Meeting CobIT Control Objectives with Microsoft Terminal Services

 

 

 

This article will introduce how Microsoft Terminal Services can help organizations of any size meet regulatory mandates by following the CobIT methodology. The CobIT methodology, which is referenced via the Sarbanes-Oxley legislation, provides 215 control objectives in four high level domains. This article highlights how 52 of the control objectives are meet by using Microsoft Terminal Services and the server based computing model.

 

CobIT is a mature, control framework, first released in 1996 by the Information Systems Audit and Control Association (ISACA). Since its origin its evolved with a second edition in 1998, a third in 2000, and a fourth edition in November 2005. CobIT is maintained by the IT Governance Institute (ITGI) and Information Systems Audit and Control Association (ISACA). ISACA describes CobIT as a "framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks" (ref: ISACA). CobIT has become the de facto standard for auditors and Sarbanes-Oxley compliance, which has significantly increased its visibility and use. CobIT has been widely mapped against the “big three” standards, COSO, ITIL, ISO 17799.

 

CobIT is comprised of six documents. List 1.2 shows the six documents:

 

From a structural perspective CobIT consists of a set of 215 Control Objectives for information technology, intended to enable auditing. The Control Objectives are guidance, in that they describe what should be accomplished.

 

The inherent advantages with Terminal Services in regards to compliance stems from the server based computing model, which allows centralized provisioning, operations and management of the entire Windows application and desktop environment from the data center. Access to information systems is provided by a single piece of client software namely the RDC client, which is hardware and operating system independent. With Terminal Services all of applications and Windows desktops are centrally managed in the datacenter. This also allows centralization of security and reglatory compliance policies such as segregation of duties, authentication and access control, patch management, change management, virus scans, data retention, access and transaction auditing, and business continuity. By leveraging Terminal Services’ centralized management capabilities organizations can simplify access controls and system auditing for employees as well as business partners.

 

Auditing corporate information systems for Sarbanes-Oxley compliance can be an overwhelming task due in part to the lack of a definitave Sarbanes-Oxley compliance road map. Organizations turn to 3^rd party auditors, which tipically uncover deficiencies in the areas of segregation of duties, change control, and strong password policy enforcement.

 

As with information security, compliance is not a one-time event. Ongoing testing of existing controls must occur yearly and modifications will require additional testing and validation. The consensus is that the scope of audits as well as the expectation of controls will continue to increase. 

 

The current emphasis on audits is baseline security as it pertains to access control, identity management, and audit level visibility of user interactions with corporate systems. Subsequent audits will likely explore the need for a stronger identity management supporting non-repudiation of executive signoffs of financial statements and internal approvals of transactions within the scope of Sarbanes-Oxley Act section 302 and 404. 

These next sections will highlight the high-level control objectives that a Terminal Services environment addresses within the 4 high level domains:

Referenced from CobIT 4.0 Audit Points

 

Define and communicate roles and responsibilities for all personnel in the organisation in relation to information systems to allow sufficient authority to exercise the role and responsibility assigned to them. Create role descriptions and update them regularly.

These descriptions delineate both authority and responsibility, include definitions of skills and experience needed in the relevant position, and are suitable for use in performance evaluation. Role descriptions should contain the responsibility for internal control.

Implement a division of roles and responsibilities that reduces the possibility for a single individual to subvert a critical process. Management also makes sure that personnel are performing only authorized duties relevant to their respective jobs and positions.

 

After roles and responsibilities are defined, the systematic enforcement of segregation of duties as they apply to the access to material applications and information may be implemented with a unified identity management system that is integrated with an automated provisioning system that generates the appropriate entitlements. Metadata representing roles and responsibilities should be incorporated into the identity management system. The provisioning and de-provisioning of user accounts and access to on-line content should be driven by real time events (e.g. employee hire or discharge) that trigger the execution of business rules operating off the metadata. These business rules generate the appropriate accounts and entitlements for each particular user.

