Huh Chapter 2: IT infrastructure, a fajita fanfic

IT Infrastructure: The supporting IT architecture within most modern companies has multiple, interconnected technological components, with the core infrastructure on premise or outsourced hardware; software; and specialized personnel.

•It can be outsourced (causing the 'Quality System and Organization Controls SOC 2' engagements to grow in the recent years

•Applies to internal employees and auditors

SOC 2 criteria for reasonable assurance:

Security

Availability

Processing Integrity

Confidentiality

Privacy

SOC 2 engagements require auditors to have an advanced understanding of information technology terminology and technical expertise in the way in which key components of the modern IT landscape function.

Computer Hardware: include computers and end user devices.

•like laptops or desktops or back end devices like servers, server side equipment, switches, and routers.

End user devices: are electronic machines, that directly interact with employees or consumers at the point in a chain of applications or organization's IT architecture that interfaces with a human. Anything used by the "end" human. Doesn't have to be within the entity.

•Not: buildings, maintaining, or repairing. The underlying infrastructures.

Internal Computer Hardware:

•Microprocessor: the brain

•Graphics and sound cards

•hard drive: permanent storage

•Random Access Memory: temporary storage

•Power Supply

•Motherboard: connects

External Computer Hardware/peripheral devices

•Mice, keyboards, speakers, microphones, disk drives, memory devices, printers, scanners, network equipment

•Wireless or connected directly

Infrastructure Hosing

•facilities and the safeguards in those facilities that contain hardware, such as a data center or office, or advance security system to monitor and control access. It includes ventilation and climate control to prevent equipment from overheating.

Network Infrastructure : refers to the hardware, software, layout, and topology (connection and ability of communication) of network resources that enable connectivity and communication between devices on a computer network.

•Modem: allows a network to an internet service providers network, usually through a cable connection by receiving an analog signal from the internet service provider and translates those signals into digital signals. Each modem has a public IP address.

•Router: they manage network traffic by connecting devices to form a network. Links to modem and organization's switches or directly to the users device. Assign IP addresses.

•Swiched: similar to routers in that they connect and divide devices within a computer network, but it doesn't preform as many advanced function as a router. Can turn one network into multiple so multiple devices can share one network.

•Gateway: a computer or device that acts as an intermediary between different networks. interprets differing protocols and converts hem into appropriate format to facilitate network movement usually between a company network and the internet. Transforms data from one protocol into another so that information can flow between networks. One of the most common is Transmission Control Protocol aka the internet protocol.

•Edge-enabled Device: allows computing, storage, and networking functions to be closer to the devices where the request is from. Response time and operability is better.

•Servers: physical or virtual machines that coordinates the computers, programs, and data in the network. Most have a client/server model, where the client sends a request and the server provides the response. Examples: web, file, print, database servers.

•Firewall: hardware devices or software applications that protect a person's or a companies network traffic by filtering through it. Rules are aligned with the company policies and access guidelines. Overall it prevents unauthorized access to organizations or prevents employees from downloading or accessing restricted sites, allowing access to the internet without exposing assets.

Basic Pocket Filtering Firewall: works by analyzing network traffic that is transmitted in packets (data communicated) and determines whether that firewall software is configured to accept data. If not, it is blocked.

Trusted sources is another type of irewall.

Circit level gateway: verifying source

Application level gateway: inspects the packet itself, secure but slow

Network address translation firewall: is let in if there's already been an assigned address

Multilayer

Next Gen Firewall: assign different firewall rules to different applications.

Network Topology: refers to the physical layout equipment, or nodes (a point in time we are connecting to), in a network which is essential for understanding how to properly engineer the network for optimal performance

•each has a different requirement for components like length, data rate, etc.

•Bus Topology: any node can send something so to mitigate this cables must be terminated or communicate with each other. If central line fails the network is gone.

•Mesh: There are numerous connectors with all nodes being connected. Options of full or partial (where some are still like the bus topology). Disadvantage: cost to implement and maintain

•Ring Topology: Connected in a circular path, it must go through every other device between the source and destination first. Unidirectional (one direction) or Multidirectional (two way). Collision is reduced, but time intensive.

•Star Topology: Data passed through a central hub that acts as a switch or server, can be multiple hubs. You can tell what node went out.

Network Protocols: governs the way in which data are transmitted along the network. Based on method used, like cable or port.

•Open System Interconnection model was created by the ISO. Helps explain how devices work and communicate with each other by splitting it up into 7 layers

Application: Not the actual application but the interface between the application and the network protocol to transmit a message.

http, ftp, edi

Presentation: transforms the data into a format other devices using the same 7 step model can understand. Encryption occurs here.

JPEG, MPEG

Session: establish the connection and maintains it for as long as needed.

Transport: supports the communication from A to B. Involves setting rules for the reference, how much data is going, how to know if it has been lost.

TCP, UDP, SSL, TLS

Network: adds routing and addresses headers or footers, such as source and destination internet protocol addresses. It also detects errors.

