Security Level Instructions

Drag the security controls and place it at specific locations and also enable disable the control on architecture in serially as listed here as per SL0 to SL4

SL0: Protection Against Casual or Coincidental Violation

• Physical Security: Basic physical access control to prevent unauthorized physical access.
• Awareness Training: Basic security awareness training for all personnel.

SL1: Protection Against Intentional Violation Using Simple Means

• User Authentication: Implement basic user authentication mechanisms in systems like Active Directory.
• Patch Management: Regular updates and patching of software and systems.
• Firewalls: Basic network firewalls to control inbound and outbound network traffic.
• Endpoint Security Management: Basic antivirus and malware protection on endpoints.
• Data Backup: Regular backup of critical data, possibly using a dedicated Backup Server.

SL2: Protection Against Intentional Violation Using Sophisticated Means

• Two-Factor Authentication (2FA): Implement 2FA for critical systems and remote access.
• Intrusion Detection Systems (IDS): Deploy IDS for network and system monitoring.
• Secure Remote Access: Use VPNs and other secure methods for remote access.
• RBAC (Role-Based Access Control): Implement RBAC to limit system access based on roles.
• Network Segmentation: Use network segmentation to limit the spread of incidents.
• Regular Security Audits: Conduct security audits to identify and address vulnerabilities.

SL3: Protection Against Intentional Violation Using Sophisticated Means

• SIEM (Security Information and Event Management): Implement SIEM for advanced threat detection and analysis.
• Data Encryption: Encrypt sensitive data in transit and at rest.
• Advanced Endpoint Security: Implement advanced endpoint detection and response solutions.
• Network Diodes: In critical segments, use network diodes to prevent data leakage.
• Incident Response Plan: Develop and maintain an incident response and recovery plan.
• Physical Security Enhancement: Advanced physical access controls, surveillance, and monitoring.

SL4: Protection Against Intentional Violation Using Sophisticated Means

• Redundant Networks and Systems: Implement redundancy for critical network paths and systems to ensure availability.
• Emergency Power: Ensure emergency power systems are in place for critical infrastructure.
• Advanced Anomaly Detection: Utilize AI and machine learning for advanced anomaly detection.
• Forensic Capabilities: Develop capabilities for forensic analysis following an incident.
• Government and Industry Collaboration: Engage in collaboration with government cybersecurity agencies and industry groups for threat intelligence sharing.