• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.001 ■ Fall 2023 ■ David Lanter
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit #1: Understanding an Organization’s Risk Environment
      • Unit #2: Case Study 1 – Snowfall and stolen laptop
      • Unit #2: Data Classification Process and Models
      • Unit #3: Risk Evaluation
      • Unit #4 Case #2: Autopsy of a Data Breach: The Target Case
      • Unit #5: Creating a Security Aware Organization
      • Unit #6: Physical and Environmental Security
    • Second Half of the Semester
      • Unit #8 Case Study 3 – A Hospital Catches the “Millennium Bug”
      • Unit #9: Business Continuity and Disaster Recovery Planning
      • Unit #10: Network Security
      • Unit #11: Cryptography, Public Key Encryption and Digital Signatures
      • Unit #12: Identity Management and Access Control
      • Unit #13: Computer Application Security
  • Deliverables
    • Weekly Deliverables
      • “In the News” Articles
      • Answers to Reading Discussion Questions
      • Comments on Reading Discussion Question and Other Students’ Answers
    • Case Studies
    • Team Project

Question 2

October 26, 2023 by David Lanter 20 Comments

Suppose an organization is only able to filter and selectively block either: a) network traffic coming into its intranet from the internet (incoming) or b) network traffic going out to the internet (outbound).  With respect to each of the 3 information system security objectives (i.e. confidentiality, integrity, and availability), if you could only filter and selectively block one network traffic direction which one you would you concentrate on and why?

Filed Under: Unit 10: Network Security Tagged With:

Reader Interactions

Comments

  1. Yannick Rugamba says

    October 29, 2023 at 4:13 pm

    Protection of Confidentiality:
    To safeguard against the leakage of data and ensure that authorized personnel can transmit information it is important to prioritize monitoring outbound traffic.

    Ensuring Data Integrity:
    By giving attention to traffic, we can effectively block internal threats preventing unauthorized access and data corruption.

    Maintaining Availability:
    The emphasis should be placed on managing traffic to shield against attacks such, as DDoS. This ensures that network services remain accessible and reliable.

    In conclusion striking a balance, between monitoring both outgoing traffic is crucial. However, it is advisable to prioritize traffic for the purpose of safeguarding data integrity.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 3:12 am

      Yanick, I agree with the point you mentioned. The importance of striking a balance between monitoring outgoing and incoming traffic and Prioritizing traffic for safeguarding data integrity is advisable, indicating that not all network traffic requires the same level of scrutiny.

      Log in to Reply
  2. Nicholas Nirenberg says

    October 29, 2023 at 4:31 pm

    If an organization can only filter one direction of network traffic, focusing on outbound traffic is crucial. By monitoring and controlling data leaving the network, it safeguards confidentiality by preventing data leaks and unauthorized sharing. Additionally, it helps ensure availability by blocking malicious outbound traffic, preventing internal systems from being compromised. While filtering incoming traffic is important for integrity, controlling outbound traffic addresses both confidentiality and availability concerns effectively.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 3:21 am

      Nic, you provide a well-reasoned and practical approach showing how concentrating on outbound traffic can significantly benefit safeguarding data and ensuring the security and availability of an organization’s network. I agree.

      Log in to Reply
    • Eyup Aslanbay says

      October 31, 2023 at 2:16 pm

      An astute observation on the significance of monitoring outbound network traffic. Your emphasis on safeguarding confidentiality and ensuring availability showcases a deep understanding of network security priorities. It’s refreshing to see such a concise yet comprehensive take on this aspect of network management.

      Log in to Reply
    • Jon Stillwagon says

      October 31, 2023 at 10:32 pm

      Nicholas, that is very true and they would be able to detect more of disgruntled employees that are trying to cause harm to the company. I put that blocking the incoming traffic would be able to protect the confidentiality of the company because they would be able to protect themselves from outside attacks from other people that want to do harm to the company and to keep sensitive information such as projects or processes within the company to fake out competitors.

      Log in to Reply
  3. Bo Wang says

    October 29, 2023 at 4:33 pm

    Incoming (Inbound) Traffic:Prioritizes protecting the organization’s internal resources and data from external threats. Emphasizes confidentiality and integrity. Reduces the risk of external attacks that could disrupt services.
    Outgoing (Outbound) Traffic: Focuses on preventing data breaches, unauthorized data transfers, and the spread of malware from within the network. Prioritizes confidentiality and integrity by restricting data leaving the organization. Indirectly supports availability by preventing disruptions caused by malware or unauthorized outbound connections.
    I prefer the Outgoing (Outbound) Traffic because it can protect organzation from data breach which is the most frequently threat in the world.