 

If entitlements are driven by policies implemented in business rules within the provisioning system, a greater sense of control can be assumed since these rules can be tested with a high level of confidence for compliance to stated policies. A business rules based provisioning system eliminates the possibility for human error in the control of provisioning.

 

Terminal Services provides a single point of access to any Windows application or entire Windows desktop enviroment in a secure and controled manner. Unlike traditional access methods such as VPNs, which provide a layer 3 tunnel to resources, Terminal Services controles all access entitlements thorugh a single piece of client software, which is configured via Active Directory policies and centrilized user profiles.

 

Each user profile, containing application and desktop parameters is invoked durring the logon process to a Terminal Services session. When Terminal Services is used as a single entry point to all applications and desktops, a detailed picture of all the entitlements can be extrapolated to test for conflicts related to segregation of duties.

 

Other security benefits are outlined under responses to specific control objectives.

 

In summary, Terminal Services allows the consistent enforcement of controls PO4.6 and PO4.11 in the following ways:

·        Provides a single entry point for users of all financially significant systems on the corporate network.

Referenced from CobIT Audit Points

The use of Terminal Services for access to corporate systems is an approach, which can minimize the risks associated with providing users access to financially significant systems. As described in the response to PO4.6 and PO4.11, the Terminal Services approach reduces the number of connections methods to the corporate network and information systems. Utilizing Terminal Services provides the following security benefits while reducing the complexity of the infrastructure and reducing overall user support costs

·        Audit level visibility and traceability of user behavior;

·        Support for biometric authentication for non-repudiation;

·        Reduced security patch management for desktops and laptops;

·        Centralized deployment of Windows applications and desktops in the data center;

·        Centralized storage of user profiles and data for back up and retention.

 

Inherent in the design of the server based computing model is the simplification of the access infrastructure to support both internal and remote access to corporate resources.

Referenced from CobIT Audit Points

Identify, prioritise, specify and agree business functional and technical requirements covering the full scope of all initiatives required to achieve the expected outcomes of the IT-enabled investment programme. Define the criteria for acceptance of the requirements.

These initiatives should include any changes required to the nature of the enterprise’s business, business processes, people skills and competencies, organisation structure, and the enabling technology.

 

Requirements take into account the business functional needs, the enterprise’s technological direction, performance, cost, reliability, compatibility, auditability, security, availability and continuity, ergonomics, usability, safety and legislation. Establish processes to ensure and manage the integrity, accuracy and currency of business requirements as a basis for control of ongoing system acquisition and development. The business sponsor should own these requirements.

 

Identify, document and analyse risks associated with the business processes as part of the organisation’s process for the development of requirements. Risks include threats to data integrity, security, availability, privacy, and compliance with laws and regulations.

Required internal control measures and audit trails should be identified as part of these requirements.

Terminal Services by design, simplifies access to information systems used by users, while increasing security. Terminal Services also contributes to reduced costs in security by the consolidation of client applications from edge PCs to the datacenter. Terminal Services reduces the cost of access, security, and desktop support in the following ways:

·        Terminal Services provides a single application running on the client hardware to access all corporate resources, eliminating the need to provision legacy client applications on the desktop, thereby reducing desktop software management costs.

·        Since client applications are provisioned and run from a datacenter: updates and security patches can be deployed centrally, rather than pushed to PCs, thereby reducing bandwidth costs and desktop management resources.

·        Requirements to upgrade PCs to the newest hardware platform, operating system, or minimum memory to run the latest client or security/access applications can be deferred since these upgrades can be made at the data center. Multiple users can share the resources of a single server running the client application, thereby allowing the deferment of field costs for hardware upgrades, application provisioning and testing, and offering the organization a much better TCO and the ability to control the timing of these costs.

·        Client application and user data is stored in the data center, where backups are more easily executed thereby reducing the cost of backup and recovery and mitigating the risks associated with data loss.

