Data Security
The adoption of the data security and policy assurance approaches are crucial in improving the overall success of IT and corporate data security. People have significant roles in promoting resource allocation towards business continuity. Different individuals usually take part in the diverse activities in the organization. People also have the knowledge and skills to allocate resources to the various elements of the business continuity plan. Most importantly, individuals help in developing necessary programs towards enhancing business continuity. The various processes in the organization are necessary in supporting the adoption of business continuity plan (Bajgoric, 2014). The processes help in recognizing the need of integrating the operations of the company to the plan. In spite of all, technology plays key roles in improving the efficiency and effectiveness of the procedures and processes adopted in the organization.
The computer security and data retention policies are effective in maintaining the user expectations of business continuity. The policies give the users an assurance of strong internal control systems as well as proper security controls. The controls are relevant in improving the nature of business continuity (Dahbur & Mohammad, 2011). The policies usually provide practical strategies towards preventing any data breach, which raises the level of business continuity expectations.
The acceptable use policies, remote access and email policies are responsible for controlling and monitoring the activities of individuals relating to network events. Such policies are crucial in tackling security, diagnostic and account aspects. They also indicate strict guidelines and recommendations towards enhancing data protection (Arduini & Morabito, 2010). This makes them effective in minimizing any anti forensic efforts by individuals or external firms. The policies also require the employees to understand the conditions and responsibility of any internal and external policies. The understanding of the conditions and responsibility limits the activities of the antiforensic efforts. For example, computing services employee in a Banking firm would be required to work with the provided email policies and regulations. This helps in countering any form of deceptive attacks towards the company information systems.
Models on Business Continuity
Various models could be useful in promoting business continuity as well as enhancing the integrity of corporate forensic efforts. First, the business continuity maturity model is relevant in developing sustainable BC programs. This forms part of the business continuity process in forcing the compliance with set standards. The aspects of compliance to standards enhance the integrity of corporate integrity efforts in the organization. Second, the business continuity management (BCM) facilitates risk mitigation, contingency processes, and business continuity efforts. This is crucial in improving the overall ability of the company to enhance business continuity (Bajgoric, 2014). The model’s audit assessments segments helps in improving the integrity of corporate efforts in the company. Another significant model is BCM governance models that promote the responsibility and accountability of the workforce.
Steps in an Enterprise Continuity Process
The enterprise continuity process identifies the various efforts relevant in maintaining business operations caused by malicious attacks from the internet. An enterprise continuity process is responsible for outlining the relevant procedures and instructions to be followed in the event of an information security breach. Several steps could be used in outlining the nature of the enterprise continuity process. First, the identification of the scope of the plan is necessary in determining the extent and ability of organization handling any security breaches. This helps in assessing and evaluating the ability of the organization to tackle any emergency cases. Second, key business areas must be identified to prevent them from any vulnerabilities or potential losses. Third, the identification of critical functions of the company is necessary for effective control and management of the company. The next step is to determine the dependencies between the business areas and the functions (Dahbur & Mohammad, 2011). The examination of the two variables helps in planning for any issues limiting the immediate continuity of the enterprise after a security breach. Finally, an enterprise continuity process must develop a plan for maintaining and supporting the business operations. The steps incorporate tools of risk assessment, management and monitoring to avoid any disruption to the enterprise operations.
Role of Incident Response Team
Incident response teams have significant roles in receiving reports of security breaches, conducting effective analysis of the reports and response to the security breach issues. The incident response teams also assume the role of assembling, maintaining, and deploying of the computer incident response (CIT) strategies. This seeks to minimize the damages to the company’s finances, hardware and software caused by the particular incident. The control and management of the damages occurring to the various company units promotes business continuity. Since, the team is able to track down the persons involved in the incident preventing further incidents.
In addition, the team is responsible for hardening the software and other infrastructures reducing future cases of incidents. Most importantly, the incident response team members are well trained on the operations and nature of information security programs. This helps them in understanding the nature of the modifications and enhancements to be made to the security systems in the varied organizations (Bajgoric, 2014). After the occurrence of an incident, the team members are required to track and document any event occurring during the assessment period. The team members also assist the managers in tackling the efforts of tackling the incident breach concerns. They also outline the frameworks of identifying the incident response severity levels. This involves determining the level of business impact and the efforts of the resolutions needed for the certain incident. The incident response team is tasked with the role of collecting and assessing the nature of information collected.
Awareness and Training Efforts to prevent Anti forensic Efforts
The aim of the anti-forensic efforts is to prevent the execution of proper forensic investigation. They seek to reduce any forms of digital evidence that could be used for security reasons. The anti forensic efforts may involve the overwriting of data and information that may be both legitimate or the tools may be abused. They might also include data deletion and prevention of data creation. Such efforts are appropriate in preventing the attack of the data by unauthorized persons. Other anti forensic efforts include the use of forensic tools blind spots and tool vulnerabilities. The anti forensic techniques places the information systems at a very high risk in terms of data integrity.
Two awareness and training efforts could be used in preventing anti-forensic efforts. They include the acquisition of the digital evidence and the baseline training of the computer users and IT managers. First, the acquisition of evidence seeks to accumulate digital evident for future reference. This helps in creating significant awareness on the organization on the ways of collecting significant information. Such information is later provided for forensics investigation. However, the approach should be able to collect adequate digital evidence from the different sources including sources and routers. Using the baseline training, the IT managers and users would be able to summarize any anti-forensics events that might have occurred.
Second, baseline training of the workforce is influential in preventing the anti – forensics activities. The baseline training educates the workforce on the application of machine learning approaches to learning the various behaviors of past historical data. Most importantly, the training is keen to introduce data fusion based tools as the most effective forensics approaches. The baseline tools and techniques are relevant in identifying the nature of computer forensics investigations. The two approaches are crucial in improving the awareness and the training of the workforces towards preventing anti–forensic efforts (Dahbur & Mohammad, 2011). Having knowledgeable workforce is helpful in enhancing secure behaviors in the organization. Since, the knowledgeable employees have a full understanding on the nature of data vulnerabilities and the ways of handling any data breaches.
There are various steps that could be used in enhancing continuous effectiveness of the preventing the anti-forensics efforts. The first step is to identify and understand any potential data vulnerabilities. This helps in setting up relevant security plan to control the damage of data and information. Second, the company should continually train its employees on issues related to cyber security. Third, it is important to secure digital and non -digital data in the organization’s structures. Next, it is necessary to develop contingency plan for minimizing any form of data breach and loss. Finally, the company should only keep data needed for use in the near future (Arduini & Morabito, 2010). This helps in preventing any potential anti–forensics efforts in the company and thus, enhancing data security.
References
Arduini, F., & Morabito, V. (2010). Business continuity and the banking industry. Communications of the ACM, 53(3), 121-125.
Bajgoric, N. (2014). Business continuity in e-business era: systemic framework for research directions. International Journal of Business Continuity and Risk Management, 5(2), 129-146.
Dahbur, K., & Mohammad, B. (2011, April). The anti-forensics challenge. In Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications (p. 14). ACM.