StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Centralized PC Security - Essay Example

Cite this document
Summary
From the paper "Centralized PC Security" it is clear that the system will be protected centrally from intruders due to the Firewall installation. The employees can communicate via their personal email addresses. The database will be centrally maintained with a backup…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96% of users find it useful
Centralized PC Security
Read Text Preview

Extract of sample "Centralized PC Security"

? Table of Contents Introduction and Background 2 2 Analysis of Problems 2 3 Plan for Addressing Security Concerns 4 4 Conclusion 7 5 Work Cited 8 Name of the Author Name of the Professor Course 14 December 2013 1 Introduction and Background There is a hypothetical organization named as ABC Corporation that is maintaining a server which is not properly configured. The employees have access to all types of data and each one of them possesses a separate email account. Project Managers access data related to their importance. The organization requires a centralized well maintained information system, a firewall to automate their business processes and to store data in a secure way. To protect data, security policies are required to be defined. Contingency planning is also an essential aspect which cannot be disregarded. As per Ramesh, V.C., and Xuan Li there are three dimensions of contingency planning “The first issue concerns the handling of multiple objectives; we discuss the benefits of using fuzzy logic for handling this issue. The second issue is the consideration of the economic cost of post-contingency corrective actions as well as the utility of discrete control actions that complicate the modeling and solution of the contingency planning problem. The last issue is the need for of advanced parallel computing techniques for addressing the real-time aspects of many contingency planning problems;” 2 Analysis of Problems ABC Corporation has twenty seven desktop workstations either connected with each other via a hub or a switch. The workstations are only workgroups as there is no domain and security policies applied in the organization except some users have Internet access and only the manager has a separate email account. There is no email server available to provide separate email addresses to employees. The separate email addresses enables instant correspondence between the subordinates, hence making the communication better and cost effective. Currently the employees are using telephone for coordination which is not cost effective. Some workstations are used to store data. There is no access policy defined for the data stored in the workstations. The data is vulnerable as anyone can access it or delete it. The server is used only for providing internet access and data transfer within the network. There is no firewall installed in the network, either hardware or software which makes the data, hardware, software defenseless. There is no connectivity between the regional offices and head office. The manager access the financial information from the head office using the computer network. The 5 regional offices have five databases which they are maintaining individually. Immense amount of time is wasted when head office sends a CD named “House types data” to each regional office. The administrator copies the files available on the CD to the locally maintained database. The data is updated because the project managers have to access the plans and building specifications of the houses the company builds. The data contains all the detailed information of the house construction material which is required. There is no backup of devices, data, workstations and server. If any workstation containing database crashes, the data will be lost. 2.1 Security Vulnerabilities The impact of the security breach issues is unpredictable. It can be diverted and involves human suffering as well as revenue loss for the organizations. One of the security breach took place on 21 October 2010, as per “www.networksecurityedge.com” The Philadelphia Inquirer states “Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan have notified 280,000 Medicaid members that their information may be at risk after a portable computer drive containing the names, addresses, and health information was lost. The last four digits of 801 members' Social Security numbers were also stored on the hard drive”. This incident is related to theft of the hardware devices risking 280,000 Medicaid members. 2.1.1 Physical Security The organization does not have a Physical security defined. It involves the hardware, software, and network devices protection. There are no punch cards to access the server room. The room may contain the network devices and hardware devices. 2.1.2 Network Security There is no firewall and protection for the internal network of the organization as Internet is also connected to the network for some users. The organization is providing gateway to the intruders for breaching within the network. 2.1.3 Data Protection There is no data access strategy defined. None of the users are restricted to access any data within the organization. Every user logs in the system with the same user name and password making the data vulnerable to everyone. There is no procedure defined regarding the CD which comes from the head office to the regional offices. Data on the CD can be distorted effortlessly. 3 Plan for Addressing Security Concerns 3.1 Security The security of the organization can be made possible by installing IP surveillance cameras to identify any possible theft of any kind. The security can be divided into 3 categories: 3.1.1 Hardware Security Hardware security involves the security of the hardware devices of the workstations and the server. The workstation casings should be properly locked so that no one can try to unpack any hardware equipment from the workstation. The server should be in a separate room where only authorized personnel are given permission to enter. 3.1.2 Software and Data Security The employees will have a separate login username and password. The data access policies can be applied to that specific user in order to access the data as per the requirement. After logging with the personal username and password, the access list for each employee will be configured to only use the appropriate application as per the requirements of the organization for example CAD. Access of USB flash drives will be prohibited for the employees due to data protection and security concerns. 3.1.3 Network Security The organization requires a firewall to be installed. The regular updates are also compulsory in order to equip the firewall with latest security updates. The network of the organization is prevented by installing a firewall. There are two types of firewalls. 3.1.3.1 Device based firewall It is a hardware module which is separated and interacts with the Wide Area Network (WAN) interface. It filters the information as per the policies defined by the administrator before entering it into the local network. 3.1.3.2 Application based firewall It is a software package installed on the server. This type of firewall possess some disadvantages as the network can be easily vulnerable if the antivirus becomes unstable, stops working, corrupted, or any hardware failure occurs in the system on which it is installed. 3.2 Email Server A separate Email server is required to provide individual email address to all the employees. This will reduce the cost of the correspondence which is currently conducted on the telephone. It will also minimize communication gaps between the sub ordinates and at the same time improving the communication skills. It will also improve the effectiveness and performance of the organization. 3.3 Data Access Policy The Managers and Regional managers needs to access specific data. The database will be centrally maintained in the head office. Internet connection will be installed in each regional office in order to synchronized data between the head office and the regional offices. Full access will be given to the managers ID in order to access all the data available in the database. Limited access will be given to the regional managers in order to access the data as per the business requirements. 3.4 Network Security Configuration In order to provide separate usernames and passwords for logging in the system, a domain will be created on the server in order to provide security and usage policies for the users. Five new servers with firewall (which will act as a domain) will be added to the regional offices. The employees will access the data files from the head office to the regional office via File transfer Protocol (FTP). WAN will connect the database from the regional office to the head office. DSL (Digital Subscriber Line) will be used for the Internet connection. DSL connection works with a modem for transmitting and receiving data from the Internet. The configuration for Port forwarding activates the external access of the data for the Manager while at home. The IP address of the manager’s home Internet connection will identify the identity for authentication and granting access. The port forwarding option also enables the regional offices to access data from the head office eliminating the manual procedures. DSL modem will grant access to the Internet of any employee of the organization by providing the IP address of the workstation. 4 Conclusion The introduction of this report highlights the importance of centralized Information systems security. After the implementation of the new centralized system security, we have: The system will be protected centrally from intruders due to the Firewall installation The employees can communicate via their personal email address Database will be centrally maintained with a backup Data access will also be centralized for remote offices. Users can use personal user id and passwords for logging in the system. Data specific permissions are granted as per the business requirements. Separate server room, granting physical access to only authorized personnel staff 5 Work Cited Chan, Ivy, and Chao Chee-Kwong. "KNOWLEDGE MANAGEMENT IN SMALL AND MEDIUM-SIZED ENTERPRISES." Communications of the ACM 51.4 (2008): 83-88. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. "Information System -- Britannica Online Encyclopedia." Encyclopedia - Britannica Online Encyclopedia. Web. 27 Oct. 2010. "Missing Hard Drive Puts 280,000 Medicaid Members at Risk." Network Security Edge. 21 Oct. 2010. Web. 27 Oct. 2010. . Paul, Ray J. "What an Information System Is, and Why Is It Important to Know This." Journal of Computing & Information Technology 18.2 (2010): 95-99. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. Ramesh, V.C., and Xuan Li. "Strategies for improved contingency planning." Information & Systems Engineering 2.3/4 (1996): 183. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Centralized PC Security Essay Example | Topics and Well Written Essays - 1250 words”, n.d.)
Centralized PC Security Essay Example | Topics and Well Written Essays - 1250 words. Retrieved from https://studentshare.org/information-technology/1498150-centralized-pc-security
(Centralized PC Security Essay Example | Topics and Well Written Essays - 1250 Words)
Centralized PC Security Essay Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1498150-centralized-pc-security.
“Centralized PC Security Essay Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1498150-centralized-pc-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Centralized PC Security

