This report aims to discuss the security of information systems and risk management methods for ensuring the security of an organisation. The selected organisation for this report is CISRA. The threats against the information systems of the organisation is provided along with the working mechanism of ransomware and three tools that can be used to tackle ransomware attack. The threats against the routers and switches of the network is discussed and how these routers and switches can be vulnerable to destruction and abuse are stated. A detailed discussion of how the organisation can ensure reliability and availability of the web service is discussed. The methods of ensuring confidentiality and integrity of the staff email is discussed. A brief discussion of the prioritisation of the threats and the security and malware issues that are related to the webmail and web server is discussed. An appropriate solution is proposed in this report for the improvement of availability of email servers. The impact of human factors and the issue related to organisation on IS-based security and risk management is provided. The use of log records that includes security, access event in monitoring and analysis of the web server and email server problems is stated. The use of audit log reports for performing auditing analysis is stated. Five new network devices are proposed in this report to mitigate the security risks. Lastly, this report concludes with an appropriate conclusion of this report.
IS security being the most crucial aspect in an organisation to ensure proper functioning of the organisation. There are several threats against the information system that can cripple an organisation and effect the working of that organisation at the fundamental level. Organisations use several mitigation techniques to ensure the safety and security of the network of the organisation.
Working principle of ransomware
Ransomware are the type of malware that is used to block and restrict the access of the files in a system and ransom is demanded for those files to be released. The hacker senders a suspicious email or some file on the internet and when a user downloads the file or visits the website then the malware is downloaded in the system of the user and blocks the access of the user on the files in the system. The computers that are infected displays several messages that notifies the user to pay the ransom for unblocking the files and even after paying the ransom, there is no guarantee that the user will be able to retrieve all the files (Cabaj & Mazurczyk, 2016).
The tools that can be used for protecting the system against the ransomware attacks are as follows:
Avast anti-ransomware tools: Avast provides an anti-ransomware tool that can be used to tackle the threat of ransomware. This tool provides a decryption and installation wizard. In this tool, the software will ask for two copies of all the files in the system, one of them needs to be encrypted and the other one is open. This method is used for comparing and determining the password.
BitDefender Anti-ransomware: This tool is majorly used for protecting the systems from ransomware viruses like Locy, CTB-Locker, Petya, and TeslaCrypt ransomware. Once this software is loaded, the program detects an infection in the system and stops the complete execution of the program to prevent all the files from being encrypted. This program offers the option of retrieving the files back if they are taken hostage.
Kaspersky anti-ransomware tool: The tool of Kaspersky has been designed for the medium or small businesses for protection of the system from ransomware viruses. This tools works constantly in the background and provides protection to the files in the system by monitoring the system activities.
Threats against the routers and switches of a network
Some of the common threats to the network devices of the organisation are as follows:
DoS/ DDoS attacks: These attacks are commonly used to cripple the network of an organisation or take control of the network of the organisation. Network devices are specifically targeted to hijack and take control of the complete network of the organisation. Huge amount of traffic is sent to the devices of the network that hampers the proper working of the network devices and the devices are destroyed. With the help of DDoS attacks, the attackers take control of the systems of the organisation (Mousavi & St-Hilaire, 2015).
Malware threats: The use of malware by any unauthorised user or hacker can cause damages to the network of the system and destroy the network devices. The most common types of malwares that are used to attack the network of an organisation are Trojan, worms, viruses and spam. Any unauthorised user with the help of malware can misuse the network devices (Antikainen, Aura & Särelä, 2014).
Rootkits: This collection of tool is specifically designed for gaining access to a network at the administrator level. The rootkits are commonly placed in a network via any security hole that is identified in the network. These holes are generally located in the legitimate applications of a business network.
Reliability and availability of the web service of an organisation
Reliability offers the facility of the stack of Web service for exchanging SOAP (Simple Object Access Protocol) messages without any redundancies and guaranteed delivery along with message ordering. Headers of SOAP message contains the information that permits the proper delivery of the messages in a reliable order (Madsen et al., 2013).
Some methods to provide reliable web service to the staffs of the organisation are:
Availability of the web service is an essential feature of the performance of an organisation. The organisation can face serious problems if there is an unavailability of web service (Ahmed & Wu, 2013). Effective strategy for increasing the availability of the web service are:
Ensuring the confidentiality and integrity of the staff email
Some methods to ensure the confidentiality and integrity of the staff of CISRA are as follows:
Threats to malware and security issues related to web mail and webserver
Threats to web mail are as follows:
Some of the threats to the web server are as follows:
Approaches to improve the availability of email servers
Figure 1: “Use of firewall to secure the email and webs server”
Source: (Sood & Enbody, 2013)
One approach of improving the availability of email servers is with the implementation of firewall in the servers of the system. The servers should be divided into segments so that in the cases of any fault in the servers, the other servers will not be affected and the work of the organisation will not be harmed. Firewall is important for the servers because it will help in protecting the servers from any unauthorised access. The employees with proper access the email facility and the monitoring of the email communication can be carried out easily.
