Congratulations! Your efforts and success at Odette have paid off and you are now the CIO (Chief Information Officer) for the Provincial Tax Authority of a major Canadian province. Part of your responsibilities is the protection of the content and integrity of the various forms of tax data for both individuals and corporations that are accessed by your over 700 field auditors. These field auditors attend various business and residence locations in the province and sometimes across Canada depending on where the tax records are maintained. Over the years, various forms of hard-drive encryption protocols have served the field audit unit well. However, the recent increase of hacking attempts at your employer as well as the much publicized ransomware hack of Colonial Pipeline and JBS Meat Processing have increased the risk, likely due to the fact that Colonial Pipeline admittedly paid the $5 Million of ransom (in Bitcoin of course) to the hackers. As a result of these recent developments and the fact that the 5 year lease of the over 700 laptops currently being used by the field auditors is set to expire in a few months, you have decided to move to what is called a dumb terminal also known as a diskless laptop. These systems do not have their own internal storage disks and rely on network file servers to store files. This type of system uses network booting to load the operating system, but it does contain its own main components including the CPU, RAM, 2 USB drives, video, sound and network adapter for access to the network but no storage devices and no CD-ROM drive. The field auditors have long complained of the weight of their current laptops (especially when the hard drives were almost full) and the lightweight features of these new laptops will help address this issue. As well, many of the components on the laptop are made of much thinner components and the power cords are about half the length of the current ones as well, the internal battery will power the laptop for over 10 hours daily when fully charged. It is felt that the inability of these new laptops to store client and government data on them will make them less prone to hacks and improper sharing of confidential information as there will be a central repository mainframe storage at one secured anonymous location. You have made this proposal to both upper management as well as the unionized field auditors working group that is providing input to this migration from the previously leased 5 year old laptops to the new proposed diskless lightweight laptops and have encountered some resistance from both parties.

Required 1. Which threats in the information processing and storage system will the proposed diskless system of the new laptops minimize?

2. Complete an analysis to determine whether the security features of the new system outweigh any potential limits of the new diskless system?