Discuss the challenges of maintaining information security at a remote recovery location.
DQ requirement:
Note that the requirement is to post your initial response no later than Sunday and you must post one additional post during the week. I recommend your initial posting to be between 200-to-300 words. The replies to fellow students and to the professor should range between 100-to-150 words. All initial posts must contain a properly formatted in-text citation and scholarly reference.
Reply 1:
Information security at a remote recovery location
Recovery is the act or preparation to overcome the man made or natural disaster.Information Security plays a vital role to overcome the disaster. Even though Information security is important there are lots of challenges in maintaining information security at remote recovery location. In case if information security is not maintained properly then there may chance of vulnerabilities like harmful instruction will delivered. Some other challenges include observing insights, implementing procedures, controlling remote site and making the site aware about the risk. It is difficult to monitor the entire resources towards the center of information security. And also gaining control and implementing process took some time at the remote recovery location. Some of the Major Challenges of maintaining information security are
1) Although remote locations often operate as independent small businesses, there is a constant requirement for sensitive information such as corporate resources, customerrecords, and payment data to be shared between the corporate headquarters and each site. Dangers of sending sensitive communication over the open web present significant security risks. Distributed enterprise organizations need a way to secure all communications between their corporate HQ and remote employee and business locations.
The Possible solution to this challenge is :
Establishing an encrypted network connection, known as a Virtual Private Network (VPN), between the HQ and the remote location, or between two remote locations willensure that all communications are secure.
2) Credit cards have been a convenience to businesses and consumers alike for over 50 years. These small pieces of plastic make transacting easy, but securing those transactions in our connected world is a different story entirely. Purpose-built malware is popping up every day, designed specifically to compromise point of sale (POS) systems.For the Distributed Enterprise, cash-only is simply not an option. Organizations must accept and transmit customer payment information, which creates a unique set of security challenges for both the remote site and the corporate HQ.
The possible solution to this challenge is :
Remote locations that process credit card transactions must utilize best-in-class network security technologies to not only protect and monitor their payment systems, but toalso se.
Discuss the challenges of maintaining information security at a remo.docx
1. Discuss the challenges of maintaining information security at a
remote recovery location.
DQ requirement:
Note that the requirement is to post your initial response no
later than Sunday and you must post one additional post during
the week. I recommend your initial posting to be between 200-
to-300 words. The replies to fellow students and to the
professor should range between 100-to-150 words. All initial
posts must contain a properly formatted in-text citation and
scholarly reference.
Reply 1:
Information security at a remote recovery location
Recovery is the act or preparation to overcome the man made or
natural disaster.Information Security plays a vital role to
overcome the disaster. Even though Information security is
important there are lots of challenges in maintaining
information security at remote recovery location. In case if
information security is not maintained properly then there may
chance of vulnerabilities like harmful instruction will delivered.
Some other challenges include observing insights, implementing
procedures, controlling remote site and making the site aware
about the risk. It is difficult to monitor the entire resources
towards the center of information security. And also gaining
control and implementing process took some time at the remote
recovery location. Some of the Major Challenges of maintaining
information security are
1) Although remote locations often operate as independent
small businesses, there is a constant requirement for sensitive
2. information such as corporate resources, customerrecords, and
payment data to be shared between the corporate headquarters
and each site. Dangers of sending sensitive communication over
the open web present significant security risks. Distributed
enterprise organizations need a way to secure all
communications between their corporate HQ and remote
employee and business locations.
The Possible solution to this challenge is :
Establishing an encrypted network connection, known as a
Virtual Private Network (VPN), between the HQ and the remote
location, or between two remote locations willensure that all
communications are secure.
2) Credit cards have been a convenience to businesses and
consumers alike for over 50 years. These small pieces of plastic
make transacting easy, but securing those transactions in our
connected world is a different story entirely. Purpose-built
malware is popping up every day, designed specifically to
compromise point of sale (POS) systems.For the Distributed
Enterprise, cash-only is simply not an option. Organizations
must accept and transmit customer payment information, which
creates a unique set of security challenges for both the remote
site and the corporate HQ.
