Table of contents
Episode 2 talks about why is it important to manage IT infrastructure, the 7 domains of IT infrastructure and the associated risks.
It is extremely important for an organisation to manage their infrastructure due to the criticality of it to the business services. The motive to manage the infrastructure is to increase availability, decrease vulnerability and maintain productivity. Well managed infrastructure offers benefits: If infrastructure is effective it will reduce cost as the availability will improve employee’s productivity, leading to improved customer satisfaction. A well maintained environment is also secure and reduces operational and financial risks thereby helping the organisation meet its goals. Below are the 7 domains of the IT infrastructure and the risks associated with it.
User domain As the name implies, a user domain includes all the end users (both inside and outside your organization) who have access to information within your organization.
There is a risk of a user intentionally or unintentionally destroying data available in an application or can insert bug into the system.
Workstation domain The PCs used by the user to communicate with the IT infrastructure, is part of the workstation domain.
The vulnerabilities of this domain are OS,Software, hardware and the latest patches not being present
LAN domain The routers, hubs, workstations, access points, switches, and other components that make up a local area network are all included in the LAN domain.
The risks here could be the spread of virus through the LAN there by infecting all computers in the network, weak passwords leading to compromise of security, OS having vulnerability and accessibility of the Organisations LAN by an unauthorised user.
WAN domain Wide Area Network links all devices across distances and has both semi-private lines and the internet.
The risks are FTP servers might have pirated files, major outage of the Service Provider, DDOS or DOS attacks, illegal software upload.
LAN-to-WAN domain The LAN-to-WAN domain is the boundary where the Local Area networks connect to the Wide area networks separated by a firewall. LAN is trusted zone as its controlled by the organisation whereas WAN is untrusted as its internet
The risk associated is if a hacker can penetrate the LAN they would have access to an organisations sensitive data through the unnecessary ports opened in a Firewall, weak traffic filtering can reduce the performance, visiting malicious websites by users will download malicious software unintentionally.
System/application domain The system / application domain represents the applications and technologies used to do business. This includes servers with user access rights such as databases and email.
Risks – Attack on the email server, harmful injection affecting the database server.
Remote access domain In a remote access domain, a mobile user (for example, a contractor, supplier, or employee) access the company network remotely using a VPN.
Risks- Hacking VPN tunnel, Circuit outage, unsecured remote communication.
The physical components of the IT Infrastructure like the hardware and network will be dealt in the upcoming episodes.