Business Regulatory Requirements And Corporate Security Policy

1869 WordsApr 3, 20178 Pages
Business regulatory requirements and corporate security policy require the protection of non-public information, typically known as PII, PHI and sensitive corporate data. A class of users called the remote users, access the PII, PHI and sensitive corporate data as part of their normal job functions. Accessing the information is accomplished via full network vpn to the corporate data center. During the regular use of business applications, PII, PHI or sensitive corporate data could end up on a remote workstation. Any PII or PHI found on a remote computer unencrypted is a violation of regulations. Also, sensitive corporate data which could be harvested off of compromised remote computers could unknowing harm the organization. Since all…show more content…
By using client authentication only authorized remote devices will have the ability to access the business applications. This will be coupled with the existing multifactor authentication system for gaining access to the user applications. Defense of the Solution Remote user computing has become a normal part of the business computing environment. Based on corporate goals and initiatives for business growth, the remote user computing based is expected to grow. The risk of a data breach either by loss of a physical asset or by compromised end user devices accessing the corporate network via vpn will continue to increase with the growth. The ability to address this risk provides benefits in multiple ways. As the remote computing environment grows, under the current technical implementations, the infrastructure support needs will continue to increase and the risk of a data breach will continue to grow as more devices will be exposed to those threats. Addressing this issue and reducing the risk provides multiple benefits. This will allow the remote user computing base to increase without the need to increase support staff. The risk associated with a data breach in the remote computing environment will be substantially reduced, even with an increase in the number of remote users. The challenge in this project is in reducing the risk associated with the remote
Open Document