The case study comprises a company known as Jacket-X, it manufactures gloves, safety jackets, and specialized safety equipment. Jacket-X headquarters is situated in the big metropolitan vicinity during its warehouses and offices in other areas across the country. In the last year, the company’s human resource department experienced payroll issues, yet there are no accusations of negligence or wrongdoing. The question on the payroll incited the initiation of vulnerability assessment. The evaluation of networks was to examine any unauthorized access, as an outcome of a current violation where a joined laptop with malware almost closed down the system. The report determines and analyzes vulnerabilities of the networks, threats, security measures, discussion on the enterprise identification management system, privacy fears that may arise in future as the result of the new regime. . (University of Maryland University College, n.d.)
Threats and vulnerabilities of Jacket X Corporation
Oppression of limitations vulnerabilities leads to the causing security damage or breach to the organization. There are reported on software vulnerabilities through email alerts, United Computer Emergency Readiness Team, hacker forums among others while a threat is something that can exploit the vulnerability, accidentally or deliberately and demolish an asset.
Delegate your assignment to our experts and they will do the rest.
Policy vulnerability
The skill to connect computers and laptops that are vulnerable to external sources. A senior leader decided to use his computer to link to corporate VPN to pay bills online, after that he allowed an unauthorized individual to access the company’s network. Intrusion detection system identified a malicious worm attacking the server of the business upon the computer reentry to corporate LAN. Thus, in the pursuance of addressing system vulnerability, it’s suggested that the policy is adjusted to authorize security verification of every single computer devices preceding introduction back to the network. Emphasis on the importance of the workers following safety measures and procedure and training of employees on security.
Audit vulnerabilities
Jacket X has been preparing for its first primary external review since the entrance of Jacket X into the New York Stock Exchange last year. There are few issues of concern that are to be tackled before the arrival of external auditors despite the smooth operation of the entire system. Current bursts of activity make it difficult for jacket X to keep up with current network activity logging, ever since the start of the online presence of the ordering system. Therefore posting vulnerability as the company requires guaranteeing adequate logs of network activity. In regards to services and protocols, it’s essential to deal with security of network configuration since open firewall ports in the system are considered unsafe. Jacket X should endorse proportion of resource to limit user access that an individual that users cannot hinder the network unintentionally and generate a password storage control. (Chaffin, 2006)
Payroll vulnerability
The modern means of dealing with new employee’s salary data and timecards is one of the most significant anxieties in the payment system. The satisfactory resolution to this vulnerability is to establish the system in a way that every edit pass through validation at the departmental level.
Security measures
Premier controls
The premier controls help in guard against physical infringement. These comprise of fences, walls around the building property and the guards.
Building controls
Locked windows and doors to stop the intruders from getting into the building and electronic motion detectors. (Andress, 2011)
Identification
Identification assists in access control software. Provision of identification in a structure of account number or user name in accessing computer system in a data center.
Access rights
The intruder cannot be able to obtain critical information even if he steals an employee authentication and identification details unless that particular employee has an appropriate access right. (Andress, 2011)
Rigorous mobile device policy
Jacket X Corporation should establish policies that guarantee protection against damage by users outside the network as a result of a use of off the shelf available mobile devices. Every access points of jacket X corporation system ought to be located in a secure area that an intruder outside the building cannot access any Ethernet ports, only authorized employees have access (Andress, 2011)
Threat monitoring
The use of logs to enable the organization to track security breaches and take suitable response measures. An information security officer should be responsible for risk control in a group.
Management system
Vendor selection
Vendor selection involves proper selection of Acuity identity management system which obeys the rules of four levels of identity assertion as acknowledged by National Institute of Standards and Technology. All transactions performed by users are recorded in the format of XML and sent to destinations that are accessible to IT managers. Also, the identified management software can offer templates to make sure Jacket X conform to HIPAA, SOX in addition to other regulatory necessities. (Sharni et al, 2009)
Conclusion
The core purpose of the report is to evaluate and report on the vulnerabilities and threats to the company networks, to recognize security measures and discuss on company identification management system.
References
Sharni, Spaudling, Williamson & Yip, (2009). Identity Management: A Primer . Mc Press.
Andress, (2011 ). The Basics of Information Security, Pg 52; Syngress.
Chaffin, (2006). Building a VoIP Network with Nortel’s Multimedia Communication Server 5100: Syngress.
University of Maryland, University College. (n.d.). The enemy within. In CSEC 610: Cyberspace and cybersecurity: Interactive case study I. Retrieved November 13, 2013, from http://tychousa5.umuc.edu/cgi-