Figure 2: “Use of cloud computing to secure the email server”
Source: (Jang-Jaccard & Nepal, 2014)
Another approach of improving the availability of email servers can be with the help of cloud computing. All the communication records can be preserved in the cloud storage and proper authorised users can easily access the emails. The facility of cloud anti-spam will help the organisation to prevent any spamming attacks from the incoming spams in the emails of the staffs. The facility is essential for the organisation, CISRA as the major form of communication among the employees is with email and the threat of spamming has affected the email servers. The antivirus of cloud protects the data and the emails that are stored in the cloud storage of the organisation and prevent the access of any unauthorised users. The threat of virus attacks on the email servers can be mitigated with the help of this method. The staffs of the organisation will have a better availability of email services.
Impact of human factors and organisational issues
The impact of human factor and organisational issues on IS related security are as follows:
Errors: This is the human factor that impacts the issues of IS-related security in an organisation. The main issue of the security in an organisation by a human can be error. Error is defined as divergence in an efficiently working system. Human errors can be careless and deliberate. The source of errors by humans are considered to be the forces of security culture and communication (Von Solms & Van Niekerk, 2013). The information system of an organisation can be affected severely even though it is built with enormously great technical backbone. The security policies of the CISRA organisation is designed for restraining behaviour for eliminating errors.
Awareness of information security: This factor is grouped in the organisational factor of IS related security. The programme of awareness is required to make the employees of the organisation understand their responsibilities and the duties towards the security of the information system. There is a probability that the security policies of the organisation can be misinterpreted and misunderstood by the employees, and therefore it is very important to conduct the awareness programmes. Organisations are extremely hesitant towards their employees to follow the rules and regulations of the information system such as security policies (Metalidou et al., 2014).
Risk management recommendations are:
Risk management in a specific tool must be carried out in four steps:
Qualitative assessment: the information tool of risk management must record the assessment of any risk in all possible ways that helps in monitoring and documentation of risk priorities. The documentation of risk management must be carried out in a method, which keeps a records these phases of processing.
Prioritisation
Risk measurement
Monitoring risk treatment actions: the responsible members of the organisation must carry out a constant reporting of the implementation actions within the tools.
Use of log records for analysis of web server and email server
Figure 3: “Log records”
Source: (Gul, Wu & Yang, 2013)
Log records are the record sets that an organisation maintains to administrator the important events. The types of logs that are monitored are application logs, event logs, service logs, ad system logs. The management of log records is an important integral part of the responsibilities of any administrator of the server. With the help of proper monitoring of the log files, the organisation can have a detailed insight on the performance of the servers, security, and the issues that are underlying in the web server and the email server and error messages (Jans, Alles & Vasarhelyi, 2013).
Use of audit log reports for performing auditing analysis
The trails of audit are the electronic or manual records of any procedure or event that are maintained to provide support history and documentation, which can be used for authenticating operational actions and maintain security, or eliminate the challenges (Scott-Hayward, O’Callaghan & Sezer, 2013). The audit records contains elements that are defined by an organisation commonly includes the description of the event, the record of the system, user and the applications that were launched at the event, and the time and data of the event. Maintenance of long-term audit records can be difficult for any organisation as the log records occupies huge storage space that might not be readily available. The benefits of audit trailing are:
Network devices for mitigating security problems
Some of the network devices that can be used by the CISRA organisation to mitigate the security threats of the email server and the web server are as follows:
Firewalls: This is a device that is implemented in the network of an organisation for monitoring the outgoing and incoming network traffics and decide whether any specific traffic must be blocked based on a pre-defined set of security rules.
Content filtering devices: The devices that are used to perform the task of filtering content from the internet are the content filtering devices. Content filtering is basically the used of devices or programs that has the ability of screening and excluding the access of suspicious web pages and email from the internet (Zhao & Ge, 2013).
Web caching: web caching is the method of storing responses that can be reused for making subsequent easier requests. The use of web caching can be helpful for securing the web server and the email servers. This function is the core design feature of HTTP protocol that is meant for minimising the traffic of the network and improve the alleged receptiveness of the whole system (Perlman, Kaufman & Speciner, 2016).