    Log in to Reply
    • Edge Kroll says

      October 31, 2023 at 5:38 pm

      Hi Bo,

      I agree with you fully, safeguarding sensitive data from unauthorized transfers and malware propagation within the network is crucial for maintaining the security and integrity of an organization’s information. I believe that choosing to prioritize outbound traffic is a more proactive approach, as things like data breaches or unauthorized sharing of data is much more common.

      Log in to Reply
  4. Celinemary Turner says

    October 29, 2023 at 6:56 pm

    . If I could only filter and selectively block one network traffic direction, I would concentrate on Incoming. The main reason for this is that it is typically much more accessible for an attacker to exploit vulnerabilities in systems exposed to the internet than it is to attack systems behind a firewall. By filtering and selectively blocking incoming traffic, organizations can reduce their exposure to attacks and prevent attackers from accessing sensitive data. Filtering and blocking incoming traffic help protect confidentiality by preventing unauthorized access and reducing the risk of data breaches. Blocking and filtering incoming traffic can protect the integrity of the organization’s systems and data, by blocking malicious content, such as malware and viruses, from entering the network. However, concentrating on incoming traffic is typically a more effective way of protecting information systems than concentrating on outgoing traffic. This is because it is usually easier to filter and selectively block incoming traffic, and doing so can help to prevent attackers from accessing sensitive data.
    In conclusion, blocking and selectively filtering incoming traffic (from the internet to the intranet) is often considered the primary focus for protecting all three security objectives. External threats, including malware, hacking attempts, and DDoS attacks, pose a significant risk to an organization’s confidentiality, integrity, and availability. By controlling what comes into the network, an organization can reduce the attack surface and address various potential threats.

    Log in to Reply
    • Yannick Rugamba says

      October 30, 2023 at 7:02 pm

      Hi Celinemary,
      I understand your perspective, on prioritizing traffic to minimize exposure to threats. Your point about the vulnerability of systems connected to the internet is valid and insightful.
      However, have you also considered the significance of outbound traffic? It’s like when we send emails – we need to ensure that no sensitive information leaves our network without authorization. By monitoring outbound traffic, we can guarantee that our confidential data remains within the organization preserving its integrity and limiting access, to personnel.

      Log in to Reply
      • Celinemary Turner says

        October 31, 2023 at 3:25 am

        Yes Yannick, I agree with you, monitoring outbound traffic is very essential.

        Log in to Reply
  5. Edge Kroll says

    October 29, 2023 at 8:18 pm

    When choosing to selectively filter and block network traffic in one direction, the decision should align with an organization’s primary security objective. To prioritize confidentiality, focus on incoming traffic to prevent external threats from accessing sensitive data. To emphasize data integrity, concentrate on outbound traffic to mitigate internal data breaches and malware propagation. To ensure availability, block incoming traffic to reduce the risk of external attacks disrupting services. Most organizations balance these objectives through a combination of inbound and outbound filtering based on their specific security needs and risk assessments. If I had to choose I would focus on the outbound traffic, as this allows the organization to ensure that its critical data is protected, and protects the best against potential data breaches, and other unauthorized sharing of company information.

    Log in to Reply
    • Bo Wang says

      October 31, 2023 at 8:52 pm

      My choice, like yours, is to focus on outbound traffic, which can protect organizations from data breaches

      Log in to Reply
  6. Jon Stillwagon says

    October 29, 2023 at 10:14 pm

    I would filter and block the incoming traffic direction because if I were to look at an organization they have information that should be kept confidential. It would limit the amount of people trying to get into the system to cause harm to the organization or to steal something. If I were to block the traffic going out then whoever got in would stay in and could cause harm to the system. Then depending on what they did they might have to buy new hardware which could be very costly. It would limit if not eliminate the amount of competitors using the information that the organization has so other companies won’t be able to follow in the same footsteps. It would also keep newly developed projects to remain unavailable till they are ready to be distributed or implemented.

    Log in to Reply
  7. Hashem Alsharif says

    October 29, 2023 at 11:54 pm

    When looking at Confidentiality, I would choose outbound traffic. This is due to whenever an organization has information leaving the company, you must make sure nothing there is confidential and by focusing on outbound traffic, it makes it easier to pinpoint what leaves.

