Analysis and implementation of a security standard

This master's thesis describes the design and implementation of a security standard in a university research department. It has been developed in the framework of the ETSETB Master's Degree in Cybersecurity, in cooperation with the University of Barcelona. The work has consisted on several...

Descripción completa

Detalles Bibliográficos
Autor: Hernández Vilalta, David
Tipo de recurso: tesis de maestría
Fecha de publicación:2021
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/360545
Acceso en línea:https://hdl.handle.net/2117/360545
Access Level:acceso abierto
Palabra clave:Computer security
cybersecurity
security
it
services
company
iso
27000
27001
owasp
vulnerabilities
cyberthreats
science
research
Seguretat informàtica
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descripción
Sumario:This master's thesis describes the design and implementation of a security standard in a university research department. It has been developed in the framework of the ETSETB Master's Degree in Cybersecurity, in cooperation with the University of Barcelona. The work has consisted on several stages. First, an analysis of the vulnerabilities of the system has been performed. This diagnosis has been specially important, since the lack of cybersecurity protections in the department has lead to several hijacks and data losses throughout the years. Then, the report describes the application of all the security features that are considered essential in a company, covering as much elements as possible. Those include from devices' physical security, through software protection to employees training. The project will be mainly focused in the deployment of the main services found in an IT department with a brief cybersecurity training session for the employees at the end. The work developed in this master thesis will reinforce the security of all crucial services and will reduce the possibility of data loss.