Audit and Accountability (Case Study)



Auditing and accountability’s primary objectives are to ensure there are sufficient controls in place that provides evidence that can be audited in addition to ensuring the availability of records for sufficient amounts of time. This guarantees that when a system gets hacked, crashes, or gets a fat fingered input, there is a process in place to expedite the recovery of data, rollback changes, or perform tracebacks. Auditing and accountability has far reaching effects many of which that can bring light to instances of concealed activity hidden deep within the network. Continue reading

Contingency Planning for High Availability Networks (Case Study)



Uninterrupted operation of information systems are vital components to helping us maintain a high availability network that helps support and provide continuous service to our customers. Information system resources are an essential element to our business success and it’s crucial that we identify services utilized in these systems which need to operate efficiently. Despite a greater awareness for the need of business continuity planning, research has suggested the costs for data center downtime increased significantly in recent times. In 2016, total costs were estimated to be at $2.4 million, up 39 percent within the prior three years. Continue reading

Enterprise Patch Management (Case Study)



Computer and network security incident response is widely accepted and implemented in recent times due to the frequency of attacks attempting to compromise personal and business data. It’s critical for our organization to have the ability to systematically handle incidents by implementing a consistent incident handling methodology which enables us to respond quickly and appropriately. In addition to implementing a proper security incident management program, a sound patch management program will help create a robust defense of architectural designs for our organization as outlined below. Protecting company assets from attacks by patching vulnerabilities is only part of the risk equation where combined with an incident handling management program, institutes a good overall approach to risk management. Continue reading

Configuration Management (Case Study)



Ensuring that the condition of our systems are in a known, good, and trusted state is imperative to ensuring a high available network, which doesn’t not rely on implicit knowledge of the IT development teams. Having random available access to current and historical systems states are instrumental in helping project management perform adequate audits and for the development teams to perform debugging. Continue reading