ESPOCH Congresses (Jun 2022)

Cybersecurity Policies for Network Switching Devices in Hospital Data Centers: A Case Study

  • Diego Fernando Avila Pesantez,
  • Richard Chalan Analuisa,
  • George Figueras,
  • Miriam Avila

DOI
https://doi.org/10.18502/espoch.v2i2.11413
Journal volume & issue
Vol. 2, no. 2
pp. 507 – 518

Abstract

Read online

Abstract Cybersecurity policies help ensure the operation of network communication devices used in hospital data centers, since administrators can easily implement mechanisms to mitigate attacks and vulnerabilities without affecting the operation of these devices. In this work, the ISO 27032 standard was selected to follow the four-phase guidelines: understanding the organization, risk analysis, action plan, and implementation, which allowed for proposing the necessary cybersecurity policies for the network infrastructure in a Huawei device. First, the vulnerability tests were carried out with the OPENVAS and Yersinia tools, establishing the probability of attacks like MAC-ARP, DHCP Starvation, STP attack, Vlan hopping, etc. Through the respective configurations and enabling functionalities, it was possible to mitigate a significant amount of 98% of the existing vulnerabilities in the initial state of the hospital network infrastructure.

Keywords