Research Paper: Cyber Threats and Network Infrastructures
Contents
PROTECTING THE COMPANY FROM LOST DATA.. 4
Building a Layered Approach for Remote Workers. 10
Steps to Build a Layered Approach for Data Protection. 10
IDENTIFICATION OF OTHER POTENTIAL PROBLEMS FROM THE SCENARIO.. 11
Decentralization and Diffusion. 11
Skyrocketing Data Security Costs. 12
Disruption of Business Operations and Efficiency. 12
Loss of Employee Productivity. 13
DATA SECURITY PROCEDURES FOR REMOTE EMPLOYEE SECURITY.. 13
REPLICATING OLD DATA INTO A NEW LAPTOP.. 14
Storage and Back-up Strategy. 15
The Strategic Process of Transferring Old Data into New Mobile Assets. 17
Role-based Administration and Hierarchical Management 18
INTRODUCTION
Data security is constantly proving to be an instrumental area of all enterprises, small and large. The evolving nature and use of data are transforming the way businesses handle routine operations; ranging from the management of sensitive consumer information to the storage of financial records that hold the fiscal future of organizations or corporations. In this integrated web of computers and digital platforms lies the issue of data security and protection measures from outside extrusions. Regular backups of documents and sensitive information are noted as the foremost effective and pragmatic approach to secure sensitive networks and avoid outside intrusions. Other than scheduling regular back-ups, there is a need for I.T companies to leverage cloud services like SaaS software as a service. Essentially, the software as a service enables small and medium enterprises to secure data and information in cloud storage spaces. The SaaS can be automatically updated by exporting new data sets including consumer feedback, market surveys, financial records, and intellectual property rights. It is crucial to establish that at the apex of the new technology lies the question of virtually managing a large pool of workers from a central office.
An increasing number of IT companies are utilizing a small pool of managers strategically located in distant headquarter offices. These “central” employees, on the other hand, manage additional hundreds of employees who work in remote locations but who report at the central office on a regular basis. This analysis establishes that the remote location of employees may potentially jeopardize the company’s data security and data integrity in case employees’ laptops are stolen, accessed by third parties, and information leaked. This research paper sets out to critically examine and evaluate how such an IT company with remote workers can be protected from data loss through measures that curb outside intrusion and approaches that enhance the integrity of enterprise data. The research paper goes ahead to identify the possible threats that emanate from such a scenario of working in a remote location. Finally, the research examines the importation of lost data back to the computer or laptop in case of data loss. The import process is an integrated and systematic approach that constantly seeks to ensure that stored information is regularly updated and constantly stored in databases and cloud spaces. The cloud approach is utilized since companies with remote employees find the enterprise resource planning as a desirable model of not only storing data but also managing the flow and distribution of information and data without a close-knit network of employees.
[Cybercrime statistics and sources of data loss]
PROTECTING THE COMPANY FROM LOST DATA
The residency research seeks to examine a case of an IT group with difficulties and challenges managing a workforce of 500 employees with only a pool of five workers. In the organization, most of sales staff and mobile technicians work away from the office but they regularly bring the laptops to the central office. In this mobility lies a threat of loss of information in case a laptop is stolen or even infringed by a third-party. This section of the research paper sets out to examine how the company can protect itself from lost data given the increasing threat of laptop loss and hence a compromise on stored electrical information.
It should be noted that in most security issues, single-point protection measures are not adequate to protect an organization from loss of data. As a result, a multi-faceted layered approach is considered that takes into consideration; compliance, protection, and recovery. Compliance as part of protecting loss of data serves to ensure that all the statutory laws and mobile protection guidelines are followed and that organizations have the ability to provide an accessible audit trail. Protection means protecting the constant loss of company’s information through the adoption of pragmatic administrative and control measures. Finally, recovery of lost data simply refers to the ability to recover stolen or lost mobile data or to retrieve stolen or lost devices and return them into the control of the organization. This analysis notes that the layered corporate approach provides a water-tight approach to seal networks, devices, and software that facilitate data loss.
The Layered Approach
[Layered Data Security Approach]
Compliance
Companies and organizations are required to track hardware and its users, protect available data, provide data audit capabilities, and accurately maintain historical records as part of regulatory compliance. While many mobile laws relate to an enterprise as a whole, it is only mobile assets such as computer and laptops that are hard to trace and track. The effective utilization of applicable laws that relate to data security will help provide the much competitive feat required to protect the mentioned or identified I.T organization from data loss. For instance, the Sarbanes-Oxley Act requires a timely reporting of all assets including computer and mobile assets. This legislation has penalties for non-compliance that feature penalties of up to 5 million and imprisonment of 15-20 years (Absolute Software, 2018). The California Senate Bill 1386 similarly demands that all organizations within the California jurisdiction that possess computerized consumer data to inform consumer immediately of any intrusion in case of a breach. The fundamental significance of compliance is to constantly provide better data protection measures by following already established data security laws and regulations.
Protection
The protection of any computerized data can be achieved through the combination of asset tracking capabilities. The I.T organization must possess data to delete capabilities and data security measures like encryption. Collectively, encryption and “data delete” provision enable the organization to delete any leaked information or data long before it causes irreversible damages such as the loss of intellectual property rights, leakage of trade secrets, loss of identifying consumer information, and employee data. A superior protection approach for sensitive information can best be achieved through four major resources that provide unique and effective protection capabilities.
The first approach to protection is real-time asset tracking that enables an agency or company to effectively track all its mobile assets through connection to the internet or the internal network. The remote data delete is the second measure and this seeks to completely remove sensitive information from a lost or stolen mobile asset; laptop, computer, or mobile device. Data encryption is the third protection approach and this seeks to protect data from unauthorized third-party users. And encryption is considered as the last line of defense in case of external party misuse (Absolute Software, 2018). The fourth protection measure of mobile assets such as laptops belonging to the I.T organization is through audit logos which provide defensible records that show when exactly the information was lost, where, and the exact location of the mobile asset. Audit logos essentially provide surveillance in the sense that they verify the exact nature of “sensitive information” lost, last known location and its overall encryption status.
[Computerized Data Protection]
Recovery
In most cases, replacing a lost device or mobile assets like a laptop is more than a challenge. The cost emanating from a destroyed public image of announcing the loss of sensitive consumer data to the media, and the inevitable lawsuits following such adverse breaches, makes recovery the ultimate option for most I.T organizations (Absolute Software, 2018). This research notes there are significant soft costs associated with losing a mobile asset and such costs entail the loss of employee productivity, re-provisioning labor, and procurements. In this realization, sophisticated tracking solutions are deployed in organizations which in turn “deploy” software that tracks IP addresses of mobile devices and laptops and constantly report to a central location or administrator. These effective recovery tools track the hardware upon connection to the internet, and later conveys this information to a central network unbeknownst to the thief or the hacker.
Similarly, the utilization of computer security checklists that effectively track and report lost devices is a viable approach and these checklists capture three fundamental aspects. First, it is the ability to accurately track and recover lost assets and data. Secondly, the existence of watertight HR policies that extend punishments and penalties to stark violations that lead to data loss or compromise the integrity of network infrastructures. And finally, the checklist should encompass measures to delete information or data in case of breaches or compromises in data security (Absolute Software, 2018). It is important to note that the multi-layered approach is a viable architecture to protect employees working in remote work stations but who regularly report to a central location. This section of the research identifies the best practices that are adopted to enhance the protection of data loss for the I.T organization.
[Security Considerations for a Layered Approach]
Building a Layered Approach for Remote Workers
Information technology has undergone dynamic shifts over the last decade. However, a range of factors has dictated the pressing need for a more robust approach towards data security. Alongside this dream of protecting enterprise data loss lies factors that have defined the very face of the corporate security network. First, a trend towards the mobility of data and information through the development of remote work stations by large companies necessitates the need for robust approaches in data security (Shabtai, 2012). Additionally, the theft of I.T resources and assets resulting from the proliferation of mobile assets and devices continues to create the need for effective and rigid corporate data protection. Further, an increase of data security and privacy concerns continues to push companies to the verge of setting stringent corporate policies structures centered on a data security infrastructure and network.
