Organizations: Preparing for the Worst with Data Center Security - Essay Sample

Introduction

Data Centers security measures need to be taken seriously. Thus despite the organization installing the power backups and cooling systems, it is still far from being ready for the worst. The increasing threat of Data breaches, natural disasters such as earthquakes and sensitivity to other environmental conditions, including temperature, humidity, and dust, are critical issues to be addressed. Therefore, the organization will be fully prepared for the worst if its contingency plan has incorporated supplicated AI programs to manage the cooling infrastructure. Dust buildup is also another serious threat that needs to be addressed and may result in static electricity, clogging of the cooling funs to restrict airflow, causing the more heat and pressure to build up (Sampera). In other words, the organization is not yet ready for the worst.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Preventive Tools and Techniques

Preventive control measures are security measures designed to be implemented before a threat or reduce to avoid the likely occurrence of the danger. Some of the preventive measures that should be implemented included clearly stated policies, and standard procedures on how to access the organization's data from the remote workplaces, install encryption software, as well as install firewalls in all provided devices. Besides, the workers should have unique indemnities to be used when login into the organization network. Put all issued devices to be registered and trackers on them (Sampera).

Information Assurance Monitoring Tools and Methods

Adding the vulnerability scanner output to the organization's dashboard is a necessary step in the identification, monitoring, and management of an information assurance strategy. However, asking the system owner first to correct the most "critical" vulnerabilities is the most prudent plan to minimize risk depending on the availability of resources and the magnitude of the threat resulting from the vulnerability (Virtue and Rainey). As time goes, the other, less critical vulnerabilities can be corrected.

Information Assurance Measures and Metrics

According to Herrmann, there are three major types of security/privacy metrics: Compliance metrics, which measures compliance with current security and privacy regulations and standards of the organization. Resilience metrics that measure the resilience of controls relating to physical safety, personnel security, IT security, and operational security both before and after a product, system, or network is deployed. Lastly, the Return on investment (ROI) metrics: measure the ROI in physical, personnel, IT, and operational security controls to guide capital investment. In this case, therefore, the CISO should propose Resilience metrics (Young).

Business Continuity Management

IT functions in any given organization play a pivotal role in the management of the organization's information. Thus, Information assurance plays a critical role in providing the necessary "backup" plan in restoring the services and operations of the business to continue operating and manage its crisis when faced with a calamity. Lost data may result in the difficulties identifying vulnerabilities, dependencies, priorities, and measures to develop a continuity plan to recover during the crisis and after the disruption.

Backup and Restoration

The organization should make a full inventory of all data to be backed up and determine the most appropriate ways to back it up. In the event of hiring the third party, services for back up, the organization should ensure that the third party is a certified, critical data is backed up daily and more than one backup options and less risky data backed up regularly as well- weekly. Data accessibility should be restricted and only accessed by authorized persons to ensure confidentiality. Backed up data should be accessible in its original and unaltered form by ensuring accountability and accessibility by only authorized persons (Bourgeois and Bourgeois).

Works Cited

Bourgeois, Dave, and David T. Bourgeois. "Chapter 6: Information Systems Security." Information Systems For Business And Beyond. PressBooks, n.d.

Sampera, Ernest. The Server Room Explained and the Importance of Security. 16 August 2019. 06 June 2020. <https://www.vxchnge.com/blog/server-room-security-importance>.

Virtue, Timothy, and Justin Rainey. "Preventive Control: Information Risk Assessment." 2015.

Young, Dr. Bill. CS378: Information Assurance and Security Metrics for AI. Austin: Department of Computer Sciences, University of Texas, 2015.