Essay Sample Content Preview:
Security Risk Analysis
Student
Institution
Security Risk Analysis at John Hopkins Hospital
Introduction
Security risk analysis often referred to as risk assessment is essential to the security of all organizations. It is fundamental in ensuring that the implemented controls are in line with the risks that the organization faces. However, as technologies continue to advance, some have excessive risks with more rewards while others have lots of risks with no rewards. The amount of risks in a system is dependent on the type of technology. Therefore, it is important for enterprises to regularly conduct risk assessments which are an effective tool to determine and prevent violations within the enterprise. The security risk analysis report is useful to the management in informing decision-making processes that are aimed at minimizing inbound threats that would jeopardize the smooth running of operations. In ordinary circumstances, those targeted for the risk assessment include management level staff.
The security analysis exercise is often aimed at increasing responsiveness towards the organization's information technology initiatives focused on security. It ensures a better understanding of corporate programs and benchmarks the company's performance based on a comparison with other players in the same sector. The analysis also informs new proposals to improve the information security needs of the enterprise. Additionally, it enables the organization establish if the system has excessive risks or lots of risks. Excessive risks are those risks that have more rewards while lots of risks have no rewards.
Why conduct a security risk analysis?
Several explanations are advanced for the need to conduct an SRA. The technologies deployed in the hospital are adapted to their application depending on the general IT infrastructure requirements. The IT network of the hospital covers all departments and therefore systems deployment is characterized by various factors among them the technology infrastructural needs of every department. This characterization is significant in determining the resource allocation to each of these segments. Threat identification is a key component in the SRA. It informs the assessment of the threats and gives strategies to mitigate them. There are also system vulnerabilities which if not identified, can lead to system downtimes which can otherwise be mitigated. Overall, the outcomes of the SRA will address the focal areas of improved patient experience, improved health and a reduction in technology costs while staying compliant with the regulatory institutions. The hospital information systems management has a requirement to deal with both physical and virtual environments effectively because information concerning device discovery, device, and software inventories, as well as operating system inventories, is critical to successfully mitigate risks. Physical device inventory including MAC addresses, RAM and configurations are stored locally on the machine (Thorat et al., 2013).
Virtualization
So as to increase the efficiency of the IT environment, resource utilization is mapped logically in a virtual environment where access can be managed by a virtual machine, which uses specialized software, called a VMware (Lim et al., 2011). The technology integrates many elements such as server and storage facilities, network devices and software. The virtual machine runs independent virtual hardware facilities, operating systems, and applications as though it was a physical machine.
The activities of virtual machines are logged and are therefore easy to recall in case they need to be referenced for forensic purposes. The virtual machine can be accessed for generated images, memory dump, machine logs and configuration files. However, it's notable that there is little chance of intrusion into virtual environments which use technologies such as Citrix, VMware or Microsoft. The bare metal architecture of a virtual environment has a hardware layer, composed of VMware servers and a standard enterprise platform on which they run, followed by the virtualization layer. The guest operating system interacts with the virtualization layer using applications. The virtualization technology encapsulates both the OS and applications in a Virtual Machine Monitor (Zhong et al., 2015). Analysts install a module that gives them kernel level privileges that enable them to conduct forensic investigations with ease. When a VMM has more code it is more prone to vulnerabilities. In virtualized environments, where machines may not be online all the time, use of traditional patching and vuln...