Case Study Scenario:
The security team at your organization receives an alert from
your organization’s cloud storage provider, DataStore. DataStore is
a popular cloud-based data hosting service that your organization
has contracted with to store public-facing information such as
product briefs and advertisements in a “shared” platform with many
other customers. Your organization has a policy against
transferring confidential data to the cloud and has asked DataStore
to alert your security team if they detect unusual data-transfer
activities. DataStore noticed that an active connection transferred
large numbers of files to their platform and promptly investigated.
Upon closer inspection, the DataStore employee recognized that
customer names and social security numbers were clearly displayed
in the uploaded files. The security team, with the help of
DataStore, discovered that an intern was responsible for the large
data transfer. The intern accidentally saved confidential email
attachments to a folder on his system that synchronized with
DataStore. The intern apologized and stated that he would delete
the data from the cloud storage location. However, the problematic
files were available for public download for a short period of
time.
After reading the scenario above, complete the Fundamental
Security Design Principles mapping table and answer the short
response questions. To fill in the table below by completing the
following steps:
Specify which Fundamental Security Design Principle applies to
the control recommendations by marking the appropriate cells with
an X.
Indicate which security objective (confidentiality,
availability, or integrity) applies best to the control
recommendations.
Explain your choices in one to two sentences with relevant
justifications.
Control Recommendations
Isolation
Encapsulation
Complete Mediation
Minimize Trust Surface (Reluctance to Trust)
Trust Relationships
Security Objective Alignment (CIA)
Explain Your Choices
(1–2 sentences)
Deploy an automated tool on network perimeters that monitors for
unauthorized transfer of sensitive information and blocks such
transfers while alerting information security professionals.
Monitor all traffic leaving the organization to detect any
unauthorized use.
Use an automated tool, such as host-based data loss prevention,
to enforce access controls to data even when data is copied off a
system.
Physically or logically segregated systems
should be used to isolate higher-risk software that is required
for business operations.
Make sure that only the resources necessary to perform daily
business tasks are assigned to the end users performing such
tasks.
Install application firewalls on critical servers to validate
all traffic going in and out of the server.
Require all remote login access and remote workers to
authenticate to the network using multifactor authentication.
Restrict cloud storage access to only the users authorized to
have access, and include authentication verification through the
use of multi-factor authentication.
Make sure all data-in-motion is encrypted.
Set alerts for the security team when users log into
the network after normal business hours, or when users access
areas of the network that are unauthorized to them.
After you have completed the table above, respond to the
following short questions:
Is it possible to use DataStore and maintain an isolated
environment? Explain your reasoning.
How could the organization have more effectively applied the
principle of minimizing trust surface with DataStore to protect its
confidential data? Explain your reasoning.
How can the organization build a more security-aware culture
from the top down to prevent mistakes before they happen? Explain
your reasoning.
Case Study Scenario: The security team at your organization receives an alert from your organization’s cloud storage pro
-
answerhappygod
- Site Admin
- Posts: 899603
- Joined: Mon Aug 02, 2021 8:13 am