Biomedical Engineering Reference
In-Depth Information
measures should be taken. In addition, it is impor-
tant to deter any actions that might result in phys-
ical damage.
Once access has been gained, whether autho-
rized or not, misuse must be prevented. If misuse
is not prevented, it must be at least limited so
that it does not cause serious damage. Simi-
larly, potential system abusers should be aware of
disciplinary actions, and nonconformance to secu-
rity guidelines should be noted and eliminated.
Preventive measures against misuse and damage
generally include access restrictions to systems,
networks, and facilities, restrictions on potentially
damaging activities (e.g., smoking or keeping open
flames), the use of non-flammable and water-
proof materials, the locating of computers and
network equipment in secured areas, and the instal-
lation of protective devices (e.g., surge protection
devices and automatic cut-off valves). It should
be noted that, in cases of system and network
recovery, the deadline requirements for returning
the systems and networks to operation may dictate
that recovery is only feasible if backup systems,
networks, or facilities are available.
administrator should be stemming further viola-
tions or abuses of the computer systems and
networks, with the proviso that human safety
should not be compromised. For example, if a
fire is detected, the first consideration should be
the evacuation of personnel to safety. Immediately
after personnel safety is ensured, an attempt should
be made to extinguish the fire, but only if the
persons doing so are not at risk or are authorized
fire fighters.
In the case of detecting unauthorized access to
a system or network, the first step is to discon-
nect unauthorized users from the system, unless
apprehension of the perpetrators would be hindered
or more harm would be caused to the organiza-
tion than by allowing continued access. More harm
would be caused, for example, if the entire system
or network were shut down to stop further unau-
thorized access—depriving authorized users from
performing their work.
The data security administrator should deter-
mine whether prevention of further intrusion and
abuse is more harmful than continuation of the
adverse practice. Because a decision made under
such immediate pressure could easily be the wrong
one, the rules of action should be carefully spec-
ified in advance and strictly enforced during an
event. Because it is frequently during the initial
moments of an emergency that decisions are most
critical, rehearsals, simulations, and other training
techniques are a crucial part of such contingency
planning.
Security During Backup
Once access, misuse, or damage is detected and the
organization begins backup, recovery, and repair,
security procedures should be followed to:
Prevent further access, misuse, and damage due
to continuance of the initial intrusion or cause
of damage.
•
Security During Recovery
When the source of abuse has been halted and the
situation has been stabilized, recovering the system
and facility begins. This may be achieved either on
site or at off-site backup facilities.
Physical Access
. Because backup and recovery
frequently involves non-employees (e.g., fire
fighters, messengers, or service engineers) the
data security administrator should ensure surveil-
lance of such persons while they are on the
premises or handling confidential information.
Alternatively, security may be achieved if only
authorized persons are allowed access to sensitive
Prevent access, misuse, and damage during the
vulnerable backup and recovery processes.
•
Prevent access, misuse, and damage during the
repair process.
•
Ensure that security controls do not unduly
hinder
•
the backup,
recovery,
and repair
processes.
Prevention During Recovery
After the detection of unauthorized access, misuse,
or damage, the highest priority of the data security
