Professional Documents
Culture Documents
1
https://www.checkpoint.com/press/2018/faxploit-new-check-point-research-reveals-criminals-can-target-
company-private-fax-machines-take-networks-spread-malware/
2
'Felt so violated:' Milwaukee couple warns hackers are outsmarting smart homes (fox6now.com)
- Apply better permissions rules
Disaster Recovery Solution:
- Shut off system immediately after breach, make full audit on device logs
- Prepare backup server if IoT device have a back end
- Have a built in battery in case of battery fail
The importance of having a disaster recovery solution:
- Ensure Availability of the resource
- Decrease the risk of device complete failure which lead to non-functional
system
Hùng:
The importance of having a disaster recovery solution:
- Minimize damage and losses.
- Minimize duration of corruption.
- Continue critical business operations.
- Have plans for each stages of Disaster/Corruption: Pre-disaster, During
disaster, Post-disaster.
Case example for BIA policy creation: Aircraft accident
- We can not know when an aircraft could be trouble. So we have to apply BIA
to analyze all the threats, vulnerabilities especially in IT infrastructure could
harm the system or aircraft that can cause accident. Also, BIA have us know
what processes are the most important in case an accident occurs.
Long:
The importance of having a disaster recovery solution:
- Ensure Availability of the resource.
- Decrease the risk of device complete failure which lead to non-functional
system.
BIA Case:
- Codes Spaces Incidence3, this incidence had proven that, loss of production
data with backup has lead this company to dust. This company hasn’t take
any measurement to make backup data at somewhere else safe instead it
keeps all data on one service provider Amazon. So, what we can conclude
from this is. Because of improper Business Impact Analysis were made, they
cannot foresee the risk of losing all production data so the Disaster Recovery
Plan didn’t cover this case which lead to this disastrous event.
Phước:
Reason why policies are a requirement for BCP and DRP:
- Determine what went wrong so the problems can be addressed.
- Created and enforced at the organization's discretion, following its industry
and compliance requirements.
- To minimize data loss and restore normal business operations within the
shortest possible time.
- Drastically reduce restore times on the basis of your needs, which would be
completely impossible without using a Disaster Recovery Plans.
- Limit the losses not only in terms of revenues, but even related to, for
example, costs for possible damage caused by downtime and management
or technical assistance expenditure.
Example: Currently, to serve production and business, businesses and
organizations often build their own data centers (Data centers), server rooms
(Server rooms) with configured hardware infrastructure. Powerful, accompanied
by internal backup systems to ensure data safety, improve availability for all
activities of organizations and businesses. However, these systems will become
ineffective when businesses or organizations encounter major disasters that
affect the entire building or geographical area. This is the reason why should we
have Data Recovery Plans.
3
Code Spaces forced to close its doors after security incident | CSO Online
Assignment 7
Course Name: IAP302
Instructor Name: Hồ Hải
Lab Due Date: 29/6/2021
I.T. Department staff will not login I.T Linux, UNIX Using Prevent
as root on to UNIX, Linux systems, Departmen System System unauthorized user
but will use the su command to t access vulnerability
obtain root privileges of Linux system
Personnel must not store any Personnel Medical Storing HIPAA Compliance
Medical Record on private device Record Medical
Record