Posted by: Robert Davis
Configuration Management, Control Methods, Echo Check, Hardware Controls, Information Communication Technology, Information Security, Infrastructure Management, Integrity, IT Architecture, IT Configuration, IT Hardware, IT Security, Risk Management
Deploying appropriate hardware communication controls
Hardware size and accessibility make transportability an issue because of uncertainty that an installed configuration has appropriate controls. Small IT configurations have unique hardware characteristics that distinguish them from large IT configurations. Wherefore, operating systems for many small IT configurations are idiomatic because programs that run in interpreter mode are easy to modify without detection.
Nevertheless, objectives of control systems remain the same with small hardware configurations as they are with any other IT processing — prevent, detect, and correct errors, mistakes, or omissions. However, the differences in the small configuration’s IT environment typically is the accentuation placed on various controls and the availability of compensating or mitigating controls.
For small configurations, control emphasis changes in order to compensate, or mitigate, for some of the weaknesses inherent in the IT environment. Yet, the problem sometimes encountered in the area of hardware controls can be avoided by relying on infrastructure acquisition and development controls. Consequently, IT hardware should not be acquired or developed if they lack the necessary controls to ensure expected processing reliability and integrity.
Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.
Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284
Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 230-1, 490, 499
“View Part I of the IT Hardware Duplicity and Echo Checks series here”
Post Notes: “IT Hardware Duplicity and Echo Checks” was originally published through Suite101.com under the title “IT Hardware Duplicity and Echo Checks”.
Warning! Excessive external echo checking may be a hacker or cracker attempting a Denial of Service (DoS) attack. Therefore, continuous echo check monitoring is required when the Internet Control Message Protocol (ICMP) Echo Request setting is turned on.