Data Privacy
High Level ViewMedium Level ViewDetailed View Strategic Initiatives Business Processes Information Flows Systems and Services Technology Infrastructure Security Solutions
 
Overview
 The internal risk of unauthorised access to corporate data is increasingly a concern amongst IT and business organisational structures. Secure data access controls are critical to ensure that vital company data is kept safe and confidential. 80% of data access violations come from within the organisation and it only takes one wayward employee with insider knowledge to create a major security problem.
(Summarised from: http://wiki.oracle.com)

This document addresses the Data Privacy requirements for Kitty Hawk Aeronautics and which controls should be applied to its information systems to reduce information system risk. It should be used in conjunction with “Kitty Hawk Information System Security Classification” matrix, and Solutions Descriptions document to apply the correct level of protection controls.

The three Security objectives of Information Systems are to preserve:

Extracted from NIST Special Publication 800-60 Volume I: Guide for Mapping Types of Information & Information Systems to Security Categories

 
See the High Level View of Information Flows in the EA3 Repository.

Categorizing an information system based on its information types and associated security objective impacts should be done to determine what controls are necessary in order to preserve the security objectives.

The system Security Classification provides important input considerations in to the following Processes:
  • Capital Planning and Investment Control (CPIC) and Enterprise Architecture (EA): As a basis for justifying capital expenditure
  • System Design
  • Disaster Recovery Planning
  • Information Sharing and System Interconnection Agreements
The Information System Security Classification is displayed in the System Security Classification Matrix in Data-Privacy Cell of the online EA repository.
 
Client Data Privacy Policy
It is KHA policy that all client details will remain private and not be published or sold but shall be kept for Customer Management in:
  • Handling queries,
  • Complaints,
  • Customer surveys and follow up on customer service,
  • Transactional accounting records for billing, payment, and delivery
  • And legislative requirements
KHA reserves the right to perform credit and criminal checks on all clients. Where orders exceed $50 Million KHA will perform financial and contractual due diligence on all clients to avoid risk in contractual payment obligations being met.
 
Security Controls
Those KHA systems that have a high availability impact must be protected by a comprehensive disaster recovery plan.
      Business Essential Systems:
 
     Critical Service Infrastructure: 
  • All banking and payment channels used by KHA financial systems must implement.
    • Transport Layer security: SSL/TLS
    • Batch Systems must implement PKI transaction file encryption and signing for confidentiality, integrity and non repudiation with each financial institution on all sent and received files

  • All Systems used on Defence and Space Production lines will reside on separated network subnets implemented as controlled access VLAN of physical network switch. All network switches must be managed and deployed using the IEEE_802.1X port-based Network Access Control (PNAC). This will automatically quarantine any rogue devices on the network. Best practices of using private IP address ranges must be adhered to.
 
All external access to these Defence and Space LAN’s must be via firewall access.
  • All public facing web employee and client systems must implement at least basic authentication login over HTTPS.  Login web page userids to be entered via keyboard and password to be entered through mouse clicks on virtual screen displayed keyboard. This is to prevent keystroke capture software capturing user passwords. All passwords must be changed in accordance with KHA password policy
 
  • All KHA systems with a high impact security assessment on Confidentiality and Integrity must apply:
    • Data Policy protection guidelines documented in the Security Solutions Descriptions document. (See Security Policy cell of online EA repository).
    • Two factor authentication for local and remote system users as laid out under “Logical Access Control” of the Security Solutions Descriptions document.
    • Principles of least privilege when provisioning user membership of system roles.
 
  • Regular audits and governance checks must be done on all privileged users (system super user accounts) to ensure that they have access only to the data that they need to do their job. Special consideration is given to this group of user roles because normal user access restrictions can be bypassed. Typical roles in this category are:
    • Database Administrators
    • System Administrators (root/administrator account)
    • Domain Administrators.(Domain Administrator account)
    • Service Accounts with administrative powers
Controls to be put in place to minimise unauthorised access by super users:
  • Hardening of the O/S: All well known services that are not in used are to be disabled and where possible de-installed. All Well Known service accounts are to be disabled.
  • Separation of roles and duties as described in the “Operational Security” section of the Security Solutions Descriptions document.
  • Add Intrusion detection mechanisms in place to detect changes in system and application configuration.

 
 

© 2010 CMU/Boeing Class - all rights reserved