Sample NVA Report 235
Urgency Rating*****
Risk
There is no way to guarantee through testing that a system is secure. The
best that testing can provide is a snapshot of the security of the system at the
time of the tests. Therefore, it is critical, especially for sensitive systems, that
full-time monitoring be employed. Only through full-time intrusion detection
can CLIENT be certain that the vulnerability assessment majority of attack and
abuse attempts, either external or internal, can be caught and traced. More
important, should an attempt succeed, only complete intrusion detection will
allow the ability to track the root cause that permitted the intrusion, repair
the problem, and ensure that it does not happen again.
Recommendations
Proposed intrusion detection systems (IDSs) will be presented as a part of the
Facilitated Risk Analysis Process, which is to follow the Vulnerability Assess-
ment and is indicated as Milestone II in the Engagement Agreement under
which this document was produced.
Finding 2: Security Architecture
As discussed throughout this document, the CLIENT trust model is one
designed for both rapid changes, resource reallocation, and fluidity in business
processes. Of the classical information security triad — confidentiality, integrity,
and availability — the CLIENT network is designed for availability of resources
above all else. Beyond the concepts of the CLIENT trust model, a true
formalized Security Architecture does not exist. At this point, it is a nebulous
idea that is shared by the IT staff, but it has not progressed beyond that.
Urgency Rating**
Risk
The security trust model is the basis for the entire information security
infrastructure. The focus on availability in the CLIENT infrastructure results in
the integrity and confidentiality of other components not being addressed.
This presents the possibility for vulnerabilities to be present that will not be
detected because of the infrastructure itself. Without a formalized architec-
ture, future decisions about information protection will be made based on
the current view of the information to be protected, which may not accurately
reflect the true situation. A formalized architecture provides a framework
upon which all security controls can be based, allowing logical decisions to
be made based on the direction chosen as opposed to reacting to existing
circumstances.