Security in this context means primarily computer or information security. For the purposes of this checklist, the systems under evaluation will contain at least one computer (possibly more) and at least one network (again, possibly more).

Computer security is the process, procedures, or tools which assure that data entered into a computer today will be retrievable at a later time by, and only by, those authorized to do so. The procedures should additionally include systems by which computer system managers will be notified when attempts at penetrating security are made. Security is violated when some person or persons succeeds in retrieving data without authorization. Security is also breached when someone manages to destroy or altering data belonging to others, making retrieval of the original data impossible.

Security is closely related to the more general topic of how to obtain a dependable computing system. Dependability is the trustworthiness of a system and can be seen as the quality of the service a system offers. Integrating security and dependability can be done in various ways. One approach is to treat security as one characteristic of dependability on the same level as availability, reliability and safety.

The availability of a system is defined as the percentage of operational lifetime a system performs its functions. Loss of availability is often referred to as denial of service. High availability is mostly achieved by using redundant hardware in a system.

System reliability is closely related to availability, but reliability is the probability that a system will perform its functions during a time period. Reliability is quite different from availability since reliability is a measure of the continuity of a service.

Safety is the probability that a system either performs its intended functions correctly or that the system has failed in such a manner that no catastrophic consequences occur (fail-safe operation). Safety is especially important in systems interacting with other systems which in turn may fail, and in applications where an uncontrolled failure of a system may cause major damage or personal injuries.

The integration of security with dependability allows dependability analysis more accurately to describe events causing a system to fail, since dependability analysis now includes not only traditional issues but also failures caused by security problems. Since it is quite clear that security problems affect the dependability of a system, it would then also seem reasonable to integrate security and dependability.

Security exists in many forms: An operating system may be programmed to prevent users from reading data they are not authorized to access. Security may be procedures followed by computer users, such as disposing of all printouts and unusable magnetic media in shredders or incinerators. Security may be in the form of alarms and logs which tell the management when a break-in is attempted and/or successful. Security may be a function of hiring procedures which require extensive security checks of employees before allowing them to access confidential data. Lastly, security may be in the form of physical security, such as locks on doors and alarm systems intended to protect the equipment and media from theft.

In a secure environment, the many types and layers of security are used to reinforce each other, with the hope that if one layer fails another layer will prevent or minimize the damage. Established protocol and judgment are required to determine the amount and cost of security which a particular organization's data warrant.

If you are not concerned with any aspect of the security of your system, this checklist is not for you. However, if you agree with this usage and see it as applicable to your situation, continue.

How much security is needed for your system?

In most computer systems, security is purchased at a cost in system performance, ease of use, complexity and management time. Once cost-effective safeguards are selected, residual risk remains and is accepted by management. Risk status should be periodically re-examined to identify new threats, vulnerabilities, or other changes that affect the degree of risk that management has previously accepted.

Effort is required by every organization to safeguard information resources and to reduce risks to a prudent level. The spread of computing power to individual employees via personal computers, local-area networks, and distributed processing has drastically changed the way we manage and control information resources. Internal controls and control points that were present in the past when we were dealing with manual or batch processes have not been established in many of today's automated systems. Reliance upon inadequately controlled computer systems can have serious consequences, including:

* Inability or impairment of the agency's ability to perform its mission

* Inability to provide needed services to the public

* Waste, loss, misuse, or misappropriation of funds

* Loss of credibility or embarrassment to an agency

To avoid these consequences, a broad set of information security issues must be addressed effectively and comprehensively. Towards this end, executives should take a traditional risk management approach, recognizing that risks are taken in the day-to-day management of an organization, and that there are alternatives to consider in managing these risks. Risk is accepted as part of doing business or is reduced or eliminated by modifying operations or by employing control mechanisms. The success of risk management depends on the role top management takes in the project. There must be:

* Management support of the project expressed to all levels of the organization

* Management explanation of the purpose and scope of risk analysis

* Management selection of qualified team and formal delegation of authority and responsibility

* Management review of the team's findings

A system is only as secure as the people who can get at it. It can be "totally" secure without any protection at all, so long as its continued good operation is important to everyone who can get at it, assuming all those people are responsible, and regular backups are made in case of hardware problems. Many laboratory PC's quite merrily tick away the hours like this.

The problems arise when a need (such as confidentiality) has to be fulfilled. Once you start putting the locks on a system, it is fairly likely that you will never stop.

Retirado do site: http://www.icsa.net/library/research/security.shtml em jul/99