Changes between Version 5 and Version 6 of UhlLinuxServer Risk Assessment

Timestamp:

08/26/16 13:17:56 (8 years ago)

Author:

Richard Bramley

Comment:

--

UhlLinuxServer Risk Assessment

@@ -122 +122 @@
 === 6.2 Likelihood
 
-- Vulnerabilities in software are constantly coming to light and internet available sights are always at risk.
+- 6.2.1 Vulnerabilities in software are constantly coming to light and internet available sights are always at risk.
 
 === 6.3 Mitigation
 
-- Software is kept up to date
-- Exploits often involve opening SSH ports, that are restricted through the proxy
-- Applications are run as a restricted user account that does not have permission to make configuration changes
+- 6.3.1 Software is kept up to date
+- 6.3.2 Exploits often involve opening SSH ports, that are restricted through the proxy
+- 6.3.3 Applications are run as a restricted user account that does not have permission to make configuration changes
 
 === 6.4 Improvements
@@ -136 +136 @@
 === 7.1 Impact
 
+- 7.1.1 Jeopardize feasibility of studies where data is lost
+
 === 7.2 Likelihood
 
+- 7.2.1 A major loss would require a catastrophic failure
+- 7.2.2 A smaller loss or corruption of data is much more common
+
 === 7.3 Mitigation
+
+- 7.3.1 Data is backed up daily and kept for 3 months
+- 7.3.2 The VMs are also backed up daily and stored securely off site
 
 === 7.4 Improvements
@@ -146 +154 @@
 === 8.1 Impact
 
+- 8.1.1 Interrupt progress of studies until systems can be restored
+
 === 8.2 Likelihood
+
+- 8.2.1 A major loss is unlikely, but minor problems can easily occur when software is being upgraded
 
 === 8.3 Mitigation
 
+- 8.3.1 VMs are backed up daily and stored securely off site
+- 8.3.2 Software is stored in source code repositories that are backed up and any version can be retrieved
+- 8.3.3 Processes to install software are documented within TRAC and automation is employed to simplify the process
+
 === 8.4 Improvements
 
+- 8.4.1 Move automation should be introduced
+
 [[BackLinks]]