StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Security: CME Hosting Company - Case Study Example

Cite this document
Summary
This case study "Information Security: CME Hosting Company" presents information security as a broad term that covers various processes that are adopted for saving and protecting data and information. It ensures data accessibility, privacy, and reliability…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.5% of users find it useful
Information Security: CME Hosting Company
Read Text Preview

Extract of sample "Information Security: CME Hosting Company"

?INFORMATION SECURITY: CME HOSTING COMPANY Information Security: CME Hosting Company Affiliation Table of Contents Threat Assessment 4 Vulnerability Assessment due to Security Threats 5 Part III 7 Risk Assessment 7 Risk Posed: High 7 Ethical Issues 7 Loss of privacy 7 Denial of Service (DoS) Attacks 8 Viruses and Malicious Code 8 Risk Posed: Medium 8 Errors 8 Unauthorized Access 9 Risk Posed: Low 9 Financial Risks 9 Part IV 9 Main Threat and Mitigation 9 References 10 Introduction Information security is a broad term which covers various processes which are adopted for saving and protecting data and information. It ensures data accessibility, privacy and reliability. At the present, the trend of storing data and information in databases has become very common. In addition, at the present almost all the businesses store their corporate data and information on computer (using databases). Additionally, the data and information stored in databases is extremely confidential and should not be offered for public view. On the other hand, a lot of businesses are completely dependent upon information stored in computers systems. For instance, they use databases to store staff details, personal data, salaries, clients’ information, marketing, sales information, bank account details and so on. Moreover, in absence of such database system, it would be very hard for a company to work properly. Thus, there is a dire need for implementing an effective information security procedure to secure this data and information (Crystal, 2012; Nash, 2000). Furthermore, effective data and information security systems integrate a variety of strategies for better security products, skills and events. In addition, software applications such as firewalls and virus scanners are not sufficient on their own to secure this precious data and information. In this scenario, a group of applications and procedures and systems should be implemented to successfully discourage access to this data and information (Crystal, 2012; Nash, 2000). This report presents a detailed analysis of some of the important aspects of information security for ACME Co. regarding provision of new web services for Citizens Wellness (CW) application by large health care company named Well-Health Inc. This report is aimed at analyzing present status of information security at the corporate. This report will offer an insight into the security arrangements presently available at ACME Co. as well as some new technologies needed to be deployed for the effective management of information security at in different corporate areas. Part I Threat Assessment In this section I will conduct a detailed analysis of some of the important threats at ACME Co. regarding provision of new web services for Citizens Wellness (CW) application by large health care company named Well-Health Inc. The basic aim of this analysis is to discover those major threats which currently exist in web services of ACME Co. as well as how these threats can damage or create issues for the information and data privacy for Citizens Wellness (CW) application. In this scenario, one of the primary risks is regarding staff related security risk. For instance, any bad staff person can hack or damage the business database or systems working. In addition, there is no proper way for staff recruitment. As well, there is no process for assessing background of staff members. The next main issue that I have assessed is regarding dissimilarity of operating systems’ versions and patches. In case of such misbalance among these versions and patches, there is no single and identical way to deal with security management of the business. Moreover, one of the biggest threats that can create an alarming situation for the business is the absence of anti-virus software on ACME servers. I have assessed that work stations of organization’s employees/contractors still do not have any protection procedure against malwares. There is another issue regarding network services of ACME which is the absence of internal firewalls that can create any time issues for the business. It can lead to problems regarding business security and management. Another important issue at ACME Co. is less effective configuration of active directory application. In addition, user’s account is not suitably managed to offer a great deal of account safety and privacy. There is also manual process of managing and handling the user account procedures. Part II Vulnerability Assessment due to Security Threats There are several issues and threats those are presently making organizational activities difficult to perform. In case of ACME Co, one of the initial risks that I have outlined above is security threat from less effectively recruited staff /personnel. In case of such situation any staff member with some illegal aims and objectives can add a virus in database or hack the overall corporate information. There are also a number of issues which can be created by such type of vulnerabilities. It can involve deletion of overall data or making some security information leak regarding personal information of people at Well-Health Inc. Dissimilarity of operating systems versions and patches can also create