Consider that Data Security and Policy Assurance methods are important to the overall success of IT and Corporate data security.
To enhance the success of the IT and corporate security, it is evident that it assists in elevating some of the challenging objectives for example the authorized assessment of personal data. Ideally, some of the policy securities and policy assurance methods depend on various techniques that can be attested to its trustworthiness. It is these mechanisms that have the ability of breaking down some of the authentication measures.
- Determine how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity.
Technology – this basically takes into consideration the revival of the business’s decisive information or data and other associated applications that are contained in its DRP (disaster recovery plan). To the business continuity, it is evident that technology assists in establishing technical and enterprise measures aimed at countering the effects of incidents or events that results to untrustworthiness of data centers. This then implies that it ensures that information technology procedures have had the potential of intervening and protecting the business data.
People – as much as business continuity is concerned, this is regarded as the general recovery of workers and the physical working space. Therefore, it means that it is the responsibility of the organization to ensure that the management authority selected have required skills to run the enterprise. These individuals are always drawn from the business itself rather than from information technology (IT) departments. As a result of that, this is considered to be one of the survival areas with an emphasis based on human assets as well as value and not on software and hardware resources that are ultimately secured by backup systems.
Process – this refers to the continued establishment of various strategies that are used to enhance exploitation, testing, as well as the maintenance of the existing business continuity plan. Ideally, what this means is the fact that it is important for the business to ensure that they have updated and modified it on a regular basis so as to take into account some of the existing technological and physical threats. To focus on the need of maintaining or achieving the expectations of the business, it is important for the enterprise to come up with means (Arduini, 2010).
- Explain how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved.
As much as the computer security policies have the ability of enabling the user to maintain his or her expectations, it is evident that it has the ability of creating a framework aimed at maintaining robust project management in which the business will be forced to establish guidelines and basic policies that will enhance business continuity. On the same note, it becomes possible for the organization to have the ability of identifying some of the conditions and assumptions that enables the business to recognize some of the existing threats.
In the process of focusing on the progressive prioritization of the daily operations, it becomes possible for the business organization to have the ability of utilizing existing resources for the purpose of enhancing resumptions of operations. This will ultimately have to take into consideration the need of integrating organizational functions in the process of meeting its objectives (Arduini, 2010).
- Determine how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts. Give an example with your response.
According to research, the use of these policies has the ability of maintaining the privacy of the user whenever extra data is need for forensic purpose. Other than making the whole process to be perceived as being resource and time consuming, it should be understood that these platform ultimately provides user data protection through secured deletion, compression, and encryption (Dahbur, 2011)
- Suggest at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts. Describe how these could be implemented.
- The formulation of a framework aimed at maintaining robust project. With this strategy, it means that it will be crucial for the business to ensure that they have ended up developing basic guidelines and policies that will enhance business continuity planning. This will have to take into consideration the need of establishing a business-wide aspect which in return takes into consideration implementing efficient progress control.
- Identification of various conditions and assumptions that business continuity through recognizing as well as identifying some of the potential threats. This will in return scrutinize the frequency of these threats as well as improve some of the strategies that can be used to handle such threats. In so doing, the main focus will have to take into consideration the prioritization of decisive operations (Arduini, 2010).
- Explain the essentials of defining a digital forensics process and provide two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article.
With regard to the impacts that digital forensic has, it is evident that anti-forensics has the effect of circumventing some of the objectives and efforts that enhances protection of personal data. It so doing, it means that it becomes possible for the same strategy to have the ability of defining the foundation, acceptable frameworks, as well as some of the practices which aid in presenting some of the objectives that end up frustrating some of the taunting efforts used. It is these mechanisms that have the potential of improving reliability and credibility. Some of the approaches used to improve recovery time objective (RTO) include;
- a) Categories that are relied on some of the attacked target- with regard to this approach, it means that the general acquisition of the evidentiary information or data is perceived to be a primary objective that is perceived to assist in simplifying RTO through hiding, wiping, or securing personal information. As a result of that, it becomes possible to manipulate some of the existing misleading information, for instance, timestamps, and hashes.
- b) The utilization of CAF tactics verse techniques – As one of the recovery analysis plan, a clear distinction is ultimately made between the definitions of counter-forensics and anti-forensics. Although the two terms can be used interchangeably, counter-forensics ultimately takes into account some of the techniques that can be used for the purpose of controlling erase, crashes, and so on. This in return has the ability of hindering investigators from impacting the improvements of the RTO (Dahbur, 2011)
- Provide a step-by-step process that could be used to develop and sustain an enterprise continuity process.
- a) Formulation of plan or framework that will enhance vigorous project management. In order to make this possible, it is important for the management authority to take the following into consideration;
- Development of basic guidelines and policies that will foster business continuity (BC)
- The establishment of a research business-wide aspect
- The implementation of efficient process control especially those that facilitate project management
- b) Identification of conditions and requirements that will enhance corporate continuity planning in which;
- The identification and recognition of the potential threats as well as analyzing the incidence of these threats as well as identifying certain scenario regarding the same.
- Focusing on the BS which ultimately prioritizes some of the existing critical operations
- Taking into consideration the targeted time which will enhance the formulation of resumptions that takes into account RTO (recovery time objectives)
- c) The introduction various action plans that will have to the take into account;
- The assessment of certain measures that fosters BC (business continuity)
- The acquisition and maintenance of rigorous back-up data
- Determining the availability of some of the managerial infrastructure and resources that are required. This will always take into consideration the need of procuring such resources
- determining some of the strong time obstacles, the means of communicating when it comes to formulating emergency decisions, and contact list. This is to imply that the whole process will involve communication arrangements and decision-making processes
- The realization of the efficient practical operational procedures that can be used by each individual department and level
- d) The implementation of training or test program or programs on a daily basis (Arduini, 2010).
- Describe the role of incident response teams and how these accommodate business continuity.
According to research, the continued success of the business mainly relies on the commitments that top and middle managers have. As a result of that, it implies that one role of the managers entail ensuring that they have avoided regarding BC as one of the costly mechanisms. The reason for that is because business continuity is something that is established through partnering with front line operatives and BCP teams. Likewise, the involvement of CEO is something that is considered to be the key ingredient in rallying BC. On the other hand, it is the responsibility of the response team to ensure that they have recognized the fact that quick response to incidents is the one that will improve the continuity of the business (Arduini, 2010).
- There are several awareness and training efforts that could be adopted in order to prevent anti-forensic efforts.
- Suggest two (2) awareness and training efforts that could assist in preventing anti-forensic efforts.
- a) Encryption – this is one of the techniques that is used for the purpose of making data unreadable. Due to the fact that this is perceived to be a challenging technique, the advancement in encryption algorithms as well as empowered tools are to be applied to the whole hard drive, the selection of partitions, or certain files and directories. During the utilization of this technique, the user is required to have the encryption key to assist in reversing the whole process as well as decrypt the data. On the other hand, brute-force techniques are used to enhance decryption process.
- b) Secure-deletion – with this technique, it becomes possible for the user to completely remove targeted data from the source system/s through using random data to overwrite it. As a result of that, it becomes possible to render the targeted data unrecoverable (Dahbur, 2011)
- Determine how having a knowledgeable workforce could provide a greater level of secure behavior. Provide a rationale with your response.
Having knowledgeable workforce has the potential of ensuring that personal information or data have been protected from unauthorized access. This will have to take into consideration the need of compiling authorized software with signatures, fingerprints, as well as other special recovery keys. This will make it possible for the organization to safe-guard them using proper authorities.
- Outline the steps that could be performed to ensure continuous effectiveness.
- Dedicating enough efforts to recognize and understand ACF
- Defining laws which have the ability of prohibiting unauthorized utilization of ACF
- The utilization of the weaknesses of the ACF software
- The continued hardening of the CF software (Dahbur, 2011)
References
Arduini, F. (2010). Business continuity and the banking industry. Communications of the ACM, 53(3). pp 121-125. Found at the ACM Digital Library.
Dahbur, K. (2011). The anti-forensics challenge. Proceedings from ISWSA '11: International Conference on Intelligent Semantic Web-Services and Applications. From at the ACM Digital Library.