Question:
Prepare a report on data storage, data transfer, user authentication and network monitoring?
In this report the existing network of ‘Your Events’ will be analyzed from the information security viewpoint. There will be security planning for data storage, transmission etc. over the Intranet and Internet, use of different kind of authentication methods for different categories of users.
Currently, the company manages an Intranet, a central data center and related IT infrastructure for their business. They have geographically separated offices at four large cities and the head quarter is in London. At head headquarter, there is a data center for the company. There are file, print and mail servers. The sales staffs sell tickets via telephone and there is a website for the company also. Customers can purchase tickets from the website. Thus there will be transaction of customers’ personal information, credit card information etc. moreover, the company stores all these information at their web server. There is a backup of these data from web server to the file server. File server data are accessed for accounting activities.
Now, the company collects, stores and processes huge amount of personal data and credit card information from the customers. It is the sole responsibility of the company to ensure the privacy of those data when stores and processed by the company. Also there are data protection issues. These data must be protected from all kind of misuse, unauthorized access, damage, modification etc.
The security planning for ensuring secure storage and transfer of data are given as,
There are different kinds of users who interacts with the IT infrastructure, information systems and website of the company. There are visitors and customers who visits the company website, makes ticket purchase over online platform. There are the sales staffs who access the system, checks status of tickets and books tickets on the behalf of the customers who purchases tickets via telephone. There are accounting staffs who access transactional information and file server, to carry on different accounting operation.
However, there is lack of proper access control in the current scenario. For example, the data from web server is stored at the file server as a backup. And from there accounting staffs access those data. The backed up data includes personal data of the customers and information such as credit card information. Now, these data will not be needed for accounting. Accounting will need access to the transactional, sales, procurement, payroll etc. related data. In fact, the credit card data will not be required by the business or any other staffs.
So, there should be different levels of access control and proper user authentication techniques before granting requests for accessing sensitive business, customer and customers’ credit card data.
The access control and authentication techniques should be,
All these authentication will save from unauthorized access to sensitive business data. It will also ensure availability of data to legitimate users. (Apelbaum, 2007)
For transmitting data between offices, a secure private VPN channel should be created. It will build a private network for the company over the public Internet. The systems across the business sites will be able to connect to the VPN and can data securely and privately across the VPN channel. There are several benefits of using VPN in terms of security, functionality and management of the network. There will be virtual point to point connections between the systems. Also there will be virtual tunneling protocol for more secured infrastructure. The tunneling process will also help to encrypt the traffic or data transmission across the VPN. The implementation can use technologies like IPSec or OpenVPN. (Snader, 2006)
For securing the data transmission from customers or user of the website over the Internet, the company needs to implement security control and implementation like SSL or Secure Socket Layer, HTTPS, Digital certificates, secure payment gateways etc. All transaction at the website will be done through SSL or HTTPS. It will help to transfer information like credit card information securely over the Internet. (Stallings, 2006) There are two cryptographic keys used in SSL. The public key is used by every customer for encrypting their data, on the other hand, the company will use a secret private key for decrypting the encrypted text. SSL creates a secure connection between client and server.
On the other hand, HTTPS sends each message from user to the receiver securely. Thus SSL and HTTPS are complementary to one another. (Ciampa, 2011)
The company can use digital signatures and use the same for sending any message to the customers or staffs. This will ensure that the company is sending the message, not any other person. This will help to ensure the identity of the company to its customer. For example, after sharing a credit card details, the customer need to be sure that whether the details have been reached to the company or not. The acknowledgment message and digital certificate from the company will help to ensure that. Even is worse cases, if the credit card information have been stolen from midway and used by any other attacker, then the company can prove that. Because the attacker can disguise as the company but won’t have the digital certificate. (Speciner, et al., 2002)
There are other kind of security mechanism for data transmission over the network for example PKI or Public Key Infrastructure. This also helps in securing data transmission over the Internet. There is also a pair of encryption keys and digital certificates. But PKI is basically used for email encryption. As the company does not use email based communication with their customers, so this technique is not very much applicable for them. (Ciampa, 2011)
Vulnerability can be there in any information system or information technology infrastructure. Identification and safeguarding the vulnerabilities is a part of securing the network. It needs a constant monitoring process. There are various benefits from these vulnerability monitoring and scanning processes. Some of the benefits are,
Also there are different types of vulnerability scans. Vulnerabilities can come from the network of the customer or from Internet. There can be External and Internal scans that refers to scanning of private ports and LAN of the customer respectively.
On the other hand there is range scanning for all external ports of a system. It checks all well-known ports, unused IP addresses etc. and finds if there is any exploitation of the vulnerabilities. (Manzuik, et al., 2006)
The processes, techniques etc. discussed in the report will help the company to make their current infrastructure secure for present and future. While preparing the report, it helped to learn about the networks and IT infrastructures used by the organizations, what are the different kind of threats faced by these organizations etc. Along with that, it helped to understand different countermeasures for the security risks, how those can be mitigated etc.
References
Apelbaum, Y., 2007. User Authentication Principles, Theory and Practice. s.l.:Fuji Technology Press.
Arregoces, M. & Portolani, M., 2003. Data Center Fundamentals. s.l.:Cisco Press.
Ciampa, M., 2011. Security+ Guide to Network Security Fundamentals. s.l.:Cengage Learning.
Harrington, J. L., 2005. Network Security: A Practical Approach. s.l.:Elsevier.
Manzuik, S., Pfeil, K. & Gold, A., 2006. Network Security Assessment: From Vulnerability to Patch. s.l.:Syngress.
Snader, 2006. VPNs Illustrated: Tunnels, VPNs, And IPSec. s.l.:Pearson.
Speciner, M., Perlman, R. & Kaufman, C., 2002. Network Security. 2nd ed. s.l.:Pearson .
Stallings, W., 2006. Cryptography And Network Security. 4th ed. s.l.:Pearson .
Stewart, J. M., 2013. Network Security, Firewalls and VPNs. 2nd ed. s.l.:Jones & Bartlett Publishers.
Tipton, H. F. & Krause, M., 2007. Information Security Management Handbook. 6th ed. s.l.:CRC Press.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download