| Version 2 (modified by , 9 years ago) ( diff ) |
|---|
UhlLinuxServer Risk Assessment ¶
Tags: UhlLinuxServer Information_Governance_Category
1 Illicit Access to Server ¶
1.1 Impact ¶
- 1.1.1 Attacker could have access to data stored on the server
- 1,1.2 Attacker could corrupt data stored on the server
- 1.1.2 Attacker could change or corrupt the software running on the machine
1.2 Likelihood ¶
- 1.2.1 The servers are available on the Internet and so open to attack
1.3 Mitigation ¶
- 1.3.1 Access via ssh is only allowed from within the University of Leicester
- 1.3.2 Servers are behind a proxy server, which attackers would have to compromise before accessing the server itself.
- 1.3.3 Only ports 80 and 443 communication is allowed through the proxy server.
1.4 Improvements ¶
2 Illicit Access to Data ¶
2.1 Impact ¶
2.2 Likelihood ¶
2.3 Mitigation ¶
2.4 Improvements ¶
3 Illicit Use of Data by Employees ¶
3.1 Impact ¶
3.2 Likelihood ¶
3.3 Mitigation ¶
3.4 Improvements ¶
4 Illicit Access to Software ¶
4.1 Impact ¶
4.2 Likelihood ¶
4.3 Mitigation ¶
4.4 Improvements ¶
5 Communication Interception ¶
5.1 Impact ¶
5.2 Likelihood ¶
5.3 Mitigation ¶
5.4 Improvements ¶
6 Software Security Vulnerability ¶
6.1 Impact ¶
6.2 Likelihood ¶
6.3 Mitigation ¶
6.4 Improvements ¶
7 Data Loss or Corruption ¶
7.1 Impact ¶
7.2 Likelihood ¶
7.3 Mitigation ¶
7.4 Improvements ¶
8 Software Loss or Corruption ¶
8.1 Impact ¶
8.2 Likelihood ¶
8.3 Mitigation ¶
8.4 Improvements ¶
Note:
See TracWiki
for help on using the wiki.