·        Web browser applications as well as mail clients, which represent the greatest security risk for viruses, Trojan horses, and Spyware are provisioned in the data center; where security applications such as virus scanners can be run on a regular basis, ensuring those programs are clean and reducing the risk of an infection and the cost of recovering systems and data at client workstations and desktops.

·        New applications or upgrades are provisioned, installed and tested in the data center on known, standardized server configurations, thereby eliminating the number of permutations and security liabilities requiring testing and verification for client workstations and desktops.

Referenced from CobIT Audit Points

Ensure that business controls are properly translated into application controls such that processing is accurate, complete, timely, authorised and auditable. Issues to consider especially are authorisation mechanisms, information integrity, access control, backup and design of audit trails.

Address application security and availability requirements in response to identified risks, in line with data classification, the organisation’s information security architecture and risk profile. Issues to consider include access rights and privilege management, protection of sensitive information at all stages, authentication and transaction integrity, and automatic recovery.

Not all applications, especially legacy applications, that might be considered financially significant under Sarbanes-Oxley, have the necessary application controls to enforce Segregation of Duties. By accessing these applications through Terminal Services, user access can be regulated through an authentication and authorization system as described in the response to PO4.6 and P04.11. Further control over the user actions with the information presented in the application can be implemented as follows:

Referenced from CobIT Audit Points

Produce a plan for the acquisition, implementation and maintenance of the technological infrastructure that meets established business functional and technical requirements and is in accord with the organisation’s technology direction. The plan should consider future flexibility for capacity additions, transition costs, technical risks and the lifetime of the investment for technology upgrades. Assess the complexity costs and the commercial viability of the vendor and product when adding new technical capability.

Implement internal control, security and auditability measures during configuration, integration and maintenance of hardware and infrastructural software to protect resources and ensure availability and integrity. Responsibilities for using sensitive infrastructure components should be clearly defined and understood by those who develop and integrate infrastructure components. Their use should be monitored and evaluated.

Develop a strategy and plan for infrastructure maintenance and ensure that changes are controlled in line with the organisation’s change management procedure. Include periodic review against business needs, patch management and upgrade strategies, risks, vulnerabilities assessment and security requirements.

Set up formal change management procedures to handle in a standardised manner all requests (including maintenance and patches) for changes to applications, procedures, processes, system and service parameters, and the underlying platforms.

Establish an implementation plan and obtain approval from relevant parties. The plan defines release design, build of release packages, rollout procedures/installation, incident handling, distribution controls (including tools), storage of software, review of the release and documentation of changes. The plan should also include fallback/backout arrangements.

 

As defined in the response to sections PO4.6 and PO4.11, Terminal Services can simplify the enforcement of Segregation of Duties for the development lifecycle. The appropriate entitlements for a developer vs. a production user can be implemented as part of a Terminal Services user profile. Potential conflicts with roles and responsibilities can be immediately determined by inspection of user profiles and the Active Directory database. Developers may be provisioned with read only access vs. write access to certain systems. 

 

Terminal Services also provides the capability for developers to shadow a production user in a support mode, thereby allowing a developer to assist a legitimate user of a material system with debugging or completing a business transaction without requiring the developer to have a production account.

 

All actions performed by a user accessing a system via Terminal Services may be logged for later auditing. Since all systems are accessed via Terminal Servicess, all activity while logged on Terminal Servicess is written to the Windows security logs. 

Referenced from CobIT Audit Points

Train the staff of the affected user departments and the operations group of the IT function in accordance with the defined training and implementation plan and associated materials, as part of every information systems development, implementation or modification project.

Terminal Services provides collaboration capabilities for group presentations and labs allowing multiple IT support personnel from remote locations to participate in distance learning activities via Terminal Services session sharing.

 

Referenced from CobIT Audit Points

Automate the system used to monitor changes to application systems to support the recording and tracking of changes made to applications, procedures, processes, system and service parameters, and the underlying platforms.

Terminal Services can simplify the enforcement of Segregation of Duties for the development lifecycle. The appropriate entitlements for a developer vs. a production user can be implemented as part of the user account profile in Active Directory. Potential conflicts with roles and responsibilities can be immediately determined by inspection of Active Directory Group Policy. Developers may be provisioned with read only access vs. write access to certain systems. 

