Citation and15 l 1033 this would distribute the costs

This preview shows page 8 - 11 out of 14 pages.

[ CITATION And15 \l 1033 ] This would distribute the costs to the customer all while retainingthe options that would allow us to retain a bigger userbase. This would require us to maintainboth systems that distribute the information. The infrastructure of both companies, with the non-cloud-based systems is very similar. We both have installed a demilitarized zone (DMZ), thatwill make sure that our local systems can be monitored. This would be done separately andsecurely while using different pieces of hardware. Both of the companies use Cisco switches, aIntrusion Protection System (IPS) to monitor the traffic, identifying a preventing intrusions, adomain controller, a SCCM server, the Certificate Authority, and finally a VPN service used forproviding remote connections to employees working online.The infrastructure shown above, demonstrates the complexity of the differentpolicies in place, the WLAN, security measures, and this architecture gives our employees themeans to be successful. There are two different options, to bring the infrastructures together. Oneis to move everything over to a single location, which would help the company consolidateresources. This may be costly in terms of time and effort spent to make sure this is doneInternetFirewallFirewallSwitchVPNSCCM
ACQUISITION REPORT9correctly. Or as an alternative, we could keep a separate infrastructure in place however tying intogether the collaboration, management, and the monitoring of the information systems. If theorganization management and acquisition retain both business models (as discussed above), andbrands, then it would likely make the most sense, to keep separate physical infrastructures, buttie them together with the latter option.Data Protection PlanTo assure that the confidentiality, and integrity of the data on the company cloud-basedand non-cloud infrastructure, it is imperative to examine best practices that need to be put intoplace controls for the security configuration and management. The controls that need to beapplied related to the encryption support required to protect data at rest, and in transit, and in theexecution.The specific controls can be managed by a tool Amazon offers a Key ManagementSystem (KMS). KMS can be used to perform full disk encryption, securing data at rest; anapplication-based encryption or decryption of data, to secure data in execution. It is also notpossible to perform full disk encryption on virtual machines within the AWS virtual system,using Microsoft’s Bitlocker. Originally used the Trusted Platform Module (TPM) which encryptsthe data located on the hard drive. This is because there is no virtual TPM that can be used oremployed by the system. The Windows Data Protection API will be used in conjunction withKMS for device encryption and decryption. For application-based decryption of data, theapplication sends KMS an encrypted copy of the data key, which is decrypted and sent back tothe application; it is then used and deleted after.
ACQUISITION REPORT10

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 14 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
N/A
Tags

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture