Part A
Business objectives
One of the business objectives being developed is ascertaining the levels and effectiveness of the security controls in the managerial, operational and technical areas of the Healthy Body Wellness Center’s (HBWC) Office of Grants Giveaway (OGG). The effectiveness of the security controls will reveal the levels of integrity, confidentiality and accountability of the Small Hospital Grant Tracking System (SHGTS).
Another objective is guaranteeing the effectiveness of the Small Hospital Grant Tracking System (SHGTS) by ensuring the assignment and tracking of grants by the system is secure and not exposed to any risks of data breaches. The case study aims at identifying vulnerabilities that exposes the workings of the SHGTS to the risks of data breaches. It evaluates diverse aspects of the system like the management, operational and technical aspects to ascertain the levels of security of the system.
Delegate your assignment to our experts and they will do the rest.
Thirdly, the case study aims at identifying the impacts of the threats and vulnerabilities that the SHGTS is exposed to thereby revealing the reliability of the system in ensuring the allocation and tracking of the various grants is optimal and in alignment with the goals of the HBWC.
Further, the case study reveals the likelihood of the identified threats being exploited. The case study informs the need for the business to adopt protective measures that mitigate the threats and vulnerabilities the SHGTS is exposed to in the managerial, technical and operational aspects. The identity of the specific areas where the likelihood is most likely, the case study facilitates the timely allocation of the resources by the HBWC to secure the SHGTS. The case study forms a basis for the organization i.e. HBWC to either strengthen or discard its current data and system security measures based on the risk assessment levels.
Guiding security principles
One of the guiding security principles is confidentiality (Johnson, Goetz & Pfleeger, 2013). The risk assessment process that is conducted aims at assessing the ability of the information contained in the SHGTS not being accessible to any unauthorized party. The contracted company to perform the risk assessment i.e. We Test Everything (WTE) engages in diverse forms of assessment like network scanning and evaluation of the potential impact of the identified risks to determine the ability of the SHGTS to enhance the confidentiality of the data contained in the system. The company i.e. WTE recognizes that the information contained in the SHGTS is accessible to limited personnel based on their nature of the roles. Its activities aim at ensuring such accessibility is enforceable in the system to protect the confidential nature of the information.
The second security principle is integrity. The risk assessment process aims at ensuring the accuracy and completeness of the data contained in the SHGTS is guaranteed. It recognizes that the integrity of the data contained in the system is essential and the assessment process entails evaluating the effectiveness of the policies where only few people can alter, update or erase the data contained in the SHGTS (Khajouei, Kazemi & Moosavirad, 2017). The integrity of the data is vital as the SHGTS plays the role of allocating grants and tracking the grant through five hospitals. Any data integrity threats can, therefore, compromise these critical roles of allocation and tracking that are the core of the functioning of the organization i.e. HBWC’s OGG.
The third guiding security principle is availability. The risk assessment process aims at assessing whether the data contained in the SHGTS is accessible and can be used by the authorized personnel upon demand.
Justification of the organization’s business processes that should be included in the scope
One of the business processes that should be included is the management of the accounts of the SHGTS users. The system should identify the valid users and deactivate the accounts of the users that do not need to access the system. The process should be included in the scope as the ability of the accounts of the ineligible users to remain active is a source of data integrity risks. It is easy for such users to falsify the data available in the system that impacts negatively on the allocation of grants ( Meadows, 2014) . The use of falsified data in the allocation of grants can lead to complaints due to poor decision-making by the management of the HBWC.
Another business process is the development of the system security plan for the SHGTS. The process would entail the documentation of the various system activities performed by a user and the identity of the vulnerabilities the system is exposed to based on the activities. The security plan would entail the evaluation of capabilities like the identity of a valid user based on the nature of interaction with the system information.
The process is needed as it outlines the security requirements for the system and the planned security controls that should be introduced for the system activities that are not secured. The process would also outline the expected user behaviors amongst the valid users of the system where any unexpected user behavior is detected by the system. The detection should lead to retrospective action on such a user either by being denied access for specified period or the imposition of penalty to deter the behavior.
The development of a disaster recovery plan is another process that should be included in the scope. The disaster recovery plan should be developed and tested to ensure the data contained in the SHGTS is secure in the case of natural disasters like storms, fires, power failures or personal failures that damage the hardware and software infrastructures of the system.
The process is needed as the lack of a disaster recovery plan exposes the data to insecurity and the threat of loss in the case of occurrence of the natural disasters (Yang, Ku & Liu, 2016). The loss of data through natural disasters or human errors and acts of sabotage would significantly compromise the operations of the HBWC as the information contained in the SHGTS is critical in the allocation and tracking of grants.
Another process is the evaluation of the password policy and the control of the user behavior by limiting the number of invalid or unsuccessful access attempts by a user. Unauthorized users should not have valid access to the system. Once the validity period of a user expires, the system must immediately deactivate such accounts rather than wait for ninety days to elapse. Also, the unsuccessful attempts should be limited to about three where the unsuccessful user must then contact the system administrator.