 

Active Directory also provides the capability for developers to shadow a production user in a support mode, thereby allowing a developer to assist a legitimate user of a material system with debugging or completing a business transaction without requiring the developer to have a production account.

 

All actions performed by a user accessing a system via Terminal Services may be logged for later auditing. Since all systems are accessed via Terminal Servicess, all activity while logged on Terminal Servicess is written to the Windows security logs. 

 

Referenced from CobIT Audit Points

Whenever system changes are implemented, update the associated system and user documentation and procedures accordingly. Establish a review process to ensure complete implementation of changes.

Ensure that the release of software is governed by formal procedures ensuring sign-off, packaging, regression testing, distribution, handover, status tracking, backout procedures and user notification.

Establish control procedures to ensure timely and correct distribution and update of approved configuration items. This involves integrity controls; segregation of duties among those who build, test and operate; and adequate audit trails of all actions.

Since applications and desktops are centrally managed on Terminal Servers in the data center, updates and patches management is greatly simplified in contrast to a distributed computing model where applications are managed on each PC that may be geographically disparate. Terminal Services addresses a significant challenge in managing desktop applications where client machines are unmanaged. Terminal Services eliminates the risk of updating PCs that may be off-line, or PCs with faulty software distribution clients, or users that simply refuse to run updates.

 

Since the desktop applications are deployed in the data center, a complete enterprise application can be refreshed with an update in a matter of hours. An IT organization can be assured with 100% compliance in a specified timeframe since all desktop applications are within their physical control.

Referenced from CobIT Audit Points

Focus attention on items specified as most critical in the IT continuity plan to build in resilience and establish priorities in recovery situations. Avoid the distraction of recovering less critical items and ensure response and recovery in line with prioritised business needs, while ensuring that costs are kept at an acceptable level and complying with regulatory and contractual requirements. Consider resilience, response and recovery requirements for different tiers, e.g., one to four hours, four to 24 hours, more than 24 hours and critical business operational periods.

Plan the actions to be taken for the period when IT is recovering and resuming services. This may include activation of backup sites, initiation of alternative processing, customer and stakeholder communication, resumption procedures, etc. Ensure the business understands IT recovery times and the necessary technology investments to support business recovery and resumption needs.

 

Store offsite all critical backup media, documentation and other IT resources necessary for IT recovery and business continuity plans. Content of backup storage needs to be determined in collaboration between business process owners and IT personnel. Management of the offsite storage facility should respond to the data classification policy and the enterprise’s media storage practices. IT management should ensure that offsite arrangements are periodically assessed, at least annually, for content, environmental protection and security. Ensure compatibility of hardware and software to restore archived data and periodically test and refresh archived data.

 

Terminal Servicess enhances disaster recovery by seamlessly providing services from the backup data center without requiring application reconfiguration. If the primary data center is down, users will still have access to all applications remotely. Users can still access their mail, desktop productivity tools, and corporate applications remotely (outside of the facility) from any available terminal securely with satisfactory performance.

 

Since desktop applications are installed centrally in a data center (assuming the datacenter has redundancy as well), all user data is also stored in the data center storage facilities, thereby ensuring that home folders, etc. are also backed up and accessible when necessary.

 

Terminal Servicess goes beyond just data backup of corporate information by providing the business with Terminal Services delivered desktops that are not physically tied to a particular location.

Referenced from CobIT Audit Points

All users (internal, external and temporary) and their activity on IT systems (business application, system operation, development and maintenance) should be uniquely identifiable. User access rights to systems and data should be in line with defined and documented business needs and job requirements. User access rights are requested by user management, approved by system owner and implemented by the security-responsible person. User identities and access rights are maintained in a central repository. Cost-effective technical and procedural measures are deployed and kept current to establish user identification, implement authentication and enforce access rights.

