Wedding Services

Research Paper

Part Three: Research Paper
Topic: Security threats and the connected organisation - what dangers, what solutions?
Introduction

Nowadays most of the organisations do not consider enterprise security as part of their business priorities although they are facing these problems. Organisations often keep conventional and obsolete infrastructure that is no longer suitable to protect against the ever-evolving security attacks.

What is the danger?

There are types of security threats which are danger for the organisations such as disruptions, destructions, disaster and unauthorised access. All these security threats are very danger to the organisations. Intruders steal confidential information such as credit card numbers, passwords, financial records, client information, and private company data. Some disruptions may also be caused by or result in the destruction of data. Natural disasters may occur that destroy host computers or large sections of the network. Unauthorized access is often viewed as hackers gaining access to organizational data files and resources. However, most unauthorized access incidents involve employees.As a matter of fact; today��s threats are diversifying their abilities, causing system or data destruction. The following illustrates some new-generation security breaches and their potential in causing different types of damage: Viruses and worms modify registries, clog networks and interrupt various computer systems. Most organisations will regularly encounter virus outbreaks. No one who uses computers is immune to viruses. Hackers exploit flaws in programming scripts and other web server weaknesses to deface and hijack websites. In the case of more serious and co-ordinated attack, cyberterrorism is used to immobilise an institution or a country by launching simultaneous attacks on multiple targets.

The above are just some examples of physical damage. These threats often target important components in an organisation such as databases, networks, servers and other mission-critical data or systems. Failure to protect these components will certainly bring more significant losses to an organisation. Assuming you have effective physical security, the next threat to system integrity is unauthorized access to the network itself. This threat can be depicted in two areas: those seeking access without knowing the network (from outside), and those seeking access to the network from the network (from inside).

What is the solution?

Due to the danger of the security threats and the connected organisations, there are several of solutions to prevent the security threats. Developing a secure network means developing controls. Controls are mechanisms that reduce or eliminate the threats to network security. There are three types of controls: Preventative controls are mitigated or stop a person from acting or an event from occurring, detective controls are revealing or discover unwanted events and corrective controls are rectifying an unwanted event or a trespass.

Risk assessment assigns levels of risk to various threats to the network security by comparing the nature of the threats to the controls designed to reduce them. It is done by developing a control spreadsheet and then rating the importance of each risk.

Redundancy is the key principle in preventing disruption, destruction, and disaster. Redundant hardware that automatically recognizes failure and intervenes to replace the failed component can mask a failure that would otherwise result in a service disruption. The most common example of redundancy is an uninterruptible power supply (UPS). A UPS allows a network to continue to operate for a short period of time in the event of a power failure. Then the network computers can be switched to a back-up generator or shut down gracefully, instead of crash.

In some cases, the disruption is intentional. One often overlooked security risk is theft. Computers and network devices are commonplace items that are relatively expensive. There is a good second-hand market for such equipment, making them valuable to steal. Any security plan should include an evaluation of ways to prevent someone from stealing equipment. Special attention also must be paid to preventing computer viruses. Some viruses are harmless and others are serious such as the destruction of data. The best way to prevent is always check all diskettes and files for viruses before using them. It is important to frequently update the virus information files that are provided by the anti-virus software.

Other than that, the most important element of the disaster recovery plan are backup and recovery controls that enable the organization to recover its data and restart its application software should some portion of the network fail. The simplest approach is to routinely make backup copies of all organizational data and software and to store these backup copies offsite at a different location.

The organisations should control unauthorized access. Unauthorized access is type of security problem, and the one that tends to receive the most attention. No one wants an intruder breaking into their network. There are four types of intruders who attempt to gain unauthorized access to computer networks. The first are casual hackers who have only a limited knowledge of computer security. The second type of intruders is experts in security which motivation to hack into unauthorised places is the thrill of it all. The third type of intruder is the most dangerous. They are professional hackers who break into corporate or government computer for specific purposes, such as espionage, fraud, or intentional destruction. The fourth type of intruder is also very dangerous they are who have legitimate access to the network but who gain access to information they are not authorized to use. Most security break-ins are caused by this type of intruder. Network security so important is to keep hackers away from their personal information.

