Ensuring appropriate security for branch offices requires the creation of a logical infrastructure that provides appropriate security boundaries and containment of exposures without preventing cross-organizational access. To do this requires examining the tradeoffs associated with the design options for each service. Tradeoffs are generally tied to the following: | • | The security exposures related to WAN traffic to and from the branch office | | • | The security exposures related to storing data on branch servers | | • | The physical and other security characteristics of the branch office, including methods of controlling physical access to servers located in the branch office | | • | The sensitivity of the business functionality (data confidentiality and other security factors related to the business and its processes) | | • | Security exposures related to external companies responsible for server maintenance, including potential security risks involved with providing administrative privileges to personnel over which the organization has no control | | • | Auditing issues related to the fact that the audit trail crosses multiple servers, as well as multiple geographic and political boundaries (which can make it a significant challenge to aggregate and analyze the data) |
Centralization of services in a hub site generally means that the services are run in a secure central facility with controlled access and well-defined enforcement methods, often with a dedicated security team responsible for the prevention and detection of security problems. This facilitates the enforcement of security policies and helps minimize security risks. Security in branch offices is often limited by the lack of consistent security procedures and dedicated security personnel and more open physical access, sometimes with the potential for many people to have access to the physical computer. This can make it extremely challenging to effectively secure branch data and other branch resources, as well as any corporate data and resources shared with or replicated to the branch office. Placing services in a hub site does introduce the potential for exposure of data traveling between the hub site and the branch office, but the sophistication of technologies available to encrypt network traffic can sufficiently mitigate this risk. Other security considerations and tradeoffs exist for individual services and business requirements. Creating a branch design that provides appropriate security requires creating a detailed security plan that identifies potential security risks and outlines mitigation strategies.
| 
