Use the following tasks to guide you through your security planning:

• Know the business.
• Identify assets and threats (risk analysis).
• Develop strategies to protect your computing environment.
• Develop incident-handling procedures.
• Plan and deliver employee training.
• Keep processes current.

This is the process of understanding your organization's business requirements and the service levels that need to be met. Identify all of the components of the business, including those that are not your direct responsibility. Include new acquisitions and any recent spin-offs. As part of this process, identify the trusted network and the non-trusted network. In some cases an extranet may be an extension of a trusted network.

Once you have an understanding of the business requirements, you can then begin to plan the specifics of your IBM® Lotus® Domino™ infrastructure, including:

• Will more than one Lotus Domino domain be needed, or will the new domain need to interact with existing domains?
• What is the best method to expose Lotus Domino data to the Internet?
• What service levels are needed to support the business?
• Who should have what level of access to the Lotus Domino Directory?

Identify the value of the assets you are trying to protect. Applications in your organization have different values. For example, in most organizations, the availability of the e-mail infrastructure is essential to business, but instant availability of all previous e-mails is less important. Then identify the threats from an internal as well as external perspective. Make sure you understand the potential loss to your organization in the event that any one of the threats is successful. Finally, determine the probability of the threat. For example, an automated attack from a compromised system is a near certainty, a server room failure from water damage is a distinct possibility, while the theft of a server's hard drive from the data center is usually not likely.

There are many different types of threats to any computing infrastructure:

• Environmental destruction
• Automated attacks or hackers on the Internet
• Automated attacks from compromised systems in your intranet
• Interfaces with less secure systems
• Mistakes made by untrained or poorly trained users and administrators
• Data interception or alteration for criminal profit
• Malicious activity by former employees

Develop strategies to protect your computing environment

Once you understand the potential threats to your Lotus Domino environment, you can create policies to protect each part of your Lotus Domino computing infrastructure. This may include developing policies for the following areas:

• Limits on physical access to your servers
• Network access and protection
• Messaging infrastructure, through the use of execution control lists and anti-virus products
• Application security, through encryption and ACL management
• Encryption key management, including ID recovery
• Change control, through the use of the Lotus Domino Change Manager (or you can build your own)
• User training for organizational security rules and technology
• Security incident reporting

Develop incident handling procedures

An incident is an unplanned and unexpected event that requires immediate action to prevent a loss of business, assets, or public confidence. All security plans must have an incident handling component, as well as a feedback component for how incidents have been handled. Feedback helps to keep security plans and policies current.

Note One of the best documents that describes the importance of incident handling is the National Institute of Standards and Technology's Contingency Planning Guide for Information Technology Systems (NIST Special Publication 800-34).

Incident handling includes:

• Incident reporting plans and methods
• Response procedures for each incident type
• Incident response tests

• Lotus Domino logging
• Lotus Domino HTTP logging
• Lotus Domino backup and restoring
• Parameters for Lotus Domino event monitoring

For information on backing up Lotus Domino, see the topic Backing up the Domino server.

For more information on event monitoring, see the topic Using events to monitor the Domino server.

Plan and deliver employee training

Make sure that your users know that security is everyone's responsibility. Based on your business needs, your should train your users on:

• Lotus Domino security basics
• IBM® Lotus® Notes® IDs and how to protect them
• Lotus Notes execution control lists and execution security alerts
• Use of encryption and how to encrypt a mail message
• Who to call in the event of a problem or a security incident.

Keep processes current

This step is normally the most difficult, but is as critical as any of the other steps. Take the time to establish a program that will review security processes and procedures on a regular basis. Be sure to link the review to employee training. If changes are made, then employee training may need to be updated.

See also

The Domino security model
Contingency Planning Guide for IT Systems on csrc.nist.gov
Information Technology Security Training Requirements: A Role- and Performance-Based Model on crsc.nist.gov

Glossary