Case Study 2
Question 1
Passwords should be changed every three to four months. While changing the passwords, organizations should ensure that they use the multi-factor techniques for verification and password managers to strengthen the password protection.
Question 2
Employees creating the passwords should be forced to create strong and difficult passwords to guess or get used to specialized software. They should ensure that they create passwords that:
Delegate your assignment to our experts and they will do the rest.
Have more than eight characters in length (Carnegie Mellon University, 2017) .
They should create passwords that contain upper and lower characters, such as A, D, a, z.
Passwords should contain numerical values like 1-9.
They should also include special characters like #$%.
They should use words that, when spelled, cannot be found in dictionaries.
Question 3
Apart from the password issues, Dan should check on other e-commerce risks such as defects in the application. He should check whether the system is well configured to help prevent attacks. Systems with defects can compromise the users' accounts and lead to loss of sale incomes. It would, in turn, lead to losing customer trust and destroying the company's reputation. Dan should ensure no malicious attacks, such as phishing, spyware, computer viruses, and Cookie poisoning (Albrecht et al., 2018). Additionally, he should check on denial of service attacks by ensuring no spam emails and delays in accessing files and internet connections.
Question 4
[Name]
[Address]
[City]
[Contact Number]
[Email]
Dan Jones
Ricochet Systems
[Address]
[City]
Dear Sir,
I am writing to advise you on how to enforce security policies at your organization. First, you should set a password policy enforcing on the password history that will set on how often old passwords can be used. The policy should discourage employees from using old passwords. Second, set a policy regarding minimum password duration to determine the period the employees can stay with before changing their passwords. The policy will be effective in preventing the employees from dodging the password systems by creating new passwords and then changing them to the old ones. Also, developing a policy that dictates the maximum period an employee should stay with a password ensures that they change their passwords regularly. Finally, develop a policy that determines the length of the passwords to ensure they are long and strong hard for attackers to guess. The policy should also enforce the use of complex passwords containing upper and lower characters, special characters, symbols, and numbers.
Best Regards
[Name]
References
Albrecht, W. E., ALbrecht, C. O., ALbrecht, C. C., & Zimbelman, M. F. (2018). Fraud Examination. Cengage Learning.
Carnegie Mellon University. (2017). Information Security Office; Guidelines for Password Management . https://www.cmu.edu/iso/governance/guidelines/password-management.html
