1. Host categorization

Owned by Shane Pierce
Last updated: Jan 18, 2021 by Laura McWilliams
4 min read

The process of categorizing hosts is customizable for each organization using Isora GRC. The following discussion shows Isora GRC’s default host categories and data classifications. Your host categories and data classification options may be different. Please consult your local Isora GRC administrator or additional provided documentation if your host categories and data classifications differ from those described.

Navigation

Hosts are divided up across pages, 25 hosts to a page. These pages can be navigated by using the navigation bar located at the bottom of the page. You should always save your changes by clicking the “lock” button (described later) before navigating to a different page.

Searching, Filtering and Sorting Hosts

The icon on the left side of the “host” table header, shown here to the left, is the filtering tool. This is used to filter, search, and sort hosts. Filtering and sorting apply only to the current assessment.


When the filtering tool is activated, a popup like the one to the right is displayed.  To search among the hosts in the assessment, simply enter a value into the text field and apply the filter.

To make completing assessments simpler, there is an option to hide hosts that have already been answered and locked. This filter is applied by default.

Hosts can be sorted by IP address or MAC.  By default, hosts are sorted by IP address.

Layout description

The assessment itself is broken up into six columns.  These columns are:

  1. The Tools column, which contains information about who supplied an answer.
  2. The Host column, which displays basic host information such as name, MAC address, and IP address.
  3. The Category column, where the host is categorized by the type of data that it is used to process, store, or manipulate.
  4. The Classification column, where the classification for Confidential hosts is identified (only necessary for hosts identified as Confidential).
  5. The Data Types column, where the specific category of Confidential data that is used with or stored on a host is identified (only necessary for hosts identified as Confidential).
  6. The Lock column, which allows a host that has been answered to be saved and locked.

The options in the column headers shown above can be used to answer for all unlocked hosts on the page.  For example, if you identify, answer, and lock all of the Confidential and Controlled hosts, the remaining unanswered hosts can all be set to Published at the same time by selecting “published” from the category popup in the Category column header. Only hosts displayed on the current page will be modified.

Tools

The editors tool (shown at left) identifies who most recently saved and locked the host. If the icon is blue, it means the host has either been saved or locked by a user. Hosts that have never been saved or locked will have a gray icon.

Host Information

The Host column provides detailed information about a host. This information is drawn from the inventory module. Text entries can be hovered to reveal more information if it exists, e.g. in the case of long descriptions or multiple IP/MAC/hostname entries.

 

Categorization, Classification, and Data Types

Hosts are categorized as Confidential, Controlled, Published, Unknown, or Surplus by selecting the appropriate option from the drop-down in the Category column.


A host is considered to be a Confidential device if:

  • There is a high need for availability, integrity, or confidentiality of the data processed with the host
  • The host used to store, process, or otherwise manipulate Confidential data
  • The host is considered to be critical for unit or organization operations

For all hosts marked as Confidential, you will be asked to specify why in the Classification column and identify any Confidential data used with the host in the Data Types column, as shown below. At least one classification and one data type must be specified in order to lock a host.

Categorizing a host as Unknown should only be done in cases where the host is outside of your control and you're not responsible for the data used with it. For example, consider a lab or conference room where students or guests can connect non-university-owned portable computers to the wired network. Such hosts may show up as a part of an assessment even though they're not a part of your technology infrastructure and you have no control over them. In such a case, it would be appropriate to mark those hosts as Unknown.

Saving and Locking Hosts

To save a host and confirm its answer, click the “lock” button in the Lock column. Once locked, the “lock” button will change to an “unlock” button, which can be used to allow editing. PLEASE NOTE: If the “hide locked” filter option has been selected, the host will disappear from the page, so the filter must be adjusted in order to find the host and unlock it.

Acknowledgement

The host categorization step of an Isora GRC assessment is not complete until all hosts have been locked. When all hosts are locked, an assessment manager for the unit must acknowledge that the information provided is accurate by clicking on the Acknowledge button at the top of the assessment, as shown below. Only an assessment manager for the unit may acknowledge the step. Once the step has been acknowledged, no further editing of answers may be done.

Next: 2. Unit questions




If you can't find what you are a looking for and need support, email support@saltycloud.