Hacker Target and Response - Essay Example

Hacker Target Response s Hacker Target Response With the advancing development of information systems and networks, security is any organization’s key concern. The foundational aims of information security systems are integrity, privacy, and accessibility (Covaleski, 2013). Information security systems are vital to an organization because their function is to protect any form of unauthorized access or to hack with the purpose of obtaining sensitive data. The most dangerous individuals who might desire to attack a company’s information system are employees either who still work on the firm’s premises or those who have been terminated from work. The principal objective of this paper is to identify the areas and the information that an attacker might want to obtain and the methods that they may employ in undertaking the criminal activity. The paper also seeks to highlight the possible damage that their activities may cause to the information system. It is also important to show the preventive measures and the appropriate responses towards the security threat. As said earlier in the paper, one of the probable offenders is an ex-employee of an organization. The reason for this is that the ex-employee might have negative motives of releasing sensitive information that could destroy the reputation of the organization. The primary objective of an ex-employee would be to revenge. Another area that could be attacked by the ex-employee is the financial security system. The offender could have an objective of crumbling the organizations financial stability. The terminated employee may also target the organization’s foundational information, its economic weaknesses, production information and organizational information (Covaleski, 2013). There are multiple ways in which the terminated employee may use to hack into the company’s information system. One of the ways is using other employees to obtain information; the other means they could employ is to use their knowledge of security passwords and access the organization’s information system. A well-planned data security strategy alternatively posits the objectives of the information system of a business and formulates a plan to attain these goals (Dhillon & Backhouse, 2000). Any leakage of sensitive corporate information is a pragmatic basis of corporation collapse. Precisely the data system lacking a prolific information security is prospective to be a separate collection of check procedures that include numerous severe security threats. Information systems security policies at that instance may frequently be exploited to help integrate the multiple diverse perspectives of a corporation to accomplish organizational security aims. All organizations should frequently audit, test, and dispose of unlawful and otherwise out-dated principles, controls, and structures to get rid of the security threat. An alternative to sporadic reviews is to control periodic assessments to comply with the strategy of information system security (Covaleski, 2013). The significance of policies and values for preserving information systems security is significant to each organizational process of the present course of time. These defined policies and rules of an organization are robust to protect the corporate information privacy. The role of employee and other information resources owners to protect the information system security is a vital issue in each organization. The moral and formal standards guide the code of professionalism, which should expected from the user of information’s system working in each group. The management should reflect the commitment to motivate the employees and workers to follow the standards and policies to ensure the information system security plan. The commitment of the employees to information system security is the most important factor in achieving the objective of information system security of an organization (Dhillon & Backhouse, 2000). There are three main things that we should focus on as we provide a secure network. They are availability, integrity and confidentiality that are known as the tenets of information systems security. Availability ensures that information is accessible by the appropriate users when they are seeking information. Integrity guarantees that only authorized users can change information. Confidentiality allows only authorized users to view information. These factors are especially important when you consider the fact that we deal with sensitive medical records that include prescriptions and financial data. Along with this understanding, it is equally important that we remain cognizant of the fact that the risks that we face enters the equation as we develop strategies attempting to meet business goals and remain competitive (Kim & Solomon, 2012). In proceeding with our implementation of a security plan, we should be consciously aware that the domains within our infrastructure are being executed with growth in mind. Though we are presently a small company, we have the unlimited potential to become incorporation focused tycoon quickly within the industry. For this reason, we will construct our infrastructure on the level that envision our company and not based on our current state. With that in my let’s introduce our support along with its many security features. Another domain within our network environment is the workstation area that is where the majority of our users link to the IT equipment. A workstation could be a desktop, laptop computers, or any other apparatuses that can connect to ones network. Other tools may include a personal information assistant, a smart phone, or a special-purpose terminal. Within our workstation domain, which consists of several thin client terminals, we have provided the end user with what we deem necessary for them to be productive. We have hardened the system and verified antivirus