Not all N-tier web applications might be considered material under Sarbanes-Oxley, have the necessary application controls. By controlling access to these applications via Terminal Services, user access can be regulated through an authentication and authorization system as described in the response to control objectives PO4.4, PO4.10 and DS5.2. Further control over the user actions with the information presented in the application can be implemented as follows:

 

Referenced from CobIT Audit Points

Ensure that requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges are addressed by user account management. An approval procedure outlining the data or system owner granting the access privileges should be included. These procedures should apply for all users, including administrators (privileged users), internal and external users, for normal and emergency cases. Rights and obligations relative to access to enterprise systems and information are contractually arranged for all types of users. Perform regular management review of all accounts and related privileges.

Ensure that IT security implementation is tested and monitored proactively. IT security should be reaccredited periodically to ensure the approved security level is maintained. A logging and monitoring function enables the early detection of unusual or abnormal activities that may need to be addressed. Access to the logging information is in line with business requirements in terms of access rights and retention requirements.

After procedures are defined, the systematic provisioning of resources may be implemented with a unified identity management system that is integrated with an automated provisioning system that generates the appropriate accounts. The provisioning and de-provisioning of user accounts and access to on-line content should be driven by real time events (e.g. employee hire or discharge) from the system of record i.e. HR application.

 

Terminal Services provides a single point of access to legacy applications, web-based applications and on-line content in a secure manner. Unlike traditional access methods such as a VPN which provieds a layer 3 tunnel to resources, Terminal Services unifies the access of all entitlements to Windows applications and desktops configured via Active Directory for each user.

 

Each user profile, which contains the listing of application and desktop parameters, is invoked at the time of log-in to the Terminal Services session. If Terminal Services is used as the single entry point for corporate systems, a complete picture of all entitlements may be extracted in the profile to inspect for conflict in duties.

 

In summary, Terminal Services enables the consistent enforcement of controls in the following ways:

 

Since Terminal Services offers a single point of access to the corporate systems, all users actions while on-line can be logged and tied to the Windows credentials for auditing purposes. Applications that require a higher degree of scrutiny can be isolated to their own application silo, and the auditing controls can be turned up to the highest resolution without affecting the performance of the other applications.

 

Referenced from CobIT Audit Points

Ensure that preventive, detective and corrective measures are in place (especially up-to-date security patches and virus control) across the organisation to protect information systems and technology from malware (viruses, worms, spyware, spam, internally developed fraudulent software, etc.).

Terminal Services deploys applications within the data center which makes it simpler and more cost effective to enforce security patches to applications that provide a point of infection such as mail, web browsers, and instant messaging. Terminal Services with Active Directory provides a means to proactively implement preventive measures to applications which are in the physical control of the IT staff. This level of control cannot be duplicated with applications that are run on client machines in remote locations.

 

If a client application is infected in the datacenter with a virus, the affected server can be diagnosed, quarantined, re-imaged, and redeployed in a short timeframe. Users can be directed to a backup server in the meantime.

 

The IT staff can also manage control of the configuration for client application centrally. As an example, a web browser deployed in the datacenter can prohibit access to certain web sites considered to be at risk for suspected downloads. Downloading and installation of web plug-ins such as toolbars, chat programs that may incorporate Trojan horses or Spyware can be prevented since administrative rights for the application environment are maintained by the IT staff. Web browsers may also be configured in a “Kiosk” mode, which will only allow users to view content, and hide the toolbar.

 

If the client machine used to access the corporate network is infected with a virus, Trojan horse, or Spyware, the risk to the corporate network is minimized for the following reasons:

 

·        The access method supported by Terminal Services vs. VPN IPSec, thereby preventing the bridging of networks, and the likelihood that a rogue application can access or replicate itself in the network.

·        The infected applications, i.e. web browser, instant messaging or chat application are not used to connect with the corporate servers. The RDP client, which is on the terminal, communicates with the corporate applications directly, thereby isolating the infected applications from the corporate network.