critical problems and issues as a result they can make defense and protection of business information difficult. Thus, in absence of an effective protection strategy the overall information and data can be hacked or deleted. In worst case the business information can be delivered to corporate competitor. There is no single network or system management arrangement that can manage such dissimilarity of information systems. There can be issues about denial of central firewall for the overall security management of business data. In addition, in absence of anti-virus software on ACME servers can also cause serious problems for information security. In such situation any virus can easily attack and destroy or stop the business operation. In view of the fact that there are number of viruses on the web, so we are for all time under the attack of viruses from outside world. On the other hand, in absence of some enhanced security management methodology or virus updates the overall system working can be affected or stopped. Moreover, one of the critical issues is regarding absence of internal firewalls. In case of such problem user of systems and web services are open to virus attacks, malware, or Trojan attacks. In such situation overall network can be hacked by any hacker. In addition, they can hack all the important data and information of the users. Furthermore, less effective configuration of active directory and its deferred application can also present the hacker an open opportunity to hack the user account and make changes according to their own desire. In this scenario the security management can be unsuccessful. Part III Risk Assessment In this section I will present a number of aspects those are outlined above and their possible influence on corporate working and performance. Here I will outline a number of issues and risks which have different severity levels and can possibly affect ACME Co. regarding application of Citizens Wellness (CW) system by large health care company named Well-Health Inc.: Risk Posed: High This category will cover those risks which can have effect on overall corporate arrangement and working. Ethical Issues Ethcial issues can be the basis of many problems in a business corporation. In addition, ethical issues can happen due to less effective staff recruitment (Laudon & Laudon, 1999). Loss of privacy Loss of privacy can happen due to virus or hacking attacks. In the same way, these attacks happen due to absence of suitable antivirus or network firewalls (World YOUTH, 2003). Denial of Service (DoS) Attacks Denial of service (DoS) based security attacks are techniques which are used to break the suitable working of any business that is connected with any website or network. This can happen due to less effective network and system security and absence of improved security and privacy standards (World YOUTH, 2003; Laudon & Laudon, 1999). Viruses and Malicious Code A number of virus and malicious attacks can happen due to open system. In absence of effective security mechanism such attacks can stop the overall corporate working and operations (World YOUTH, 2003; Laudon & Laudon, 1999). Risk Posed: Medium Errors In case of less effective version control and operating systems’ version management the business can be at the continuous risk of ineffective corporate and operational management. Here we can have a number of system and network errors those can be due to virus and other DOS based attacks (World YOUTH, 2003; Laudon & Laudon, 1999). Unauthorized Access In case of unauthorized access to network and system resources the whole network can be at the risk of useless management of business operations. This can lead to a number of issues such as data and information theft (World YOUTH, 2003; Laudon & Laudon, 1999). Risk Posed: Low Financial Risks ACME Co., can also face some other risks such as financial risks. In this scenario, business can lose the overall credibility which can affect business reputation. Part IV Main Threat and Mitigation This section discusses about the threat that is identified along with possible management strategy that can be used to deal with such kind of issues. In this scenario, the major issue that can be a nightmare for ACME Corporation is the un-availability of antivirus and network firewall systems. In absence of such systems the entire corporation is open for attacks. Here we need to install excellent antivirus software and update it with recent updates. Then we also need to install a very effective network firewall that can catch and manage all the possible issues and could manage such issues (World YOUTH, 2003; Laudon & Laudon, 1999). References Crystal, G. (2012). What is Information Security? Retrieved January 25, 2012, from WiseGeek.com: http://www.wisegeek.com/what-is-information-security.htm Laudon, K. C., & Laudon, J. P. (1999). Management Information Systems, Sixth Edition. New Jersey: Prentice Hall . Nash, J. (2000). Networking Essentials, MCSE Study Guide. California: IDG Books Worldwide, Inc. World YOUTH. (2003). Youth and Information and Communication Technologies (ICT). Retrieved January 23, 2012, from http://www.un.org/esa/socdev/unyin/documents/ch12.pdf Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“CME Hosting Company Case Study Example | Topics and Well Written Essays - 1500 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1441498-risk-assessment-exercise
(CME Hosting Company Case Study Example | Topics and Well Written Essays - 1500 Words)
https://studentshare.org/information-technology/1441498-risk-assessment-exercise.
“CME Hosting Company Case Study Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/information-technology/1441498-risk-assessment-exercise.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security: CME Hosting Company

