Security Framework
11 : Security Configuration and Management
11 SECURITY CONFIGURATION AND MANAGEMENT
Changes to the environment and the discovery of new vulnerabilities and threats will require updates to policy , firmware and software , so the security features of an Industrial Internet of Things system must be configurable and manageable , not statically defined . In addition , the deployed versions must be carefully controlled , configured and managed .
Periodic security compliance reports are often mandated and certainly advisable . Network and endpoint configurations should be analyzed periodically to report deviations from all relevant policies and to summarize compliance postures .
Figure 11-1 : Functional Breakdown for Security Configuration and Management
Security management must determine the security objectives of the system to be managed . These security objectives should identify the techniques to be used to ensure the confidentiality of information , the integrity of the endpoint and communications , and the availability of the system functions required for management .
11.1 SECURE OPERATIONAL MANAGEMENT VS . SECURITY MANAGEMENT IIoT system management has two related concerns .
Operational management is the configuration of the operational functionality of the system and its endpoints , including provisioning , operating system settings , physical and logical network settings , and the application configurations for the operational process .
IIC : PUB : G4 : V1.0 : PB : 20160926 - 105 -