Case Study: Bright Picture Solutions, Inc.
Essence of the Case
Here are the essential elements in this case:
Secure the corporate environment using a set of firewalls.
Set up a DMZ segment and place publicly accessible servers and services in that segment.
Secure customer communications using any of the means discussed in Chapter 2. (This can include using public encryption algorithms and digital certificates for authentication purposes.)
Plan, test, and implement a disaster recovery procedure, including tape backups.
Ensure that the information stored on the backup tapes in-house and offsite is accessible only to authorized and cleared personnel, and ensure that security guidelines are honored.
Secure the server room and communication patch panels, and implement user policies that would mandate server-side information storage.
Bright Picture Solutions, Inc. (BPS) is in the printing and publishing business. The company has several branches across the United States and offices in Canada, the UK, Germany, Hong Kong, Japan, and Australia. It serves retail customers through many specialty shop locations in major cities in these countries, and it deals with a large number of wholesale customers through the Internet and wholesale printing and pickup outlets. Publishers can submit their work requirements and content through the Internet and pick it up or have it delivered. The company has experienced a fair amount of growth and expects continued growth as well.
BPS wants to achieve several objectives. First, it wants to ensure that its IT infrastructure is secured from Internet-based incursions. Second, the company wants to secure data feed transfers between its clients, partners, and the company. Third, the company wants to ensure business continuity in the event of a disaster by designing a comprehensive disaster recovery plan. This plan must also ensure that customer information and publishing materials will not be lost in the event of a system outage.
The process should begin with the company creating a secure network infrastructure. On the local LAN and in the DMZ, private address ranges should be used to reduce the risk of direct communication between potential intruders and the DMZ systems, bypassing firewall and NAT devices.
All servers accessible to the public will go into the DMZ, and communications between these hosts and outside systems will be tightly screened by the firewalls. Communication encryption should be configured between the clients and partners of the company according to the policy.
Partners need access to certain systems located in the DMZ, and they need more privileges and services made accessible than retail customers who might use the Web servers. This access effectively translates into an extranet concept, so in effect, the company will be implementing extranet functionality in the DMZ segment.
A disaster recovery solution must be implemented to ensure that no single point of failure exists and that the customer submissions and information databases are recoverable in case of a catastrophic failure. Tape backups should be planned to rotate on a weekly or bi-weekly basis, and archive tapes should be sent offsite for safe storage twice per month.
All server equipment must be locked down in a secure, ventilated, and humidified server room. The same requirements apply to cabling racks, patch panels, and network infrastructure equipment such as distribution and core switches and routers.