The United States Department of Homeland Security (DHS) is the U.S.federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management. In 2009, the DHS’s Office of the Chief Information Officer, Information Technology Services Office and Risk Management Control Division were faced with the challenge of unifying 21 component agencies. Their challenge was to strengthen the components through the creation of one secure network and reduce the number of data centres. In order to do this, the DHS needed to coordinate centralized, integrated activities across components that are distinct in their missions and operations. With scores of administrators accessing key critical national infrastructure at these core data centres, the DHS’ Risk Management Control Division was tasked with ensuring contained access and monitoring, logging and tracking all administrative changes to its systems. In addition to stringent security policies, the DHS is subject to compliance regulations including Federal Desktop Core Configuration (FDCC) standards. The DHS needed a solution that would allow it to support the component consolidation effort, transforming the 21 sites by unifying and controlling access to key servers at those sites while maintaining the separation of duties within and across the component agencies. It also needed a solution that could quickly and easily be dropped into technology already in place. This was a challenging task because the DHS has a wide range of platforms and operating systems, including mainframes, UNIX, LINUX and Microsoft Windows.
As part of the selection process, the DHS vetted several cyber security products from a variety of market leading vendors. The cyber security product enforces fine grained access control policy on users for compliance and security risk management.
1-What is the cyber security solution criteria for the DHS? (3.5 marks)
2-Explain how the cyber security solution for the DHS can provide users with the access control policy; containing them to authorized systems and applications; and, monitor, log, record and report their activities for compliance and security risk management? (4 marks)