International Logistics in the Manufacturing Industry - Tate and Lyle

On the whole, the company may adapt itself to either the centralized or decentralized theory of warehousing.... The paper 'International Logistics in the Manufacturing Industry - Tate and Lyle" reviews how the adaptation of inventory holding and for that matter warehousing as a strategy by Tate and Lye can be utilized as an effective means of ensuring that the company gets the best out of the strategy....
12 Pages (3000 words) Case Study

Milestone Challenge Solution

One of the first of such setbacks has to do with the issue of internet and software security.... There shall therefore be a solution to the need of the company whereby individual information technology systems shall be created to cater to the individual needs of employees but at the same time there will be a centralized processing mechanism to regularise the collective functions of employees....
8 Pages (2000 words) Report

Microsoft's Security Measures

The paper "Microsoft's security Measures" states setting a firm's agenda without proper security settings in place is inappropriate for most firms.... A comprehensible security management system that manages numerous security components across multiple devices is extremely crucial to the company.... Information security is an important aspect of modern human activities and processes due to the increased use of technology and networks, which pose threats to private and confidential data or information....
7 Pages (1750 words) Case Study

System Implementation for the Allianz Bank

This report "System Implementation for the Allianz Bank" presents a detailed analysis of the new open-source technology-based system implementation analysis for the Allianz bank.... The aim of this report is to assess and analyze some of the main aspects and scenarios regarding this system implementation....
6 Pages (1500 words) Report

Milestone Challenge Solution

One of the first of such setbacks has to do with the issue of internet and software security.... This case study "Milestone Challenge Solution" presents the company which is empowered to go for the emerging technology that is based on the principle of individuality and independence of operation whiles ensuring a centralized monitoring system.... There shall therefore be a solution to the need of the company whereby individual information technology systems shall be created to cater to the individual needs of employees but at the same time there will be a centralized processing mechanism to regularise the collective functions of employees....
8 Pages (2000 words) Case Study

Integrated Project on Tourism

"Integrated Project on Tourism" paper argues that in order to save the four new acquisitions from undergoing such a situation, it is very fair that due diligence is practiced in critical areas or aspects of the supply chain process including inventories, purchasing resources, and warehousing.... ...
22 Pages (5500 words) Assignment

Top-Down Network Applications Design

Moreover, the identification and mitigation of all the security issues that were found existent within the network model of Fiction Corporation is also an important factor for consideration within the project.... The appropriate accomplishment of the determined goals in keeping with organizational requirements will necessitate the installation and functional integration of 2 large UPS, 4 RS/6000 AIX application servers, 10 virtualized servers, and 20 pc servers....
12 Pages (3000 words) Coursework

Cryptographic Protocols

Cryptographic protocols are methods use to ensure the security of communication systems such as wireless networks and multimedia networks.... ain BodyKey Criteria in choosing encryption in a networkAs stated above encryption plays a very important in securing personal property and therefore when making a choice of security there are actors to consider ensuring the right encryption is in place for the right system.... Some of the factors to consider in choosing encryption include 1) Form of network-public or private 2) Type of communication network – multimedia/wireless network 3) other security measures in place....
9 Pages (2250 words) Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us