London's Government - Enterprise Governance & Management Process

London’s Enterprise Governance and Management Process – Strengths and Weaknesses

London Government (2004) perform the review of network governance and management process regularly, along with several other aspects of city governance. While reviewing the enterprise givernance and management processes of the London Government against the industry average, there were several areas where city’s enterprise infrastructure was performing well above the industry average (London Gov, 2004). Key areas where city’s network performed well, fall under the domain controller policy settings and domain account policy values. In domain controller policy settings, network excelled in:

1. Account logon events

2. Account management

3. Directory service access

4. Login events

5. Object access

6. Policy change

7. Privilege use

8. System events

Under the domain accounts policy values, strength of governance and process management shined in:

1. Password length

2. Password age

3. Password history

4. Reversible password encryption

5. Password changes for machine accounts

Other areas of administration and management of London’s IT network were also evaluated, which include network operating system controls, management and support arrangements, logical access controls, network strategy, network device security controls, remote access security controls, and firewall configuration controls (London Gov, 2004). Some of the areas where further improvement is required falls under the premises of network operating system, logical access security, network device security, and firewall security.

Improvements in Network Operating System

Under network operating system, audit of process tracking is required to establish accountability for actions performed within the system. this will ensure that program activation, indirect object access, and process exits are tracked properly, which will result in effective auditing and improved fault analysis (London Gov, 2004). Another area under network operating system, which can be improved are remote service access rights and network services. Unnecessary remote logins should be removed to improve the security posture. Similarly, known and unknown features of network services can greatly affect the stability and security of network operating system, thus reduction in unnecessary network services is important. Lastly, user accounts of network operating system require clear mapping to network users; generic user accounts need to be removed such as clusterAdmin, domainUser etc. Generic user accounts compromise the accountability of network activities (London Gov, 2004).

Improvements in Logical Security

In logical access security, it is important to limit unlimited password guessing, which otherwise can lead to network intrusion (London Gov, 2004). Effective logical security measure will block the account after certain number of incorrect password attempts, which otherwise opens the door of brute force network access thus compromising the security of network (London Gov, 2004).

Improvements in Remote Access

In the remote network access area, restriction of remote user logins is desired to limit the risk of unauthorized network access using spyware while connecting remotely (London Gov, 2004). Remote users are required to be educated regularly to setup anti-virus software and firewall while accessing the network.

Improvements in Firewall Security

Around firewall security, penetration testing is desired to evaluate the effectiveness of network security, otherwise unauthorized access might go unnoticed (London Gov, 2004). Network penetration testing by multiple service providers will gauge the effectiveness of network firewall.

Summary

All the above areas identified in network operating system, logical security, remote network access and firewall security will establish accountability of user accounts and network changes, protect system from external unauthorized access, and improve network security posture. All the weak areas identified above are necessary for the efficient and secured IT infrastructure of company. Implementation of changes will improve the network governance and management process of IT infrastructure. Thus, it is highly recommended to implement all the suggestions for the efficient and secured operations, management and governance of enterprise network.

References

London Gov (2004). Deloitte – Final Internal Audit Report, Network and Communications. Retrieved from https://www.london.gov.uk/moderngov/CeListDocuments.aspx?MID=2909&F=SubIndex%24embed%24Agenda.htm&DF=13%2F07%2F2004&A=1&R=0