Share
Report
7Dear Forum - I have a requirement - to archived the historical data for 7 years due to statutory requirement
The requirement from the Business is to have a Data Readable (“READ-ONLY”)+ metadata ( “AS-IS) legacy in the Azure by archiving the solution.
I have proposed options as follow – >>Provisioning 2 x new VM (eV4.3 App server & SQL on VM == OS(2019); SQL (2019)) + accessing either through the Azure Virtual desktop or Citrix ((A)“Source --- > AS-IS Legacy” (B) “Target -- >> Azure CLOUD”) + all hardened with internal firewalls + monitoring tools AND no exposure to internet. & Private endpoint.
To mitigate the “high risk” this is the Security Solution i proposed - a “read-only archive platform, isolated & not accessible through internet & centrally secured control * hardened by Azure firewall, DDoS.”, high-level secured virtual desktop & SQL security with hardened perimeter + private link”.,
NOTE 1: this is accessible only on “READ-ONLY” to the Finance * Legal Users
NOTE 2: The Archiving solution is for Statutory, audit and compliance purpose
NOTE 3: The system is not transactional & not often used BUT to remain as read-only for audit purpose
Key risk issue -- >> Microsoft Dynamics NAV 2009 R2 (out of support) & could pose a great risk to the environment
The question is the Proposed Security Solution provided should be able to sustain & shield the system from “high to low risk”
The Technical Forum within the Organisation - the Infosec and Cyber Team Feedback:
Two immediate areas of concern, 1) This may constitute a Cyber Essentials fail. We must only use licensed and supported products. Microsoft Dynamics NAV 2009 R2 ended on Jan14 2020 so as such cannot be utilised in this design.
2) When unsupported software is utilised, future vulnerabilities can be exploited by an adversary. Although the solution will be behind an Azure firewall, another entry point could be exploited. This may result in an attacker being able to laterally move across the network and exploit this weakness.
Please can you advice on this issue with the NAV 2009
All responses (
Answers (