The process should be included in the scope as the prevalence of unauthorized users accessing the system exposes the data contained in the system to additional threats and vulnerabilities. The ineligible users can guess passwords and pose severe risks to the data as they can manipulate it or alter its accuracy thereby undermining the integrity of such data. Such data integrity issues are costly to the organization.
Another business process is limiting the remote access to the registry by the administrators. The process would be applied by identifying specific users that are permitted to access the registry from remote locations and updating their user credentials. Such users will be required to have higher access requirements like two-step authentication processes.
The process is needed to limit the number of individuals that can access the system remotely. The limitations are essential in reducing denial of service attacks on the system servers that enhances the levels of data protection and integrity (McLaughlin & Gogan, 2018).
Justification for the information systems that should be included in the scope
One of the information systems that should be included is the transaction processing system. The system promotes the collection and processing of the data on the grants that facilitates easier monitoring and tracking. The system ascertains that a grant has been provided to a particular hospital and then monitors the usage of the grant to facilitate the allocation of the unused funds to another hospital.
The transaction processing system should be included as it plays a vital role in ensuring the optimal allocation of grants where those that are unused are allocated to another entity. Its inclusion in the scope is crucial as it guarantees the integrity of the data available in the system. The data is crucial in enhancing the effectiveness of the organization’s operations.
Another information system is the management information system. One of the duties of the system is processing the information provided by grant users in the system. Every grant user must complete the grant evaluation in the system’s database. The information then facilitates the production of the grant status report by the management information system for the attention of executive officer and the grant assignor. The grant status report produced by the management information system guides the decision-making processes in the allocation of grants.
The management information system should be included in the scope as it plays a vital role in ensuring the grant status reports are accurate and reliable. Any errors or interference by the management information system would compromise the decision-making processes as the grant status reports would be inaccurate and error-prone. The inclusion of the system in the scope is, therefore, essential in enhancing the quality of the decisions made by the executive officer and the grant assignor.
Justification of the IT infrastructure that should be included in the scope
One of the IT infrastructure that should be included are the servers i.e. the JINX server and the remote access server. They must be included as the entire information found in the system is stored in the servers and their security is critical in enhancing the integrity of the data (Taylor, 2015). The operating system and the software applications used within the SHGTS should also be included. The need for inclusion is that the operating system and the software applications permit the various programs and applications of the SHGTS to execute the required tasks ( Yue, W., Çakanyıldırım, Ryu & Liu, 2017) . Their inclusion will ensure they are not exposed to threats of malware, threats and hacker intrusions that can compromise their effectiveness.
Also, the networking and communications platforms for the system like its Microsoft Access platform should also be included. These platforms are essential in enhancing the uninterrupted access of the SHGTS by the authorized personnel and availability of the desired information.
The data flow process comprises of the access to the operating system by a user and then permission to access the SHGTS servers where the required data can be accessed or where the generated data is stored.
Part B
Recommended additional steps and justification
On the accounts of users that should not access the system, the period of notification by the human resources manager to the information system security officer that a valid user is no longer in employment should be reduced to the same day such information is received by the human resources manager. The human resources manager must oversee that the site security officer has actually terminated and deactivated the account of the user to ensure no access is made by a terminated employee into the system.
An employee that has terminated employment can take advantage of the administrative delays by the human resources manager to notify the information system security officer of the termination of the employment and the need to deactivate the account. However, the provision of timelines where such deactivation should be done the same day the employee terminates employment is vital in enhancing the levels of responsibility amongst the human resources manager and other information and system security personnel. It implies the human resources manager carries the burden for any activities of the terminated employee in the system after the termination. It enhances responsibility and oversight and eliminates the likelihood of malicious actions by terminated employees in the system.
Also, the human resources manager must devise organizational policies that clearly articulate that an employee that has terminated employment should not access or try to access the system. The policy should impose hefty punishments on such employees and should state categorically that terminated employees are no longer recognized as users and their efforts to access the system after terminating employment will be a contravention of the rules of the organization.
The policy should further state that any user whose account is deactivated must seek express authority of the management to access the system after availing sufficient reasons. Such regulations will implore on any unauthorized user from seeking to guess passwords to access the system as the behavior can expose the systems of the organization to vulnerabilities. The policy should state that such actions of ineligible users trying to access the system will be treated as criminal activities.
To address the risk of the lack of a system security plan, it is necessary to include an incident response plan that should be an enhancement of the incidence report capability listed in the recommendation. The incidence response plan should provide for the creation of the incidence response team in the organization. The team should consist of organizational employees in the top and mid-level positions. It should also incorporate external professionals to ensure the optimality of the incidence response plans initiated by the organization (Knut, Colomo-Palacios & Srdan, 2016). The incidence response plan must also provide for the rapid assessments of the data breaches that may occur in the organization and identify the nature of damage caused. The plan must also identify the specific interventions to contain the breach.