files. In setting the system, we have ensured that the proper controls are in place to handle any known threats. This process of hardening includes aligning all computers so that they have the latest software revisions, security patches, and system configurations (Kim & Solomon, 2012). Our workstation domain that will mostly consist of thin client machines will have an added defense layer that implements workstation logon identifications and passwords to the protect entry into our infrastructure. Support will be provided for the users within our workstation domain environment by way of our desktop support group. Our IT security personnel will be charged with enforcing defined standards that ensure the integrity of user workstations and data. The IT security staff must safeguard controls as this is their primary responsibility within the workstation domain (Kim & Solomon, 2012). They also are tasked with assigning access rights to systems, applications and data. Our IT desktop manager is accountable for allowing employees the greatest use of their Workstation Domain. Our director of IT security is in charge of ensuring that the Workstation Domain conforms to policy. These assets prove to be invaluable to our organization because the Workstation Domain requires the most competent security and access controls. In fact, this is where users first gain access to the systems, applications and data (Kim & Solomon, 2012). The LAN Domain also needs high security and access controls because users can access company-wide systems, applications and data from the LAN Domain. This is where the third layer of defense is required. This defense protects the IT infrastructure and the LAN Domain and helps mitigate certain risks, threats and vulnerabilities that it detects. The most commonly found risk and threats that are found within the LAN Domain are unauthorized access to the LAN itself, systems, applications, and data. Other threats to the LAN Domain are vulnerabilities within the operating system software and the LAN server application software. We will mitigate these risks by making sure wiring closets, data centers, and computer rooms are secure; defining strict access control policies, standards, procedures, and guidelines; and implementing second-level identity checks to access to sensitive information systems, applications and data (Kim & Solomon, 2012). We have to pull out all stops to ensure that our infrastructure is secure. We will also define server vulnerability policies, standards, procedures, and guidelines, as well as conduct episodic vulnerability assessments to identify software gaps. A vulnerability assessment is a software review that identifies problems and threats in the software that are alleviated by software patches and fixes (Kim & Solomon, 2012). These mitigation features are instrumental to the security of our current working environment and the environment that we will provide going forward. We know some of our descriptions and explanations of our envisioned environment may seem verbose, but we feel that it is necessary for the sake of clear understanding. The LAN to WAN domain is the fourth area that links our infrastructure to the outside world moving us from an Intranet to the Internet. This implementation makes us more vulnerable to unauthorized bad guys namely hackers. More clearly stated, this application is like advertising to the world that we are transmitting because the Internet is open, public and easily accessible by anyone (Dhillon & Backhouse, 2000). The LAN to WAN domain includes both physical pieces and logical design of security appliance and is one of the most complex components to secure. The reason is that we have to maintain security while giving users as much access as possible. For this reason, physical parts need to be managed to give easy access to the service and security appliances must be logically configured to adhere to policy definitions. In order that we maximize our availability, guarantee data integrity and maintain confidentiality, we will institute IP firewalls, IP routers, demilitarized zones, intrusion prevention systems, intrusion detection systems, proxy servers, web content filter, and an email quarantine system (Kim & Solomon, 2012). We should also be cautiously aware of the risks, threats, and vulnerabilities involved within this particular domain. The IP firewall will be our particular line of defense used to prevent intruders from hacking into our infrastructure and protecting our customers’ records and financial records that are housed in the database. It can examine IP, TCP, or UDP packet headers for filtering. Speaking of filtering, we will institute a web content filter and an email content filter. These security appliances can prevent content from our infrastructure by filtering out certain domain names or keywords within domain names and by blocking content within emails or unknown file attachments for proper antivirus screening and quarantining. We will use IP routers to transport IP packets to and from the Internet or WAN (Kim & Solomon, 2012). These routers will be called upon to configure tasks that include IP routing and control lists. The demilitarized zone will serve as a buffer zone for inbound and outbound IP traffic while our proxy server will be used to isolate and screen IP traffic. Both the intrusion detection system and the intrusion prevention system will examine IP data streams for common attack and malicious intent patterns. They will trigger alarms and block IP data streams that are identified as a threat. References Covaleski, J. (2013). Hacking. San Diego, CA: ReferencePoint Press. Dhillon, G., & Backhouse, J. (2000). Technical opinion: Information system security management in the new millennium. Communications of the ACM, 125-128. Kim, D., & Solomon, M. (2012). Fundamentals of information systems security. Sudbury, Mass.: Jones & Bartlett Learning. Read More