Steps to Build a Layered Approach for Data Protection
The IT Company may consider offering technical education to employees to avoid leaving computers and other mobile assets unattended. If they are left in a car or vehicle, laptops should be locked in the trunk. Agencies must also communicate the importance of data security as part of corporate compliance. The physical measure is seen as instrumental protection approaches and this means that all laptops must be locked in cupboards, or other security facilities at home or in the office. Cable locks should be provided for laptops left unattended. Similarly, agencies must provide a sign-in provision for all visitors or external parties. Asset-tracking and recovery tools should be incorporated in administrative controls to safeguard the welfare of mobile assets throughout their lifecycle (Reuvid, 2006). Asset tracking further helps to monitor any disappearances or changes in hard drives, computer memory, and other peripherals. The deployment of a data encryption solution that protects unauthorized users seals glaring loopholes in the computer network infrastructure. Finally, a remote “data delete” functionality removes potentially sensitive information from an end-of-lease mobile asset.
IDENTIFICATION OF POTENTIAL PROBLEMS FROM THE SCENARIO
Remote employee security is becoming more important than ever with advancements in network infrastructure and computer technology. Organizations across the world are allowing employees to perform one of the most traditionally engaging tasks and operations outside the office. Coffee shops, home offices, hotels, and restaurants are gradually taking the workload that was once a reserve of formal offices and workstations. It is vital to acknowledge that this unprecedented move of permitting employees to operate in remote workstations makes remote employee security and ever-changing endeavor (EMC Corporation, 2012). As discussed in this research, there is a potential loss of sensitive consumer information through third-party infiltration. Remote working further increases the vulnerability of sensitive networks and infrastructures, most of which define the very integrity and status of the organizations that utilize these devices and networks. This section of the research paper sets out to examine a range of other potential problems that may arise from the scenario of remote working, both the mentioned I.T organization and for other companies or agencies that use computerized information and data.
Decentralization and Diffusion
Remote working has made computerized data networks and infrastructure decentralized and diffused making storage quite difficult to manage and constantly monitor. Centralized IT departments operating in the headquarters main offices constantly have to deal with device mismatches that run on completely different operating systems and application software. The decentralization and diffusion of networks and mobile devices create an open environment that puts confidential data to more vulnerability where it needs a greater level of protection.
Skyrocketing Data Security Costs
Centralized computer infrastructures or a strategic I.T environment provides a costly approach to manage data and protect sensitive information. Notably, it is easy to set up a comprehensive and rigid architecture in a central location that features a set of laptops, tablets, PCs, and servers. However, once the network environment expands in the form of “remote working arrangements”, the devices and mobile assets are either dispersed creating a situation that is hard to constantly monitor (Reuvid, 2006). Hence, remote employee security is a costly endeavor since a central I.T department constantly monitors “distanced” computer assets and resources through the deployment of packet sniffers and IP detectors.
Disruption of Business Operations and Efficiency
Enterprises with remote employees usually feature complex organizations processes such as auditing, consumer reporting, data analytics, and business intelligence. As a result, remote work stations are ultimately convenient platforms for conveying data and information in real-time without attracting additional costs. Unfortunately, a slight glitch in the remote security may have far-reaching repercussions on the routine business operations. For instance, laptop theft may interfere with the filing of fiscal returns, this may affect stakeholder trust and confidence, and in the process hurt future investments (Shabtai, 2012). Similarly, loss of market survey statistics from a misplaced remote laptop may disrupt marketing operations and sales exercises that rely on such fundamental electronic market data. This means that the disruption of critical business operations may have far-reaching implications on the efficiency of organizations and businesses at large.
Loss of Employee Productivity
Alongside remote employee security lies a fundamental issue of productivity. Usually, a remote set-up or workstation is selected to save operational costs associated with accommodation, transport, travel, office space, rent, electricity, and ancillary expenditure. Employees working in remote work stations are likely to enjoy the convenience of less supervision and self-management. As a result, there is a boost in employee productivity. Unfortunately, loss of mobile assets as a result of theft or unauthorized access may cause anxiety, affect workflow processes as the IT agency strives to replace the lost laptop or computer. In the long-run, employees may be discouraged to resume working amidst the confusion, trauma, and frustration of losing confidential sensitive information that is time-consuming to both collect and store.