Preventing unauthorized access means routinely testing security systems before an intruder does. Many steps can be taken to prevent unauthorized access organizational data and networks, but no network is completely safe. There are eight general security areas related to preventing unauthorized access: a security policy, user profiles, physical security, dial-in security, firewalls, network address translation, security holes, and encryption. One important element of security way is physical security, preventing outside intruders from gaining access to the organization��s offices or network equipment facilities. Any organization that permits staff members to access its network via dial-in modems opens itself to a broader range of intruders. Another strategy is to use call-back modems & automatic number identification (ANI) so only users dialing in from authorized locations are granted access. One-time passwords provide a strategy for traveling employees who can��t use call-back modems and automatic number identification. A firewall is a set of related programs, located at the network's gateway server that protects the resources of a private network from users from other networks. No access is permitted except through the firewall. Some firewalls have the ability to detect and prevent denial-of-service attacks, as well as unauthorized access attempts. Besides that, one of the best ways to prevent unauthorized access is encryption. An encryption system has two parts: an algorithm and the key. With the algorithm and the key, the information in readable form (called plaintext) is changed to the encrypted form (called cipher text).

Since unauthorized access can not always be prevented, some organizations may want to try to detect when it has occurred. This is done using one of types of Intrusion Detection Systems (IDS). Intrusion Detection is a type of security management system for computers and networks. There are two fundamental techniques that these three type of IDS can use to determine that an intrusion is in progress; most IDS use both techniques. The first technique is misuse detection, which compares monitored activities with signatures of known attacks. The second fundamental technique is anomaly detection, which works well in stable networks by comparing monitored activities with the "normal" set of activities. An Intrusion Detection system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization). Intrusion detection is to monitor and analyze both user and system activities, analyze system configurations and vulnerabilities, assess system and file integrity, ability to recognize patterns typical of attacks, analysis of abnormal activity patterns, tracking user policy violations.

Example of case study for security threats and the connected organisation: Dartington Crystal Ltd

Dartington Crystal Ltd is the UK��s largest producer of handmade crystal and glass tableware. The company has 250 work forces which produces and sells crystal and glassware to many of the UK��s leading retailers. The company has a large, mobile sales force servicing retailers throughout the United Kingdom. The sales team accesses email and business applications from their own laptops. Therefore need a robust security solution that would enable access to online applications, whilst guarding commercially sensitive information.

The remote sales team has to view up to date customer records, sales orders and stock information. The sales team must quickly access information through network so that they could get the first-handed information and then passed to headquarter immediately. The system must be able to respond quickly and also prevent data loss during transmission. The virtual private network unable to full fill the company requirement, therefore they need a robust security solution to protect their company sensitive information being stolen by intruders.

Many of the latest company now are only focusing on antivirus software; they tend to forget other aspects of security, whereas ISC is the only company which offers major consultancy, security and also risk mitigation within the company. Dartington Crystal choose ISC because they are the only company which offers full range of consultancy and software and hardware which is the basis for the building of a security solution.

Businesses always face risks, whether it is from economic conditions or cyber crime. Many business disasters are made possible by a lack of data security. On top of that proliferation of electronic access points into organisation has also increased the risk of damage.

ISC initially has conducted a full survey of Dartington��s computer network, emulating the kinds of activity a hacker might undertake. Additionally, ISC consulted Dartington on the legal implications of security breaches and the ramifications of issues like customer data privacy being infringed.

In addition, ISC has developed a technology solution, which allowed Dartington to scan emails and other applications for viruses and then quarantine them. The technology chosen is based around the world��s leading MIMEsweeper content security software from Clearswift.

Another important issue which was resolved by ISC was assessing Dartington��s business risks, which included legal, technical and insurance implications. Once these issues were identified, ISC & Dartington devised a comprehensive solution, which was agreed and implemented.

New techniques are constantly found to circumvent security that had previously been classed as very secure; therefore companies must also put in place regular checks.�� These new changes in technology might cause some problem and expose new security threat. Therefore initial testing of the system and product must be carried out during the first few stages of the implementation.

After receiving the solution from ISC the work force are now able to access the company��s secure network from remote locations and sensitive information is also protected. The standard of sales presentations had improved this enabled the company to convince the retailers to stock Dartington products.

The process of sales orders increased, this is one of the factors leading to higher customer satisfaction. The company has the ability to expand their business in the future and they are confident that the digital sales channel will bring in great benefit to the company.

Reference:

1. http://www.globalitsecurity.com/Assessment/docs/intrdetc.html
2. http://www.cc.boun.edu.tr/network_security.html
3. http://www.nv.cc.va.us/home/bholt/chap12/sld057.htm
4. http://www.speedyadverts.com/SATopics/html/information_security.html
5.http://www.atlanticsoftware.co.uk/ISCNET2002/Case_Studies/Risk_Management_And Security.Dartington.asp

Valid XHTML 1.1! Valid CSS!