| Version 2 (modified by , 8 years ago) ( diff ) |
|---|
UhlLinuxServer Risk Assessment
Tags: UhlLinuxServer Information_Governance_Category
1 Illicit Access to Server
1.1 Impact
- 1.1.1 Attacker could have access to data stored on the server
- 1,1.2 Attacker could corrupt data stored on the server
- 1.1.2 Attacker could change or corrupt the software running on the machine
1.2 Likelihood
- 1.2.1 The servers are available on the Internet and so open to attack
1.3 Mitigation
- 1.3.1 Access via ssh is only allowed from within the University of Leicester
- 1.3.2 Servers are behind a proxy server, which attackers would have to compromise before accessing the server itself.
- 1.3.3 Only ports 80 and 443 communication is allowed through the proxy server.
1.4 Improvements
2 Illicit Access to Data
2.1 Impact
2.2 Likelihood
2.3 Mitigation
2.4 Improvements
3 Illicit Use of Data by Employees
3.1 Impact
3.2 Likelihood
3.3 Mitigation
3.4 Improvements
4 Illicit Access to Software
4.1 Impact
4.2 Likelihood
4.3 Mitigation
4.4 Improvements
5 Communication Interception
5.1 Impact
5.2 Likelihood
5.3 Mitigation
5.4 Improvements
6 Software Security Vulnerability
6.1 Impact
6.2 Likelihood
6.3 Mitigation
6.4 Improvements
7 Data Loss or Corruption
7.1 Impact
7.2 Likelihood
7.3 Mitigation
7.4 Improvements
8 Software Loss or Corruption
8.1 Impact
8.2 Likelihood
8.3 Mitigation
8.4 Improvements
Note:
See TracWiki
for help on using the wiki.