Web-Based Application Development

hellip; The deployment will entail either Sanix secure the service of a hosting company or cloud-based support.... These branches are more specifically located in Bristol, Chester, Derby, Leeds, Westminster, and London which is the company's headquarters.... At the onset of automating its accounting business, Sanix outsourced the development of its accounting software from Brits Software, a company that is a major software developer for large enterprise systems....
12 Pages (3000 words) Case Study

Managing IT outsourcing

usiness Process Outsourcing is best explained by Medas company, an outsourcing management consultant.... Furthermore, there will be some examples of risk management and data security, as well as a look at the dimensions of relationship management and its importance.... Their document, A Practical Guide to Business Process Outsourcing (2006) gives straightforward information on the actual process of Managing IT Outsourcing....
9 Pages (2250 words) Essay

The Analysis of the Information Communication Technology

This paper will do a risk assessment of on a business scenario on citizen wellness proposed to a health care company.... A health care company would like to do a review on ACMEs security program, including its procedures, and security policies.... can provide an individualized citizen wellness programs to the health care company's subscribers and that these customers can be authenticate whenever they desire to access the program.... is assigned to work with the health care companys ISSO the idea being to create a detailed list of business needs for security for the health care company....
5 Pages (1250 words) Assignment

Current Events discussion in the Technology or Security Arena

Military Social Media Accounts Late last year, the Sony hacking left the world surprised that the rogue state of North Korea could hack a US based company.... The rising tide of system security breaching seems… According to the Clarion Project, the ISIS successfully hacked YouTube and Twitter accounts belonging to the US central command.... The rising tide of system security breaching seems to have gone a notch higher.... The fact that many social websites allow users to post on their walls or those of others, it seems that a security breach portal is always open for manipulation....
2 Pages (500 words) Assignment

FIFA World Cup in South Africa - First Major Sporting Event

This paper "FIFA World Cup in South Africa - First Major Sporting Event" focuses on the fact that the privilege of hosting such a mega event impacted the country and the continent in various ways.... nbsp;… The benefits of hosting mega-events especially those of world-class include; improvement of infrastructure base.... owever, the benefits of hosting such an event meant that financially, the country would be negatively affected.... Safety and security, social legacy projects, health and justice systems were put in place....
12 Pages (3000 words) Case Study

The Sale of Handmade Crafts Online

The paper 'The Sale of Handmade Crafts Online' presents crafts which include crafted gifts, handmade tools, widgets, and baskets.... Currently, there are entrepreneurs engaging in the sale of these products.... Sites such as eBay, Etsy, and DaWanda provide a platform for sellers and buyers.... hellip; This is the competition....
12 Pages (3000 words) Term Paper

The Benefits of Mail Server

Domains A domain is a logical grouping of directory information, suchas users, with centralized administrative access through aconfiguration node.... … The Internet Message Access Protocol, Version 4 (IMAP4) and Post Office Protocol,Version 3 (POP3), are open Internet standards for retrieving mail from a server....
8 Pages (2000 words) Essay

Penetration Testing ACME Software Solutions Ltd

Organizations of all sizes have to safeguard their company resources and business information and or transactions from foreign intruders and competition.... This report "Penetration Testing ACME Software Solutions Ltd" presents considerations on the network design and any new devices that need to be introduced that will be based on the perimeter security as controlled by the NIDS and the specific resources that need to be secured in the network hosts.... Simultaneously, the Internet has added new security challenges occasioned by intruder attacks, manual and automated....
7 Pages (1750 words) Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us