In the case of lack of a disaster recovery plan, it is necessary for the disaster recovery plan to include the likelihood of software failures due to increases in zero-day vulnerabilities. These vulnerabilities can make the software applications of the system temporarily unavailable. The unavailability can impact negatively on the quality of reports generated and can also expose the data stored in the system to the risk of getting compromised. The disaster recovery plan should, therefore, outline the alternative software platforms that the organization can switch to in order to limit the impacts of the unavailability of the usual software applications.
Also, the disaster recovery plan should also anticipate the need to abandon the current facilities in the case of occurrences like flood waters or storms that destroys the current facilities. The disaster recovery plan must articulate the speedy process of removing, encrypting or destroying any sensitive information that is contained in the hardware and software systems that are left in the damaged sites.
The need for these measures is critical in protecting the integrity and quality of the data. The destroyed hardware systems like computers may fall into the wrong hands during disasters like storms and floods. The ability of the disaster recovery plan to outline the processes of making the data stored in such systems unavailable to unauthorized users is critical in enhancing the continuity of the organization’s processes.
Also, during disasters, most of the hardware and software products in use by the organization can be lost of driven in far regions where the likelihood of being tampered with is highly likely. It demonstrates the need for the disaster recovery plan to take into account the situational risks of natural disasters to ensure any hardware of software materials that are misplaced do not expose the organizational operations to any risks.
The risk of lack of sign-in logs for the visitors to the computer room can be mitigated further by making it possible for the system to generate the access logs for every visitor. Such access logs reveal the nature of activities conducted by each of the visitors in the system. The activity logs should be accessible to the system administrator where any suspicious activity can be easily flagged off as the identity of the user is already known (Wheeler, 2013).
The need to have the access logs of the visitors is vital as it becomes easy to identify the users that are violating their access privileges and exposing the system to risk. The logs provide details like the nature of requests and how the accessed information was used. The system administrator can easily identify rogue users of the system, especially those that come with peripheral devices like flash discs that are used discreetly to compromise the information in the system by introducing malware. The availability of the access logs enhances the oversight roles of the system administrators and provides evidence to discipline errant users of the system.
The risk of lengthy password age should be mitigated by the introduction of a policy where passwords should be changed on a monthly basis. Also, the system administrator will conduct tests to determine the susceptibility of the passwords being used in the system to attacks or theft. Also, account lock-out settings should be changed where any three unsuccessful attempts by a user to sign into the system leads to an automatic lock out until the user liaises with the system administrator.
The changes are necessary in reducing the likelihood of unauthorized users trying to access the system that exposes the data to the risk of being compromised. The periodical changing of passwords also reduces the likelihood of an unauthorized user trying to access the system. The lock-out settings where three unsuccessful access attempts lead to locking of the user account will reveal users that are either complacent in their user activities of the system
The risk of null sessions can be mitigated by outlawing the anonymous enumeration of user accounts to ensure only the authorized users can access the system (Allen, Loyear & Noakes-Fry, 2016). The intervention is necessary as the null sessions can be exploited by hackers to access the information contained in the system. Their elimination, therefore, eliminates such likelihood.
The risk of lack of controls in access to remote registry can be mitigated further by ensuring the access restrictions can be bypassed to ensure the services that require access to the remote registry remain functional. The ability of ensuring that the account names of the service can be added to the access list is necessary to avoid unavailability of some services to authorized users. The unavailability of some services can compromise the provision of the grant services and the generation of reports.
References
Allen, B., Loyear, R. & Noakes-Fry, K. (2016). The manager’s guide to enterprise security risk management : Essentials of risk-based security . Chicago. McGraw-Hill.
Johnson, M., Goetz, E. & Pfleeger, S. (2013). Security through information risk management. IEEE Security & Privacy Magazine, 7 (3): 45-52.
Khajouei, H., Kazemi, M. & Moosavirad, S. (2017). Ranking information security controls by using fuzzy analytic hierarchy process. Information Systems & e-Business Management , 15 (1): 1-19.
Knut, H., Colomo-Palacios, R. & Srdan, D. (2016). A process framework for information security management. International Journal of Information Systems and Project Management , 4 (4): 27-47.
McLaughlin, M. & Gogan, J. (2018). Challenges and best practices in information security management. MIS Quarterly Executive, 17 (3): 237-262.
Meadows, C. (2014). A cost-based framework for analysis of denial of service in networks. Journal of Computer Security, 9 (1/2): 143-164.
Taylor, R. (2015). Potential problems with information security risk assessments. Information Security Journal: A Global Perspective, 24 (4-6): 177-184.
Wheeler, E. (2013). Security risk management : Building an information security risk management program from the ground up. New York. Pearson.
Yang, T., Ku, C. & Liu, M. (2016). An integrated system for information security management with the unified framework. Journal of Risk Research, 19 (1): 21-41.
Yue, W., Çakanyıldırım, M., Ryu, Y. & Liu, D. (2017). Network externalities, layered protection and IT security risk management. Decision Support Systems , 44 (1): 1-16.