    For Integrity, it would be optimal to focus on outbound traffic. This is because you can ensure that data leaving the organization hasn’t been maliciously changed by anyone.

    Lastly, for Availability, I would look at Incoming traffic. This is because by blocking incoming traffic you lower the risk of attacks that could disrupt the network.

    Log in to Reply
    • Nicholas Nirenberg says

      October 31, 2023 at 12:29 pm

      Hi Hashem, focusing on outbound traffic for confidentiality and integrity is also my choice as it allows for precise monitoring of sensitive data leaving the organization and prevents malicious alterations. Also, your emphasis on blocking incoming traffic to enhance availability demonstrates a proactive measure in safeguarding the network against disruptive attacks, ensuring its stability for legitimate users.

      Log in to Reply
  8. Eyup Aslanbay says

    October 30, 2023 at 2:33 pm

    If I consider the principles of confidentiality, integrity, and availability, I would choose to focus on incoming traffic. Let me explain why.

    Confidentiality ensures that sensitive data is protected. By controlling incoming traffic, we prevent outsiders from accessing our sensitive data. On the other hand, controlling outbound traffic prevents our sensitive data from being shared externally. If confidentiality is the primary concern, it might seem better to focus on outbound traffic.

    Integrity ensures that data is not altered without permission or that unauthorized access is prevented. Controlling incoming traffic blocks malicious actors from tampering with our data. Controlling outbound traffic can prevent unauthorized data transfers. When it comes to integrity, filtering incoming traffic is more effective in warding off potential threats.

    Availability ensures that systems and data are always accessible when needed. By controlling incoming traffic, we block malicious attacks that could disrupt our services. For ensuring availability, filtering incoming traffic is more effective in preventing attacks and keeping resources available.

    After analyzing all these factors, if I had to choose between filtering incoming or outgoing traffic, I would prioritize incoming traffic.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 3:34 am

      Hi Eyup,
      You Provide a thoughtful and well-reasoned argument for prioritizing the filtering of incoming network traffic when considering the principles of confidentiality, integrity, and availability. This showcases a thorough consideration of how focusing on incoming traffic can effectively address the core principles of information security.

      Log in to Reply
  9. Ooreofeoluwa Koyejo says

    October 31, 2023 at 5:09 pm

    In most cases, protecting against external threats by filtering and selectively blocking incoming traffic is a higher priority, as it forms the first line of defence against external threats. However, a well-balanced security strategy should also include measures to monitor and control outgoing traffic to prevent data leakage and ensure that internal systems do not inadvertently participate in malicious activities. Ultimately, the choice should be based on the organization’s specific risk profile and security objectives.

    To maintain Confidentiality: Prioritize filtering and selectively blocking incoming traffic to protect the confidentiality of sensitive data and prevent external threats from compromising internal systems.

    To maintain Integrity: Concentrate on filtering and selectively blocking incoming traffic to protect the integrity of internal systems and data from external threats.

    To maintain Availability: Prioritize filtering and selectively blocking incoming traffic to protect the organization’s availability by mitigating external threats that could disrupt services.

    Log in to Reply
    • Hashem Alsharif says

      October 31, 2023 at 10:28 pm

      I think you made a valid point in regards to Integrity. The entire premises of external attacks harming a company is because an external attack made its way into the company. By selectively taking a look at incoming traffic, it allows you to have extra precaution with what enters your internal systems. For me, I chose outbound traffic as it will allow you to see if any information has been tampered with. But after going through your explanation, you bring good points forward that I didn’t consider at first. I wonder if it’s possible to enter a company’s internal system, but be able to extract data without leaving behind any tracks for someone to check if the information has been altered.

      Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Unit 01: Understanding an Organization's Risk Environment (5)
  • Unit 02: Case Study 1 – Snowfall and a stolen laptop (2)
  • Unit 02: Data Classification Process and Models (6)
  • Unit 03: Risk Evaluation (6)
  • Unit 04: Case Study 2 – Autopsy of a Data Breach – The Target Case (4)
  • Unit 05: Creating a Security Aware Organization (6)
  • Unit 06: Physical and Environmental Security (6)
  • Unit 08: Case Study 3 – A Hospital Catches the "Millennium Bug" (3)
  • Unit 09: Business Continuity and Disaster Recovery (6)
  • Unit 10: Network Security (6)
  • Unit 11: Cryptography, Public Key Encryption and Digital Signature (6)
  • Unit 12: Identity Management and Access Control (6)
  • Unit 13: Computer Application Security (6)
  • Welcome (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in