Security Report ABC INC

Security Report:The weekly assignment for the course is a comprehensive assignment. You should begin by reviewing the scenario document (attached). Each week, you will complete part of this assignment based on the content covered in the week. You will add new content to the report each week to build a comprehensive security solution for an organization.You have been hired by this company to suggest ways of securing its technology assets. ABC, Inc. requires you to complete the project and provide detailed recommendations for improving their security in the next five weeks. You will be assigned specific tasks in each of the weeks of this course based on the content covered in the week.As you complete this assignment, you must also realize the importance of describing the implementation of the solution that you propose and explaining how to verify the solution by providing activities to test the security (such as intentionally using an incorrect password to make sure the system rejects the login attempt).In this week, review the scenario and analyze the security requirements of the organization. On the basis of your understanding, create a 3- to 4-page report in a Microsoft Word document that includes the following:A paragraph summarizing the problems faced by the organization.A list of top five recommendations for implementing better security in the organization and an explanation of how each of these will benefit the organization. Justify the importance in your ranking.Outcomes for your report, such as what implementing your solution will do for the organization; this should be a preliminary report that will evolve as the weeks progress.In addition, respond to the following questions in your report:How does an attack like the one suffered by ABC, Inc. impact consumer confidence in its product? Why would the company wish to remain anonymous during this process?Which basic user policies would you put in place to make sure employees cannot access each other’s information?
suo_its3104_project.pdf

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
Security Report ABC INC
Just from $13/Page
Order Essay

ITS3104 IT Security – Course Project
© 2016 South University
Scenario
A tire manufacturing company, who wishes to be called ABC, Inc. to protect its privacy, has
recently fallen victim to a cybercrime. The customer information and some of its proprietary
technology were compromised in the attack. This company has been in the business for a very
long time and enjoys a large market share. If its identity is disclosed, the attack has the potential
to cause it to lose customer confidence. Also, some of its competitors are constantly looking for
opportunities to hack the company’s important strategic and functional information.
The company’s head, Dermot Reed, is very concerned about the situation because a recent study
shows that some of its competitors have started using its techniques. The source of the attack
remains unknown. It could be that an internal, disgruntled, or greedy employee has been involved
in the attack or has been revealing important information to its competitors. Moreover, there have
been several attempts at hacking the company in the past, which have been unsuccessful prior to
this incident. Ed Young, the network administrator, has requested a budget for a system overhaul
to rebuild the infrastructure of the organization with an emphasis on security.
The company does not have anything currently in terms of true security measures. Young is
competent but has limited understanding of attack methodologies. The attacks were thwarted
mainly due to automated antivirus programs installed on the servers. ABC, Inc. has a network with
four servers that cater to around 450 employees. ABC, Inc. keeps track of its data using a MySQL
database. However, some of the data is incorrect in its database since somebody has modified it
outside of normal business operation hours.
The database server is used for updating the inventory records. The database contains information
about quantity of raw materials available, quantity of finished products, price of finished products,
etc. Users from across the organization use the database to access different information.
Therefore, availability of the server is critical. Young would like a recommendation from you on
the fault-tolerance mechanism that can ensure uninterrupted business and security on the
database to prevent unauthorized modifications.
Ken Burton, the sales and marketing head is worried about the security of the laptops that the
sales and marketing personnel carry with them while traveling. Burton has previously reported
that data on these laptops has been leaked or hacked when these laptops are outside the
organization’s network. Burton wants a system by which these computers can be secured while
they move out of the organizational network and still maintain a secure connection to the home
network.
2
In addition to the concerns above, ABC, Inc. wants to implement a computer use policy for its
users that explains their responsibilities and the internal and legal implications to users who
violate this policy. The intent is to prevent users from indulging in activities that put the company
at risk. ABC, Inc. needs to create a charter that describes the following:
?
?
?
Hacking
Violation of right of ownership
Violation of privacy of user’s personal data
The management of ABC, Inc. decided that adequate security measures are required to protect
internal data and entrusted Young with the responsibility of creating the security requirements.
Young has created the following additional requirements:
?
?
?
?
?
?
?
?
?
User authentication must be performed before an employee can logon to the network. The
organizational structure is given in Appendix A.
Each department stores its data in separate folders that are shared in a central file server.
Measures need to be taken to enable only the users in a department to access the
department folder in the central file server. Personnel in a particular department should
not be able to access the folder of another department.
In addition, a mechanism is required that would record event data on each department
folder on the central server. The network administrator will use this data to identify the
events that generated security alerts.
The computers in the accounts department need to be made secure. Employees in other
departments currently use these computers as well. Sensitive data on these computers are
accessible to any user who has physical access to the computer. A mechanism needs to be
devised by which data belonging to a user on the local machine is accessible to that user
only. Young suggests using encryption to secure data on local computers.
The OSs installed on the computers need to be updated with the latest patches and fixes.
All users in the organization currently use the database. However, only the heads of the
departments, the network administrator, and the database administrator should have
access to the database. The database administrator should have full control permissions,
the department heads should have modify rights, and the network administrator should
have read-only permission on the database.
The computers in the marketing department need to be secured when the computers
move out of the network.
All computers in the organization are run on an outdated OS. The organization has
identified that some of the hacking has occurred because computers running on this OS
can be accessed from outside the organizational network by using terminal services. The
OS needs to be updated and configured to prevent outsiders from accessing the
computers.
A mechanism is required to check if the computers in the organization are running the
latest patches. In addition, a mechanism is required for implementing antivirus in the
computers in the organization.
ITS3104 IT Security
©2016 South University
3
You have been hired by this company to suggest ways of securing its technology assets. ABC, Inc.
requires you to complete the project and provide detailed recommendations for improving their
security in the next five weeks. You will be assigned specific tasks in each of the weeks of this
course based on the content covered in the week.
Appendix A
Use the information in the following table to recommend user and group permissions for the
organization.
Name
Role
Department/Sub
Department
Groups
David Wong
Design Head
Design
Dsngrp
Information Systems
ISgrp
Debbie Howe Database Administrator
Ken Burton
Sales and Marketing Head Sales and Marketing
SMgrp
Jim Lewis
Human Resources Head
Human Resources
HRgrp
Tom Wilkins
Network Support Head
Information Systems
ISgrp
Mike Womack Information Systems Head Information Systems
ISgrp
Diane Frye
Inventory Manager
Operations
ODgrp
Jerry Smith
Sales Manager
Sales and Marketing
SMgrp
Lee Mitchell
Marketing Manager
Sales and Marketing
SMgrp
Ed Young
Network Administrator
Information Systems
ISgrp
Sheila Frost
Accounts Head
Accounts
Accgrp
ITS3104 IT Security
©2016 South University

Purchase answer to see full
attachment

Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency

Order your essay today and save 15% with the discount code ESSAYHELP