The growth and explosion of the internet has led to a global market place. Companies can sell products all over the world and never have to leave the bounds of their physically secure location. With this move to a global economy we see an increase in security threats to organizations, individuals and agencies. All these models must have an information system to process, store, and retrieve information for their internal stakeholders, customers, and external users. Information systems have inherent risks and vulnerabilities to attacks from internal users, external customers, hackers and criminals. Organizations must have a robust security program in place to meet these attacks and be proactive in their security stance.
Your group has the responsibility of creating a robust security policy that covers all the needs of the organization. The security policy identifies administrative, physical, and technical controls that must be in place to identify security risks and develop mitigation strategies to minimize the effects of these risks. You will evaluate the IT infrastructure of Solomon Enterprises and its global business model.
Solomon Enterprises employees 500 people in five different locations throughout the domestic United States. Solomon Enterprises generates $200 million in annual revenue through its business model so they would be a huge target for hackers or criminals. Their business products can be purchased through an online web site. They have one central database/data center located in West Virginia and regional offices in Florida, Texas, Arizona, Montana, and Missouri. Customers, clients, and users have access via the Internet throughout the world. The company has a disaster recovery site located in Billings, Montana. Solomon Enterprises users can work remotely or within one of the regional offices. They have a VPN connection that ensures that their connection is encrypted. The central data center has a firewall and each regional office has a firewall to monitor traffic and keep unauthorized access from the facility. They have company issues devices located within the office and laptops that can be taken for remote access. All these devices are running Windows XP and their server is running Windows 2003.