Alarms, incidents and maintenance management
Supervisors are present 24/7/365 and are warned of any defects by a visual alarm, sound and on paper. All this information is supervised by two terminals which allow to visualize and control the installations’ functioning status. These terminals are placed in two separate rooms. The installed system allows each customer to be connected to his or her installations through a dedicated terminal in his or her premises or from remotely. Alarms are also reported in real time on two printers connected to the network. Archiving is for one year. The fire alarms are reassembled on the fire detection racks, installed in the security facility.
An incident under the contract is considered to be any malfunction, which may cause a degrada-tion to the service, sensed by the customer. Two types of incidents are listed:
• The incident is not due to a malfunction of the services provided by DATA4 (eg: hardware incident on a client server). In this case, the customer is responsible for the diagnosis and the resolution. The customer can request DATA4 to perform interventions, in the context of the proximity service (if the offer was subscribed by the customer).
• The incident is due to a malfunction of the services provided by DATA4 (electrical incident).
In this case, the host is responsible for the diagnosis and the resolution. DATA4 works on with the customer until the final resolution is achieved.
In the case of a major incident, it is subject to establish a first report in 24 hours containing the following elements: chronology of the events, potential causes, residual or recurring risks, first measures of actions. . .
Through the redundant infrastructure architecture, DATA4 organizes scheduled or other mainte-nance operations on its site without disrupting client’s equipment. DATA4 communicates customer maintenance schedules on an annual basis. In the case of a major incident, DATA4 may have to carry out urgent maintenance, in order to repair a major malfunction. The client is pro-actively informed in this kind of crisis.
3.3.10 Conclusion
In conclusion, we would like to emphasize the high-level risk management performed in a data center, both in terms of physical intrusions, and in terms of services’ redundancy (electricity, air -conditioning. . . ). The user administers the servers he or she leases (update, monitoring. . . ). It is not the role of a data center to ensure this. To simplify the discourse, we could say that the data center must ensure the functioning of the client’s servers in 24-hour mode, by taking on its charge, the management of the major risks which a customer cannot afford, due to prohibitive costs for example.
A data center is like apooling systemof the major risks which can hinder the digital services’ offer of a client / user.
3.4 Structure of the EBIOS risk management method
In this section we introduce an example of the risk analysis conduct using the EBIOS method, which we presented in the previous two chapters, both in terms of vocabulary and methodology. It is therefore recommended that you have read the previous chapters before approaching this case study.
In this section we will therefore give an overview of the EBIOS risk management method through the main steps of the analysis process, as described by the ANSSI in the documentation of the EBIOS methodology.
3.4.1 An iterative process in five modules
The method formalizes a risk management approach divided into five modules as shown in the Figure 3.9.
Figure 3.9: The five steps of the EBIOS iterative method
The process is called iterative. Indeed, it will be repeated several times, to each module, to gradually improve the content, and the overall approach will also be refined and updated continuously.
3.4.2 Module 1 – Study of the context
The purpose of this module is to collect the necessary elements for the risk management, so that it can be implemented in good conditions, adapted to the study context’s reality, and its results be relevant and usable by the stakeholders.
Particularly, it allows to formalize the risk management framework, in which the study will be conducted. It also makes it possible to identify, delimit and describe the scope of the study, as well as issues, its context of use, its specific constraints.
By the end of this module, the field of investigation, of the study, is thus clearly delimited and described, as well as all the parameters to be taken into account in the other modules.
The module includes the following activities:
• Activity 1.1 – Define the risk management framework: summary of the risk management framework, parameters to be taken into account, sources of threats
• Activity 1.2 – Prepare the Metrics: Security Criteria (Confidentiality, Availability, Integrity), Measurement Scales, Risk Management Criteria
• Activity 1.3 – Identify the study’s assets: essential assets of the professions (MOA), support assets of the computer science (MOE), crossed table essential assets / assets, existing eventual security measures.
3.4 Structure of the EBIOS risk management method
By the end of the first module, which forms a part of the context setting, the risk management framework, the metrics and the scope of the study are perfectly well known; the essential assets, the support assets on which they remain, and the parameters to be taken into account and are identified in the processing of the risks.
Let us take the case study which was provided during the training by ANSSI, the architectural firm "@RCHIMED". The following essential assets are identified:
• prepare quotes (estimation of the overall cost of a project, negotiations with customers. . . );
• create plans and calculate the structures;
• create visualizations;
• create the content of the website.
The support assets which enable them to be realized are given in Figure 3.10.
Figure 3.10: The architectural firm’s support assets, a case used to illustrate the EBIOS approach during the ANSSI trainings
The essential assets are provided with the support assets, according to the referencing chart presented in Figure 3.11.
3.4.3 Module 2 – Étude des événements redoutés
The second module contributes to the risk assessment. It allows to identify and estimate the security needs of essential assets (in terms of availability, integrity, confidentiality, traceability), as well as all the impacts (on the missions, on the security of the people, legal financiers, on the image, on the
Figure 3.11: The essential assets of our using case