The possible solution to this challenge is :
Remote locations that process credit card transactions
must utilize best-in-class network security technologies to not
only protect and monitor their payment systems, but toalso
separate the network used for payment transactions from the
rest of their network and all other information systems. Also, as
the target of many dedicated attacks, organizations must employ
solutions for protecting their POS systems from advanced and
3. zero day malware threats. Sophisticated UTM appliances can
offer Distributed Enterprises all of the advanced network
protection they need from one easy-to-deploy offering.
3) In recent years, regulatory bodies have been tasked with
establishing data security standards and requirements,which are
designed to protect both businesses and consumers from theft,
fraud, and other damages. Although these compliance standards
are valuable, they can generate serious challenges for IT
professionals. Security systems need regular updates to
correspond with the ever-evolving compliance standards. In
addition, data storage and transmission systems need to be
constantly monitored for unauthorized usage and access.
Organizations that fail to comply with PCI DSS, HIPAA, and
other global standards, are subject to enforcement actions and
fines.
The possible solution to this challenge is :
Businesses within the retail, health care, and hospitality
markets are especially sensitive to regulatory
compliance.Related aspects of PCI DSS, HIPAA, and other
major regulatory compliance standards can be achieved
leveraging UTM security appliances as they enable
segmentation of network traffic and secure transfer of sensitive
information between sites. Modern network visibility tools offer
the ability to set alerts and automated reports on security events
that are relevant to the compliance standard,including data-
leakage, malware, and unauthorized user access. Maintaining
clear visibility for auditing purposes is also a requirement for
maintaining compliance.
4) Wireless Internet access is becoming an increasingly common
service offered to customers, guests, and patients.Distributed
Enterprises that choose to offer guest Wi-Fi must be aware of
the associated liability. Users can often jump from the guest
4. network to the corporate network,giving them access to
sensitive employee and customer data. Businesses also assume
liability for any copyright infringement that results from guests
illegally downloadingcontent such as media. Organizations must
balance the need for tight security, while at the same time
providing a fast and seamless Wi-Fi experience for their
customers, especially as the number of connected devices
continues to grow.
The possible solution to this problem is :
Organizations that choose to offer Wi-Fi hotspots must
implement technologies and processes that adhere to data
security standards, including PCI DSS and HIPAA. Wi-Fi
performance is a large influencer of customer satisfaction, so all
security technologies must offer line speed performance during
times of peak usage. Both firewall and wireless access point
technologies must allow for network segmentation, which
separates guests from sensitive corporate data. Full UTM, Data
Loss Prevention and Advanced Malware protection are essential
in protecting the wireless network from targeted and evolving
threats
Reply 2:
Maintaining security at a recovery location
In the event of an incident, it is important to consider issues of
cross-site contamination. Failing over to a recovery location is
not going to work in the event that the recovery site is also
infected with Ransomware. This is something to consider if you
have a hybrid or warm site. Pulling full snapshots of your
environment will bring everything including the intrusions with
it (Livens, 2018).
5. If your recovery location is in the cloud, you need to consider
that the cloud-based threats now apply to your recovery site.
Contractual issues, chain of custody issues, lack of
administrative controls and others like next-door neighbor
issues. Other could tenants may be under attack which may
impact your operational capacity (Atchison, 2018)
Transportation. Moving large volumes of data to a recovery
location loud or other in a controlled and secure manner can be
hard to maintain as the size of your data grows.
Physical security. Changes in full physical access to the
hardware at your recovery site could cause issues. Even in a
site owned by the organization recovery sites should maintain
restricted physical and network administration until activated as
the primary.
Hardware life cycle management. Even your recovery
environment needs to be updated, patched, performance-tested,
and eventually decommissioned.
General Maintenance. Changes to your main production
environment, size, capacity, configuration, patches, and even
access control lists (ACL)s need to be considered and updates to
the recovery environment need to be made. Your organization
may make changes to your internet capacity but forget about
updating the internet bandwidth at the recovery site.