Crypto-Capable Routers: This feature is built in the routers to provide the router an ability of using session encryption amongst indicated routers. The organisation can utilise this ability of the routers to provide better security to the web server and the email server (Zaalouk et al., 2014).
Virtual Private Network Gateways: organisation use VPNs to gain the ability of connecting to any remote private network via the internet. VPNs span the internet as the users connect through the internet to a remote VPN server.
Therefore it is recommended to the organisation CISRA to implement better security measures to provide seamless access to the staffs and increase their productivity. Firewalls must be implemented in the server of the organisation to prevent the access of any suspicious email or web content. Content filtering devices, crypto-capable routers, VPN gateways and web caching must be used by the organisation to provide better security to the network of the organisation.
Conclusion
Therefore it can be concluded that, the organisation CISRA uses information system to provide better access of information to the staffs of the organisation. The threats of ransomware can hinder the growth of the organisation. The ransomware attacks are meant to seize all the data from the system of a user and demand ransom for that data to be released. Some of the threats against the routers and switches of a network are malware threats and DoS/DDoS attacks that are designed to cripple the network of the organisation and procure all the data that are available on the network of the organisation. One approach of improving the availability of email servers is with the implementation of firewall in the servers of the system. Another approach of improving the availability of email servers can be with the help of cloud computing.
References
Ahmed, W., & Wu, Y. W. (2013). A survey on reliability in distributed systems. Journal of Computer and System Sciences, 79(8), 1243-1255.
Antikainen, M., Aura, T., & Särelä, M. (2014, October). Spook in your network: Attacking an sdn with a compromised openflow switch. In Nordic Conference on Secure IT Systems(pp. 229-244). Springer, Cham.
Cabaj, K., & Mazurczyk, W. (2016). Using software-defined networking for ransomware mitigation: the case of cryptowall. IEEE Network, 30(6), 14-20.
Farrokhi, F. R., Gunther, M., Williams, B., & Blackmore, C. C. (2013). Application of lean methodology for improved quality and efficiency in operating room instrument availability. Journal for Healthcare Quality.
Frotzscher, A., Wetzker, U., Bauer, M., Rentschler, M., Beyer, M., Elspass, S., & Klessig, H. (2014, June). Requirements and current solutions of wireless communication in industrial automation. In Communications workshops (ICC), 2014 IEEE international conference on (pp. 67-72). IEEE.
Gul, F. A., Wu, D., & Yang, Z. (2013). Do individual auditors affect audit quality? Evidence from archival data. The Accounting Review, 88(6), 1993-2023.
Hampton, N., & Baig, Z. A. (2015). Ransomware: Emergence of the cyber-extortion menace.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 973-993.
Jans, M., Alles, M., & Vasarhelyi, M. (2013). The case for process mining in auditing: Sources of value added and areas of application. International Journal of Accounting Information Systems, 14(1), 1-20.
Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security. Jones & Bartlett Publishers.
Madsen, H., Burtschy, B., Albeanu, G., & Popentiu-Vladicescu, F. L. (2013, July). Reliability in the utility computing era: Towards reliable fog computing. In Systems, Signals and Image Processing (IWSSIP), 2013 20th International Conference on (pp. 43-46). IEEE.
Metalidou, E., Marinagi, C., Trivellas, P., Eberhagen, N., Skourlas, C., & Giannakopoulos, G. (2014). The human factor of information security: Unintentional damage perspective. Procedia-Social and Behavioral Sciences, 147, 424-428.
Mousavi, S. M., & St-Hilaire, M. (2015, February). Early detection of DDoS attacks against SDN controllers. In Computing, Networking and Communications (ICNC), 2015 International Conference on (pp. 77-81). IEEE.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.
Scott-Hayward, S., O’Callaghan, G., & Sezer, S. (2013, November). SDN security: A survey. In Future Networks and Services (SDN4FNS), 2013 IEEE SDN For (pp. 1-7). IEEE.
Sood, A. K., & Enbody, R. J. (2013). Targeted cyberattacks: a superset of advanced persistent threats. IEEE security & privacy, 11(1), 54-61.
Tuli, P., & Sahu, P. (2013). System monitoring and security using keylogger. International Journal of Computer Science and Mobile Computing, 2(3), 106-111.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.
Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014, May). Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network Operations and Management Symposium (NOMS), 2014 IEEE (pp. 1-9). IEEE.
Zhao, K., & Ge, L. (2013, December). A survey on the internet of things security. In Computational Intelligence and Security (CIS), 2013 9th International Conference on (pp. 663-667). IE
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download