Slide 1

ANUSHA KAMINENI SECURITY MANAGEMENT

Slide 2

Introduction Background Lifecycle of System Interconnection

Slide 3

Security guide for Interconnecting systems Life-Cycle Management Planning a system interconnection Establishing a system interconnection Maintaining a system interconnection Disconnecting a system interconnection ISA and MOU/A System Interconnection Implementation plan

Slide 4

Authority Purpose Scope Audience Document Structure

Slide 5

Figure 1: Interconnection Components

Slide 6

Exchange data & information Provide customized levels Collaborate on Joint projects Provide full time communications Provide online training Provide secure storage of data

Slide 7

Figure 2. Steps to plan a system interconnection

Slide 8

Establish a Joint planning team Define the Business case Perform C & A Determine Interconnection Requirements Document Interconnection Agreement Approve or Reject Interconnection

Slide 9

Level and method of interconnection Impact on existing Infrastructure and Operations Hardware Requirements Software Requirements Data Sensitivity User Community Services and Applications Security controls Segregation of Duties Incident Reporting and Response Contingency Planning

Slide 10

Data element naming and ownership Data Backup Change Management Rules of Behavior Security Training and Awareness Roles and Responsibilities Scheduling Costs and Budgeting

Slide 11

Develop an interconnection security agreement Establish a memorandum of Understanding

Slide 12

Approve the interconnection Grant interim approval Reject the interconnection

Slide 13

Fig 3. Steps to Establish a system Interconnection

Slide 14

Develop Implementation Plan Execute Implementation Plan Activate Interconnection

Slide 15

Implement or configure security controls Firewalls Intrusion Detection Auditing Identification and Authentication Logical Access controls Virus scanning Encryption Physical and Environmental security

Slide 16

Install or configure hardware and software Communications line VPN Routers and switches Hubs Servers Computer Workstations Integrate Applications Conduct operational and security testing Conduct security Training and awareness Update systems security plans Perform Recertification and Reaccreditation

Slide 17

Maintain clear lines of communication Maintain equipment Manage user Profiles Conduct security reviews Analyze audit logs Report & respond to security incidents Coordinate contingency planning activities Perform Change management Maintain system security plans

Slide 18

Planned disconnection Emergency disconnection Restoration of interconnection

Slide 19

Security guide for Interconnecting systems Life-Cycle Management Planning a system interconnection Establishing a system interconnection Maintaining a system interconnection Disconnecting a system interconnection ISA and MOU/A System Interconnection Implementation plan

Slide 20

Audit Trail Integrated Services Digital Network(ISDN) Interconnection Security Agreement(ISA) Intrusion Detection System (IDS) Memorandum of Understanding/Agreement(MOU/A) RADIUS (Remote Authentication Dial-In User Service) Security Controls System interconnection Virtual Private Network(VPN)

Slide 21