·        Although keyboard keystrokes on the client machine can be recorded by a Spyware program, the traffic back from the server is bitmapped graphics, which are more difficult to record, store or transmit without detection.

 

Terminal Services provides a degree of isolation between applications since client applications can be deployed in the datacenter on separate servers. If one application is down because of a virus attack such as mail, other applications such as business intelligence can continue to be used.

 

Referenced from CobIT Audit Points

Ensure that security techniques and related management procedures (e.g., firewalls, security appliances, network segmentation and intrusion detection) are used to authorise access and control information flows from and to networks.

The applications deployed in a Terminal Services environment minimize the need for open ports in the firewall, thereby eliminating multiple entry points for hacking into the network. Terminal Services utilizes one port 3389 for RDP traffic. Traditional client/server applications require a variety of ports as listed below. Maintaining a small list ports for all application access greatly simplifies the management of firewalls.

 

Application	Port Requirements
MS Outlook/Exchange	135 (RPC), 102 (X.400), 110 (POP3), 119 (NNTP), 143 (IMAP4), 389 (LDAP)…
MS NetMeeting	389 (ILS), 522 (ULP), 1503 (T.120), 1720 (H.323)…
Instant Messaging	5050 (outbound TCP), 5101 (inbound TCP)…
SQL Server Applications	1433, 139
Terminal Emulator	23 (Telnet)
Web Apps	80 (Web), 443 (SSL)
RDP/Terminal Services	3389

 

Referenced from CobIT Audit Points

Ensure sensitive transaction data are exchanged only over a trusted path or medium with controls to provide authenticity of content, proof of submission, proof of receipt and non-repudiation of origin.

Terminal Services’ Windows logon process can utilize additional multi-factor authentication platforms such as smart cards and biometric validation to provide for the digital signing and non-repudiation of transactions. Biometric validation can be performed at the time of log-on, or at the time of execution of the transaction. 

 

Microsoft’ products currently are integrated with third party offerings which are non-hardware biometric verification products. The combined offering provides the capability to perform strong authentication with keyboard stroke patterns, thereby eliminating the need to acquire, install, and maintain another peripheral device, allowing strong authentication to an individual for the purposes of transaction non-repudiation from any available client machine.

 

Terminal Services can transmit and receive information over a network between the terminal and the server utilizing 128-bit encryption. Information that is transmitted to the client is in compressed, encrypted bit maps providing an additional level of obfuscation, making it much more difficult to extract data surreptitiously captured during transmission.

 

Additionally, since the client application is executing at the data center, no information is cached at the client machine, thereby reducing the risk of proprietary information residing in a non-secured machine after the end of a user session.

 

Referenced from CobIT Audit Points

Capture and allocate actual costs according to the defined cost model. Variances between forecasts and actual costs should be analysed and reported on, in compliance with the enterprise’s financial measurement systems.

Based on the service definition, define a cost model that includes direct, indirect and overhead costs of services and supports the calculation of chargeback rates per service. The cost model should be in line with the enterprise’s cost accounting procedures. The

IT cost model should ensure that the charging for services is identifiable, measurable and predictable by users to encourage proper use of resources. User management should be able to verify actual usage and charging of services.

Regularly review and benchmark the appropriateness of the cost/recharge model to maintain its relevance and appropriateness to the evolving business and IT activities.

Since a Terminal Services provides for the centralized hosting and deployment of desktop applications, usage of these applications can be centrally provisioned and monitored on a per user basis. Terminal Services can log the frequency, duration, and amount of corporate resources utilized by each user.

 

Terminal Services allows a company to implement a “utility billing” infrastructure where baseline applications (email, HR internal web site, disk storage) are provided at a fixed monthly cost, with other entitlements (ERP access, analytics and financial applications) available at incremental costs. Other resources such as disk space, printing, external web use, etc. can be billed on a per use basis, thereby encouraging each line of business to conserve and optimize their use of these resources.

