X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 46 / 158

400 views

0 shares

0 downloads

0 comments

46 / 158

U.S. Department of Health and Human Services

A GSS provides support for HHS’ agency infrastructure and host major applications. Since a GSS provides such wide-scale support, it is usually categorized at the moderate level or higher. Controls for a GSS must comply with the appropriate baseline provided in NIST SP 800-53 Rev.3.

Since a GSS supports other systems, its security level must support the security level of any of the systems it hosts. When a GSS is categorized lower than an MA, the MA's System Owner decides whether to place more stringent security controls on the MA.

A GSS (especially a GSS that is a network) is the front door to the organization's IT assets. An open port of easy access onto the network can allow a potential hacker to “jump” privileges into a major application. Teams administering a GSS must properly assess the risk level of the GSS and adequately secure it.

Page 3 of 3

Types of Systems

Securing a General Support System

Document info
Document views400
Page views400
Page last viewedTue Dec 06 16:26:14 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments