Due to the current security issues concerning cyber security, it is important for the company to lay day security measures that would assist the company to avoid risk that comes with cyber security attacks. There are advantages that comes with employing modern security measures for instance, the company would enhance a general security posture, increase the efficiency of operation and enhance accountability among the staff and the employees among other advantages. Handling of data such as for accounting in the organization may be vulnerable to cyber-attacks, leaking of organization information or even data loss. The JL Company should adopt to the modern technology in their business operation, it staff should possess adequate knowledge and skills in handling the modern technology because in case of any risk it would be a fatal to the organization. It is important for the company to lay down a strategic security measures that would help in minimizing risk that are associated with adopting to the new technology (Buczak & Guven, 2016).
Since the company have started to engage in online activities, the strategic security measures would play a crucial role in safeguarding the company resources, increasing the number of staff as suggested by the company would be helpful. This report would major on solution that that would address the current security concerns of the company. My research on current cyber security attacks enable to come up with measures that would help in addressing the current situation (Yunfei, Yuanbao, Xuan & Qi, 2015).
Malicious attacks, such as hacking and viruses
Because the computers have the JL company does not have antivirus, the company have recently been attacked by a ransomware, a ransomware is a malevolent software which is created to block accessibility of computer till a specified amount of money is paid.
The data loss in the JL Company courses the computer to misbehave, this is because of the errors in the systems in which the data is destroyed by neglect or failures in storage processing or data transmission. Data loss is also closely related to data beach, this is where the data are accessed by unauthorised persons. The JL Company can prevent data loss by doing the following
The data of the JL Company does not have access limit, the employees can access emails freely. The company should address this issue immediately because it would bring big security beaches. The consumers of the company would feel worried if this is going to happen. Data beaches will bring a lot of problems to the JL Company, the criminal attacks would affect company negatively and it will costs the company millions of many and it is going to tarnish the reputation of the company (Peltier,2016).
Recommendations to the JL Company to solve the security beach
There are several ways in which the JL Company may solve this issue of the security beach which would help the company to safeguard their data.
In the current situation of the company, every employee can access all the data in the office computer. The employees should stop this immediately otherwise the company would learn the add way, after all, it is of no reason for the mailroom workers to access the financial information of the customers. Limiting access would help in avoiding this scenarios and also would limit the employees from clicking on links that may harm the data of the organizations (Perlman, Kaufman & Speciner, 2016).
Analysing the current situations of the JL Company, the employees are causing the computers of the company to be more susceptible to attacks, accessing emails daily will have the potentiality to downloading of viruses. I recommend the company to create posters that would help to warn employees against cybercrimes and provide ways of avoiding those (Da & Martins, 2015).
I recommend the JL Company to keep the operating and all the application software updated. Installation of patches when it is available will be a good practice. The network of the JL Company is vulnerable because the programs are not updated and are not patched up. This is an easy way to make the network to be strong and eliminate attacks before it happens (Ghai, Sharma & Jain. 2015).
The current passwords used by the JL company admin is very easy to predict. Employees should be encourage to change passwords regularly in order to avoid cyber beaches. The employees should learn to use combination of special characters, uppercase, lowercase, letters and numbers while setting passwords. The password should be made difficult to make it impossible for the thieves to break it and still the data (Flowerday & Tuyikeze, 2016).
The internet access in the company is through ADSL utilizing D-Link wireless router. This type of network have certain vulnerabilities. The company can resolve in the following ways:
The wireless network contain some vulnerabilities such as man-in-the-middle attacks, this happens in a this scenario: the attack set up a wireless network that have the same SSID with the network they are going to copy, when someone tries to connect to the network a ‘’ bogus RADIOUS server’’ capture the logins credentials. The attacker would then connect to the real network using the captured logins (Soomro, Shah & Ahmed, 2016).
Most of the useful mechanism to use is deploying enterprise mode of wireless securities because it would assist to authenticate every user independently. So in an event of computer being stolen or as staff leaves the organization, the user logins would be revoked (Biscop, 2016)
Use wired network instead of wireless network- is more secure against threats
The JL Company use an incorporated computing devices, digital and mechanical machines that has unique identifiers. This IOT are vulnerable to bring security issues to the company (Wang, Jajodia, Singhal, Cheng & Noel, 2014).
Ways in which the JL Company may apply to prevent IOT threats
For the JL Company to set up a security measure, it would have to use substantial capital to establish a security measure that would help the company to reduce the risk that are exposed to. The infrastructure required would be the servers and servers. The latest security software should also be bought and installed to the computers systems of the organization. These infrastructure may be costly to the JL Company because it would also require experts to that would assist the company in the installation, configuration and maintenance of the system. The following table summarises the cost per unit and the total cost that would be required in US dollars (Siponen, Mahmood & Pahnila, 2014).
|
Ways to address security issues |
Unit cost ($) |
Total cost ($) |
|
Windows server update |
20 |
100 |
|
External hard drive for backups |
10 |
20 |
|
Antiviruses |
20 |
30 |
|
Employee training |
50 |
100 |
|
Human resources |
100 |
200 |
|
Data loss prevention softwares |
20 |
80 |
|
Posters |
5 |
20 |
|
Other expenses |
30 |
80 |
|
Total |
630 |
The total approximate cost the company is expected to incur to address all the cyber security issues is $ 550.
Windows server 2000 vs windows server 2012
|
Windows server 2000 |
Windows server 2012 |
|
The GUI cannot be turn on or off
|
Has freedom of the interface |
|
Limited server capabilities |
Multiple server capabilities |
|
Low dynamic access control |
Have higher dynamic access control |
|
Operates with low speed |
Has high speed of operation |
Vipre was rang as the best antivirus in the year 2016 as compared to other antivirus. Kaspersky was rang number. Both of this antiviruses would be useful in providing the JL Company in providing advance security to the resources of the company. The following table shows the comparison (Almorsy, Grundy & Müller, 2016).
(Armbrust et al. 2010).
Conclusions
The JL company management has face many security issues in controlling their network resources that have resulted to data loss, intrusion, ransomware attacks and other hazards that occur due to negligence and lack of knowledge.it is necessary for the company to design a security measure that would help to protect the network infrastructure. It would essential for the company to systematically design a security measure that would assist the organization to run smoothly and free of risk (Anderson &Pettersson, 2015).
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., … & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50-58.
Andersson, S. M., & Pettersson, M. G. (2015). U.S. Patent No. 9,191,822. Washington, DC: U.S. Patent and Trademark Office.
Biscop, S. (2016). The European security strategy: a global agenda for positive power. Routledge.
Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153-1176.
Da Veiga, A., & Martins, N. (2015). Improving the information security culture through monitoring and implementation actions illustrated through a case study. Computers & Security, 49, 162-176.
Flowerday, S. V., & Tuyikeze, T. (2016). Information security policy development and implementation: The what, how and who. computers & security, 61, 169-183.
Ghai, V., Sharma, S., & Jain, A. (2015). U.S. Patent No. 9,111,088. Washington, DC: U.S. Patent and Trademark Office.
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and compliance. Auerbach Publications.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), 217-224.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215-225.
Wang, L., Jajodia, S., Singhal, A., Cheng, P., & Noel, S. (2014). k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities. IEEE Transactions on Dependable and Secure Computing, 11(1), 30-44.
Yunfei, L., Yuanbao, C., Xuan, W., Xuan, L., & Qi, Z. (2015, August). A Framework of Cyber-Security Protection for Warship Systems. In Intelligent Systems Design and Engineering Applications (ISDEA), 2015 Sixth International Conference on (pp. 17-20). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download