Referenced from CobIT Audit Points

Establish a service desk function, which is the user interface with IT, to register, communicate, dispatch and analyse all calls, reported incidents, service requests and information demands. There should be monitoring and escalation procedures based on agreed-upon service levels relative to the appropriate SLA that allow classification and prioritisation of any reported issue as an incident, service request or information request. Measure end users’ satisfaction with the quality of the service desk and IT services.

Terminal Services provides a collaboration offering allowing help desk individuals to view user desktops remotely and observe the problem directly. Terminal Services can perform remote control of both internal workstations and external workstations without any client/server configuration. The capability to also record a “shadowing” session allows the problem to be documented completely and shared with problem management personnel.

Referenced from CobIT Audit Points

Establish a central repository to contain all relevant information on configuration items. This repository includes hardware, application software, middleware, parameters, documentation, procedures and tools for operating, accessing and using the systems and services. Relevant information to consider is naming, version numbers and licensing details. A baseline of configuration items should be kept for every system and service as a checkpoint to which to return after changes.

 

Since a Terminal Services provides for the centralized hosting and deployment of desktop applications, these applications can be centrally provisioned and maintained. This includes rollback functionality for recovery after a deployment and eases any user acceptance testing, by allowing the real users of the application to perform any tests very easily.

 

For applications that do not have built-in license management, Terminal Services can ensure that the application can only be run equal to the number of licenses the company has obtained.

 

Referenced from CobIT Audit Points

Review and verify on a regular basis, using, where necessary, appropriate tools, the status of configuration items to confirm the integrity of the current and historical configuration data and to compare against the actual situation. Review periodically against the policy for software usage the existence of any personal or unlicensed software or any software instances in excess of current license agreements. Errors and deviations should be reported, acted on and corrected.

Since Terminal Services deploys applications and dektops from a data center, user machines can be completely locked down, or configured to prevent unauthorized software from being installed. Newly approved applications can be provisioned within the data center, eliminating the need to install the applications locally. Users never have a requirement for administrator rights to install or update their local machines. Administrator rights which can be used for personal software installation or other unauthorized activities can be restricted.

 

If a user installs local software which may be a security risk, the impact to the corporate information systems is minimized since the Terminal Services client used to access corporate systems is in effect isolated from these non-compliant applications.

 

Referenced from CobIT Audit Points

Define and implement procedures to prevent access to sensitive data and software from equipment or media when they are disposed of or transferred to another use. Such procedures should ensure that data marked as deleted or to be disposed cannot be retrieved.

Since user data that is usually stored on the local drive of the client machine can now be hosted in the data center, there is less likelihood that proprietary or confidential information would reside on a desktop or laptop.

 

Referenced from CobIT Audit Points

Define and implement procedures for data storage and archival, so data remain accessible and usable. The procedures should consider retrieval requirements, cost-effectiveness, continued integrity and security requirements. Establish storage and retention arrangements to satisfy legal, regulatory and business requirements for documents, data, archives, programmes, reports and messages (incoming and outgoing) as well as the data (keys, certificates) used for their encryption and authentication.

 

Define and implement procedures for backup and restoration of systems, data and documentation in line with business requirements and the continuity plan. Verify compliance with the backup procedures, and verify the ability to and time required for successful and complete restoration. Test backup media and the restoration process.

Since user files such as PST files for mail, user documents, etc. are hosted in the data center, it is much easier to execute a backup and retention program. This simplifies the management of security and compliance issues for desktop and laptop users.

Evaluate the completeness and effectiveness of management’s internal controls over IT processes, policies and contracts through a continuing programme of self-assessment.

Terminal Services centralizes the access, maintenance, management and monitoring of applications and desktops within the corporate facilities, as well as laptops used to connect to corporate applications remotely. User profiles that determine which applications are accessed and can be integrated to a unified identity management system. Desktop applications may be deployed, patched and upgraded on centrally located data center servers. Terminal Services with Windows infrastructure provides a comprehensive monitoring and management interface for the Terminal Services environment, which allows for a snapshot audit of all user entitlements as well as a log for all user actions.