DATA SECURITY PROCEDURES FOR REMOTE EMPLOYEE SECURITY
This analysis identifies that although there are associated risk with remote working, a range of measures and procedures can be considered to alleviate glaring technical challenges. The first approach is the utilization of the best security software. This means that the latest antivirus protection packages that are routinely checked and regularly updated will serve to bridge glaring loopholes in the network infrastructure. Utilization of cloud application outsourced from a third-party provider can help with a heightened level of security through data encryption solutions and technologies. Maintenance of a secure connection through the leverage of a virtual private network application will help ensure that all employees and staff use secure traffic. A fully secured network or traffic is important in the development of string and unfilterable network boundaries that guarantee maximum protection of data networks and computer infrastructures such as hardware, servers, and similar devices.
A crucial part of data security is the development of strict guidelines that minimize the potential of data security breach or threat. The company must establish clearly who has authorized access from a remote station and detail the exact protocol used to execute or expedite the authorization for data access. Probe recognition is another instrumental part of data security. Agencies must set-up a system to recognize probes and this detection is usually noted through high-level attempts from outside parties such as hackers working to gain access into a computer system or infrastructure (EMC Corporation, 2012). Finally, packet sniffers are considered a critical threat to data security. Software called packet sniffers is usually used by hackers to capture transmitted data and information packets sent over the internet. The packets may include proprietary information like passwords, company information, usernames, and pertinent data. The deployment of applications programmed to identify packet sniffers will enable the company to identify that it is experiencing a root compromise that may potentially affect sensitive data.
REPLICATING OLD DATA INTO A NEW LAPTOP
Following the unprecedented loss of digital information and computerized data is a rigorous process to recover and consequently replicate old data into new mobile assets such as computers, laptops, tablets, and storage devices. The process of replacing old data into new laptops and new devices is entirely driven by the motive of continuous quality improvements by ensuring that employees proceed with routine organizational work on a continuous basis. Hence, replicating old data into new mobile assets is a strategic process that should underpin an organization’s data security policies, procedures, and operational standards. A range of factors and resources should be considered in routinely maintaining the storage and utilization of data and these include; building storage and backup enterprise strategy, utilization of cloud spaces, enterprise resource planning, and hardware storage solutions.
Storage and Back-up Strategy
Present-age enterprises generate vast amounts of data than ever. Luckily, storage devices, systems, and networks have developed correspondingly faster-making storage a cheaper, flexible, and accessible endeavor. The first step of backing old data into new computers is through the selection of an effective back-up strategy. The storage and back-up approach take into consideration the unique needs of enterprises, its resource assets, administrative procedures, goals, and priorities in the protection of sensitive consumer data. As part of this back-up and storage strategy lies six fundamental data storage solutions that should ultimately guide the transfer of old data into new devices and computers. The directly attached storages refer to devices injected or plugged directly into mobile assets through a USB or a port. The network attached storage NAS is the second solution that connects directly to an existing network – and features the unique capabilities of servers and gradually accepts multiple drives.
The disaster protection storage is the third solution which, similar to NAS and DAS, is plugged into a device but it is hardened against threats that would easily harm unprotected information and data. Online storage is growing as a reputable model of storing and later transferring old data into new laptops. Electronic mail services, cloud storage solutions, and enterprise resource planning represent the most common online storage models. And this means that an instrumental part of selecting an optimal storage solution for old data transfer is considering cloud options. Cloud solutions offer better versatility, they are cost-effective and cheap for large-scale organizational works, and they provide a better visibility and audit trail for stored information and sensitive data. Offline devices and private cloud represent the other two fundamental storage solutions. Offline media may refer to Blu-ray discs, DVDs, and other optical media and while they may seem as relatively outdated, they have helped Google save itself from a Gmail outage. Facebook is also experimenting with optional storage through offline media devices.
It should be established that since organizations strive to retain or transfer old data sets into newer platforms like laptops and computers, the data storage and transfer strategy depends wholly on the data volume and budget. Higher data sets with larger volumes demand strategic examination, division, and stratification to fit into specific subsets of storage spaces. This means large volumes of data are structured and this process is both time-consuming and resource intensive. It, therefore, follows that large volume data sets are expensive to store and maintain. In the analysis of the budgetary aspect of data security, sensitive information requires a relatively higher budget due to the vulnerability and sensitivity of such data. For instance, credit card information, personally identifying numbers PINs, facial recognition records, financial reports, and budgetary records represent sensitive information with far-reaching implications on individuals and corporation at large.