IP, IIPSec, NAT, GMP

Data Link: format for transmission, defined by hardware and network being used. It adds the Media Access Control which identifiers that act as source and destination reference number to route messages to correct devices.

ISDN, PPTP, ARP

Physical: represents the actual networking device that transmits the message, converts messages transforming it into bits (101011) or puts the bits into messages.

HSSI, SONET

application to physical is encapsulation

physical to application is decapsulation

Network Infrastructure Architecture: refers to the way an organization structures its network from a holistic design standpoint considering network protocol, geographical layout, physical and logistical layout to determine if it is wired or on premise.

Two common types of network architecture designs:

•Local Area Network: provide network access to a limited geographical area

•Wide Area Network: provide access to a larger area.

internet.

•Software defined WAN: designed to help moitor and manage the traffic flow.

•Virtual Private Network/Remote Desktop connection: a virtual connection through a secure channel or tunnel that provides remote and secure access to an existing network

WANs connect other networks such as LANs together to provide broad coverage.

Software: consists of application, procedures, or programs that provide instructions for the computer.

•operating system: software that orchestrates the global functioning of a group of applications, hardware, and their performance by acting as an intermediary between those resource to allow a user to execute specific tasks. Defines parameters for managing a systems memory, processes, records, devices, and user interface.

By optimizing these functions, the OS balances resources in a way without delay and interruptions even with multiple applications running simuliating.

•Firmware: anything where the software is locally embedded in the hardware and instructs the hardware how to operate. Does not have to be update or can be updated not frequently.

•Mobile technology: refers to wireless-enabled devices that is connected or has the ability to connect to network or internet. Allows the user to connect during times of absence.

Can be EUD, or non EUD like routers, switches, firewalls etc. The difference being it is not working with the end user like stuff IT staff is using.

•Internet of Things (IoT) devices: is an extension of mobile technology since it requires either Bluetooth or an internet connection to a larger network. It's everything that's an outlier of a device.

Alexa, Siri, smart watch, Bluetooth earphone, garage door opener, dishwasher.

Cloud Computing: a computing model that uses a shared resource over the internet.

Cloud customers rent storage space, processing power, proprietary software, or a combo of the three on remote servers from another company. For customers of cloud computing, there's elasticity, customer benefits because they get the best of both worlds.

•pro- redundancy of data in multiple locations.

When companies acquire its own infrastructure rather than renting it, the company must purchase enough resources to cover its peak usage so the business can accommodate high-volume periods, but during low volume periods, costly infrastructure is idle.

Cloud Service Providers: third party that provides cloud computing services, maintains tech, have advanced skills, a company that uses purpose built infrastructure, usually working with more than one people.

Information found in SOC 2 reports may be needed for HIPPA.

Models of cloud computing:

•On Premises,

•Infrastructure as a Service (IaaS) all outsourced: company needs to make sure environment in which they operate is up and how they are using it. Outsource is responsible for management and update.

•Platform as a Service (PaaS) set of tools designed to create or deliver a service. CSP maintains back end stuff.

•Software as Service (Saas) CSP provides the software that organization uses to perform special functions or processes. CSP offers access to application via internet. Can be offered in conjunction to Business processes as a service.

•

How we deploy a cloud computing:

•Public: owned and managed by a CSP

•Private: created for a single organization and is managed by the organization or CSP

•Hybrid: at least two clouds, one which is unique Private, but with technology in place that facilities the portability of data and application between each entity.

•Community: shared by multiple organizations to support a common interest.

Committee of Sponsoring Organization (COSO):

Enterprise risk management framework (ERM) has 5 principles, and 20 supporting objectives to help make an informed decision about risk.

Enterprise Risk manamgent for Cloud Computing: allows 8 components and tailoring

•If you outsource, risk management still lays with the organization.

•May create a committee that oversees cloud computing efforts

•An org must consider: how CSP affects the org risk profile, impact performance, etc.

•Must be continuously updated and reassess ERM when there are changes to cloud.

Cloud Risks

•Security and Compliance

•The rate of competitor adoption

•Being in the same risk ecosystem as CSP and other tentants

•Transparancy

•Reliability and performance

•Lack of Application portability (vendor lock-in)

Additional risks when evaluating CSP and their services: cyberattacks, data leakage, IT organizational change, CSP long term viability

What if they move from private to public?What is the risk of adoption? What happened to transparency and compliance? Look at this graph and understand the risk.

How to reduce risk:

Policies reduce risk, determine safeguards are actually in place, management oversight, plans to manage incidents, access vendor lock-in exit strategies, consider larger regulatory environment, and noncompliance disclosure if trading publicly

Multi-tenant CSPs serve cloud customers using virtual common resources, so that multiple organizations share the same virtual infrastructure. Whether a client chooses a multi-tenant CSP environment will depend on their willingness to be in the same ecosystem as other tenants, the type of tenant or industry in which other tenants operate, and the cost of using dedicated resources versus shared infrastructure