Domino Consulting - HCL Domino Administrator 11.0.1 Help

SECURING

Overview of Domino security

Setting up security for your organization is a critical task. Your security infrastructure is critical for protecting your organization's IT resources and assets. As an administrator, you need to give careful consideration to your organization's security requirements before you set up any servers or users. Up-front planning pays off later in minimizing the risks of compromised security.

Use the following tasks to guide you through your security planning:

Know the business.
Identify assets and threats (risk analysis).
Develop strategies to protect your computing environment.
Develop incident-handling procedures.
Plan and deliver employee training.
Keep processes current.

Know the business

This is the process of understanding your organization's business requirements and the service levels that need to be met. Identify all of the components of the business, including those that are not your direct responsibility. Include new acquisitions and any recent spin-offs. As part of this process, identify the trusted network and the non-trusted network. In some cases an extranet may be an extension of a trusted network.

Once you have an understanding of the business requirements, you can then begin to plan the specifics of your Domino® infrastructure, including:

Will more than one Domino domain be needed, or will the new domain need to interact with existing domains?
What is the best method to expose Domino data to the Internet?
What service levels are needed to support the business?
Who should have what level of access to the Domino Directory?

Identify assets and threats (risk analysis)

Identify the value of the assets you are trying to protect. Applications in your organization have different values. For example, in most organizations, the availability of the e-mail infrastructure is essential to business, but instant availability of all previous e-mails is less important. Then identify the threats from an internal as well as external perspective. Make sure you understand the potential loss to your organization in the event that any one of the threats is successful. Finally, determine the probability of the threat. For example, an automated attack from a compromised system is a near certainty, a server room failure from water damage is a distinct possibility, while the theft of a server's hard drive from the data center is usually not likely.

There are many different types of threats to any computing infrastructure:

Environmental destruction
Automated attacks or hackers on the Internet
Automated attacks from compromised systems in your intranet
Interfaces with less secure systems
Mistakes made by untrained or poorly trained users and administrators
Data interception or alteration for criminal profit
Malicious activity by former employees

You should also understand the Domino security model, in order to better understand the Domino assets you need to protect and how they can be protected.

Develop strategies to protect your computing environment

Once you understand the potential threats to your Domino environment, you can create policies to protect each part of your Domino computing infrastructure. This may include developing policies for the following areas:

Limits on physical access to your servers
Network access and protection
Messaging infrastructure, through the use of execution control lists and anti-virus products
Application security, through encryption and ACL management
Encryption key management, including ID recovery
Change control, through the use of the Domino Change Manager (or you can build your own)
User training for organizational security rules and technology
Security incident reporting

For more information on change control, see the related topics.

Develop incident handling procedures

An incident is an unplanned and unexpected event that requires immediate action to prevent a loss of business, assets, or public confidence. All security plans must have an incident handling component, as well as a feedback component for how incidents have been handled. Feedback helps to keep security plans and policies current.

Note: One of the best documents that describes the importance of incident handling is the National Institute of Standards and Technology's Contingency Planning Guide for Information Technology Systems (NIST Special Publication 800-34).

Incident handling includes:

Incident reporting plans and methods
Response procedures for each incident type
Incident response tests

Once you have your incident-handling plans in place, you will be better able to determine your requirements for:

Domino logging
Domino HTTP logging
Domino backup and restoring
Parameters for Domino event monitoring

Plan and deliver employee training

Make sure that your users know that security is everyone's responsibility. Based on your business needs, your should train your users on:

Domino security basics
Notes® IDs and how to protect them
Notes execution control lists and execution security alerts
Use of encryption and how to encrypt a mail message
Who to call in the event of a problem or a security incident.

Note: The National Institute of Standards and Technology published a document about the relationship among security awareness, training, and education, titled Information Technology Security Training Requirements: A Role- and Performance-Based Model (NIST Special Publication 800-16).

Keep processes current

This step is normally the most difficult, but is as critical as any of the other steps. Take the time to establish a program that will review security processes and procedures on a regular basis. Be sure to link the review to employee training. If changes are made, then employee training may need to be updated.

The Domino security model

The Domino security model is based on the premise of protecting resources, such as the Domino server itself, databases, workstation data, and documents. The resources, or objects, that are being protected are set up to define the rights of users to access and change the object. Information about access rights and privileges are stored with each protected resource. Thus, a given user or server may have different sets of access rights, depending on the resources to which that user or server requires access.

The Domino security team
Every organization should have a security team that is responsible for building, implementing, and managing the security infrastructure.

Security policies
You can set up a security settings document to manage and deploy execution control lists (ECLs) and Notes and Internet password settings and synchronization. As these two areas of security are user-specific and are frequently changed by users, you can use a security policy to enforce settings for these areas across the organization, and control the extent to which users can adjust or change these settings.

Setting up an Internet certificate authority
A critical area in security planning is determining whether and how to set up a certificate authority to issue Internet certificates. A certificate authority (CA), or certifier, is a trusted administration tool that issues and maintains digital certificates. Certificates verify the identity of an individual, a server, or an organization, and allow them to use SSL to communicate and to use S/MIME to exchange mail. Certificates are stamped with the certifier's digital signature, which assures the recipients of the certificate that the bearer of the certificate is the entity named in the certificate.

Parent topic: Securing

Related tasks
Backing up the Domino server

Help on Help

All Help Contents

Help on Help

All Help Contents