As a result, storing such data is an expensive endeavor as opposed to storing music and video covers that have a relatively lower level of risk. This research identifies that the IT company with the challenge of managing 500 remote workers with a pool of only five employees should consider budgetary and volume of data storage as part of their routine exercise of transferring old data into new laptops (SANS Institute, 2017). More plainly, the IT group must consider a solid approach to store and back-up data while taking into consideration the volume and budgetary considerations of storage and regular maintenance.
The Strategic Process of Transferring Old Data into New Mobile Assets
- Critical evaluation and sorting of old data sets and prioritizing tasks and operations. In this specific step, a team of data experts shall sort out different categories of data, prioritize their usage, and determine which ones to be transferred (Shabtai, 2012). The selection shall depend on the need, application, usability, and periodic-usage of such data.
- Installation of new security infrastructures into the laptop or computers. This process shall involve selection of top-notch and water-tight application and software. Among them is the installation of private virtual networks and internet protocols to continuously track and protect network traffics during browsing.
- The third step is the strategic and systematic transfer of data into the cloud either through internet transfer protocols or through manual storage. In manual storage, enterprise resource planning agents provide clients access to their data stored in the cloud. Once logged in, the clients can easily and promptly transfer massive datasets in terabits.
- Cross-checking follows closely to ensure that appropriate data is fed into the new laptop. Part of cross-checking is running files to ensure they operate smoothly and scanning malware and adware. Cross-checking emanates from the premise that unattended older files may harbor inscriptions that may potentially affect the operation of the new laptop. Most importantly, older data may be irretrievable rendering them unusable in a new mobile asset.
- Secure storage is the final step of transferring old data into new laptops and computers. This storage involves setting up standards and guidelines for the operation of the new machinery. Administrative controls and technical protocols are also implemented as part of the “secure storage” plan to ensure that old data operates according to the set standards, measures, and protocols.
Role-based Administration and Hierarchical Management
Hierarchical management enables companies to establish more than one policy servers, with policies and administrative rules (SANS Institute, 2017). Hierarchical management recognizes that clear roles and structures are fundamental in the access to stored data and that multiple legislations and policy servers provide a fundamental approach to deal with infiltrations. On the other hand, role-based management that allows for role-based administration of tasks, privileges of access, and storage will help provide a rigid approach to deal with the loss of data from remote workstations (Shabtai, 2012). This research acknowledges that role-based and hierarchical management are classic approaches to deal with infringements of data. Most importantly, these measures provide a clear flow of information, enable protocol in the access, operation, and control of data sets in an organization. As a result, the I.T Company dealing with a vast pool of 500 employees may consider setting role-based administrative controls. These procedures will constantly provide better insight into the access of remote laptops by third parties, create internal correspondence on data usage, and provide better visibility of lost data. Collectively, this research notes both the role-based and hierarchical management cannot be overlooked when addressing the problem of remote data loss as part of data security.
REFERENCES
Absolute Software. (2018). A Layered Approach to Laptop Security. The Absolute Software Corporation. Pg. 1 – Pg. 12. Retrieved from https://csbweb01.uncw.edu/people/ivancevichd/classes/MSA%20516/Extra%20Readings%20on%20Topics/Mobile%20Devices%20&%20Wireless/Securing%20Laptops.pdf
EMC Corporation. (2012). Information storage and management: Storing, managing, and protecting digital information in a classic, virtualized, and cloud environments. S.L: EMC Corp.
Reuvid, J. (2006). The secure online business handbook: A practical guide to risk management and business continuity. London: Kogan Page.
SANS Institute. (2017). Understanding and Selecting a Data Loss Prevention Solution. The SANS Institute Official. Pg. 1 – Pg. 26. Retrieved from https://securosis.com/assets/library/reports/DLP-Whitepaper.pdf
Shabtai, A. (2012). A Survey of Data Leakage Detection and Prevention Solutions. Boston, MA: Springer US.
Symantec. (2018). Symantec Data Loss Prevention. Symantec Official. Pg. 1 – Pg. 6. Retrieved from https://www.symantec.com/content/dam/symantec/docs/data-sheets/data-loss-prevention-family-en.pdf