Secure Server Hardware are:

  • Place servers and communication equipment in a secure room.
  • Give restricted access to server/communication room.
  • Avoid using server consoles as much as possible.
  • Match hardware compatibility while buying/installing the server.
  • Disable CD-ROM or floppy disk boot.
  • Security Layer-3: Host Protection
    Now that we have our perimeter defence tightened and the OS fine-tuned, we look at another threat from the internal workstations connected to the network.
    We use workstation security for two reasons:

    • to protect against someone trying to attack from within the network.
    • to protect the data stored on workstation from someone coming in through the firewall.

    Some of the key characteristics related to workstation security are listed below.

  • Formulate User Access Policy and implement the same.
  • Update regularly the patches/hot-fixes for the workstation operating system and applications.
  • Limit the Network Resources Access from workstations. Assign only what is a “MUST REQUIRED”.
  • Install Anti-virus software and update it regularly on all the workstations.
  • Ensure workstation data is included in daily nightly backups.
  • Allow no modems on workstations.
  • If nature of work permits (or if you can make it work) allow only one user to login in on each workstation.
  • Have as much logging enabled for workstations, as possible.
  • Have a personal firewall installed on all (if possible) workstations.
  • Do not retain faulty or old hard disk drives. CRASH THEM if you are planning not to use them.
  • Security Layer-4: Data/Information Protection

  • Having all the security layers implemented on the corporate network helps secure all the PCs in the network but once the PC is removed for use at home or on the road, security becomes more at risk.
  • Data protection can be broken down into three distinct categories: operating system security, sensitive data storage practices, and data encryption.
  • Operating system security covers the normal operating system (and services) security best practices.
  • Sensitive data storage practices cover the data that has to be on a server and data that can be on a desktop/laptop.
  • Data encryption covers the need of having the data protected by means of encryption. Precautionary steps:
  • Do not use any option that "remembers" your password so that you do not have to re-enter it the next time you need it.
  • Have all the laptops with Microsoft Windows installed with encryption enabled.
  • Have different password for different accounts.
  • Do not use same password for corporate network and public networks (Hotmail.com, Yahoo mail etc.).
  • Apply newly released operating system patches and application patches.
  • In Conclusion
    Cyber and infrastructure security cannot be achieved by merely implementing various security systems, tools or products. However security failures are less likely through the implementation of security policy, process, procedure and product(s). Multiple layers of defence need to be applied to design a fail-safe security system. The idea behind multi-layered defence cyber and infrastructure security is to manage the security risks with multiple defensive strategies, so that if one layer of defence turns out to be inadequate, another layer of defence will, ideally, prevent a full breach. Digital Innovations Global believes that, at a minimum, everyone must apply a range of security perimeter defences so that their resources are not exposed to external attacks and ensure that the security system is not limited by the weakest link of the security layer, which can be achieved by using the above Secure Firewall Tester application.

    Contact us at Digital Innovations Global on +44 (0) 207 193 8246. Our offices are located at 72 Great Suffolk Street, London Bridge, SE1 0BL

    Migrating Enterprise Application Infrastructure into the Cloud safely and securely

    The Digital Innovations Team can help you safely and securely move your on-premise IT infrastructure into the cloud, saving your company money and time

    Tagged , , , , .