We have defined integrity as one of the three pillars of IT. Now let’s define what we mean by application and system integrity:
- The application returns the expected results.
- Applications and data are available to authorized users.
- Access and modification based on authorization.
- Applications and data are not available to unauthorized users.
- Access and modification prevented.
- Systems and applications have not be modified in an unapproved way.
- All modifications and attempts are recorded and reported.
- Systems and applications can be verified and validated.
- The system is resilient.
An interesting list – we need to break it down in more detail:
The application returns the expected results.
This is really the core of everything. If we can’t rely on the application to return the expected results then nothing else matters. Note that we aren’t saying “correct results” – there may be a variety of reasons for a system to return “incorrect results”, such as rule or procedure changes, logic errors, or even using work-arounds to force a system to do what is desired. Expected results means that they system is behaving predictably.
Applications and data are available to authorized users.
Another key element of system integrity is that authorized users can always get to their applications and data.
Access and modification based on authorization.
A key part of integrity – as well as security – is that users must be authorized to access and modify data. This includes the initial setup of access controls as well as maintenance over time. For example, if a user who has access to 20 different applications leaves the company, how are the systems updated? In general, a domain based authorization and authentication approach such as Red Hat Identity Manager or Microsoft Active Directory is strongly recommended.
Applications and data are not available to unauthorized users.
Giving access to everyone is often easy. Restricting access to only the people who are authorized to have access can be more difficult. To maintain system integrity, unauthorized users must not have access to data or applications.
Unauthorized Access and modification prevented.
The system must prevent unauthorized access to information and especially must prevent unauthorized modification of information. Doing this involves work in multiple areas, including technology, configuration, infrastructure, and policies and procedures.
Managing access to applications and data typically involves authentication and access control – often a combination of individual user access and Role Based Access Controls (RBAC).
Systems and applications have not been modified in an unapproved way.
Now we’re clearly getting into the domain of security. There are two things to keep in mind here: First, systems must be maintained. It is not acceptable to allow systems to “just work” – they must be actively maintained and monitored. Second, you must ensure that no unauthorized or unapproved modifications to the system occur.
All modifications and attempts are recorded and reported.
Key for both operations management and security is that all attempts to change a system must be noticed, recorded and reported. It is vital to track all changes made to a system.
Systems and applications can be verified and validated.
It isn’t enough for a system to work – you must be able to determine if the system has the correct software installed, that the software is properly configured, that the software is at the proper revision level, and that the software and configurations have not been modified.
Modifications can occur in multiple ways. A virus can infect a program. A hardware failure can corrupt the software, often in unusual ways. A patch can be applied incorrectly. No matter how changes occur, you must be able to verify that the software installed on the system is correct down to the bit level.
The system is resilient.
Resiliency is interesting. It simply means that the system continues function correctly in the face of degradation. You may see reductions in performance or the loss of some features, but the core capabilities of the system that generate business value must be available and produce the expected results.
System resiliency can be achieved in many ways. In future articles we will explore a variety of threats to a system and ways they system can continue to function. These threats range from hackers to hardware failure, natural disasters to user error – and even the actions of management!