Ambersfield College of Medicine (ACM) is an academic health center with mission to provide best medical care to patients and enlightening new expertise. The organisation promotes its vision by redefining many creative and technical methods to provide best care to patients. ACM has covered a vast area over 12 acres which includes around 10 buildings and around 2000 devices in the system.
ACM provides high quality of healthcare service to people and is responsible for providing good clinicians and educate the next generation. It provides finest education to medical students to meet specialty in health care so that they can deliver highest quality service to tender treatments and maintain standards at wide level. American College of Preventive Medicine offers high quality healthy lifestyle.
Ambersfield College has widespread staffs performing different tasks so it’s necessary to provide proper access control to each member in the organization like students should not be allowed to access the important information stored by teachers. Therefore assigning proper access control is required.
Applications running in the large organization depend on the network as all the important data of patients, strategies plan and passwords are maintained on the network. It is important to keep the information safe in the system as organization relies on the data preserved online. Protecting the data assets of an organization and keeping the information confidential, available and integrated is a key factor.
As the ACM network includes students, teachers, researcher and maintainer it is important to provide proper access of control to each individual. It is important to take care of cybercriminals in the huge network by creating focus on security. This can be attained by using proper encryption techniques, using updated antiviruses, avoiding spoofing and sniffing where third party hides their true identity and tries to access the data.
Threat assessment is examining all information regarding attacks and their consecutive result on the network. It helps in knowing the seriousness of a particular threat as well as helps in knowing the probability of threat to occur. Threat assessment involves identifying the criticality of the bug and develops suitable plans to protect network from victims. It is used to ensure safely and control risks by developing plans to overcome from the threats (American Psychological Association,2108).
Asset Identification- It plays an important role for analysing the risk, examining the asset worth and determining the value of that resources helps in deciding the level of security need to establish for each asset. It also helps in tracing the spare parts in the system to prevent excessive purchase of tools that are already available in the system (Eurocon, 2018).
Personnel security diminishes the risk of workers in the network by exploiting the valid access to an organization for unofficial purpose. It is the condition that occurs when satisfactory measures are taken to detect and provide alerts before the crime to happen. Personnel security is very important as it identifies weakness in the network which can cause damage to the system.
From last few years, network attacks and several vulnerable threats have increased which can cause serious damage or significant loss of information to the users. Most common threats are unauthorized access, wherein some third party gains access to information by hacking of data which cause loss to confidentiality. There are some viruses that can hit the hardware or software which affects the organisation efficiency as it deals with health care it can cause risk to patient. Ideally, ill-intentioned person use these viruses to create bombing, hacking and malware of confidential information of users.
Another kind of threat is vulnerability it is a flaw in the system or weakness which gives more chances to attacker for accessing the data, modifying the data intentionally which creates comprising with the integrity, confidentiality and availability of information. Equally, exposure is when an unauthorized user is able to gather information which can be misused leads to business interference and loss of privacy. Viruses are software’s that arrive in the system can cause severe damage. Worms are also viruses which infects computer and make it very slow. Similarly, spyware are programs which collect the important data stored in our system without our knowledge and can be misused.
Other security issues associated are privacy, data loss, unauthorised access, modification, denial of service which mainly arises due to lack of security measures. Using open wireless networks in the gateway of threats. To ensure proper business security and avoid risk it’s important to first identify companies assets.
Active attacks are one in which hacker access the data and modifies it on the network wherein passive attacks are one in which attacker is gaining the information transparently by observing the traffic flow between sender and receiver. Based upon the traffic flow they gain the access to the data.
Data Modification – In this after accessing to the data attacker modifies the data packet without the knowledge of actual user. Altering the important data in between can lead to misunderstanding like if billing information or patients prescription is changed it can lead to wrong decision.
Replay- It is also known as playback attack in which the data packets are fraudly repeated or delayed again and again on the network which creates lack of authnication.
Masquerade- In this attacker pretends to be a valid user and gain the access to data packets by acting like an authorized user. Masquerade is an attack it which one system assumes the identity of another system.
Denial of service- It is a type of attack in which hacker’s stops actual (valid) user from accessing the service by making the network or system unavailable. DOS cause the target system or service to crash which exploit liabilities. It happens when the website server is overloaded with more traffic than it can handle in this case website don’t showcase the content to the users who are trying to access it, this makes server inaccessible to others.
Eavesdropping – Many times communication between networks takes place in clear text format which permits the attacker to read all the important conversation going on. It is one of the biggest security issues as it causes lack of privacy. Attacker causes a breakdown between direct connection among sender and receiver.
Man in the middle attack- It occurs when the third man is silently observing, monitoring and controlling the communication between actual sender and receiver. Man in middle captures the valid users’ identity to read and make changes in the system.
Sniffer Attack- It is a program that is designed to intentionally read or monitor the data exchanged over network and capture the data packets. If in case data is not encrypted sniffer offers entire data stored in the packet.
Spoofing Attack- IP spoofing is most commonly used by aggressors, they tries to gain the computers IP address by using some technical programs or codes. They create a situation where they act as a valid user and gaining the illegitimate benefit.
Password-Based Attacks- Hacking technology has increased with development of new technologies. Hackers use various password cracking techniques and tries to use decrypting methods over network.
Security solutions are designed so that flaws do not occur in the network. Various steps are taken before any damage or delinquent occurs to prevent security violations and stop the incident from occurring at all by blocking certain codes using firewalls and security guards. Solutions are used to discover the unwanted activities and take proper actions so that bugs do not occur. If the bug has already taken place steps are taken to update the system to normal condition by restoring operating system from backups.
Network Security is protection of the system from misuse and invalid access of files in a computer system. Security is highly prioritize due to growing threats so preventing data theft, network exploitation and data modification is essential as the data is important for researchers and also patients privacy. System looks for security before sharing their valuable assets.
To accomplish a high level of security and make sure file integrity is not lost. Analysing systems configurations recognizes patterns of attack, tracking violations are important to keep valuable information safe from attackers. Network security aims to grasp the attacker before they do real damage to network. Detection of an attack is the main part to identify the incorrect behaviour. By using erect algorithm which can sense the attack thoroughly and quickly for safeguarding the information of a company (TechCrunch,2013).
Encryption- It is the process to keep the text safe in chipper text form so that the text can be decrypted only by a valid user and this avoids the chances of leakage of data. An antivirus system can protect the network from viruses but to secure data from interception encryption is required.
Intrusion Prevention System- An intrusion hauls the integrity, confidentiality and availability so it is vital to monitor events which allow access of information to unofficial users. IPS detects weather an attack has occurred on the network so it automatically takes step to prevent from failure. Main aim is to catch the attacker before it cause real damage to network, certain policies are designed to give an alert about an attack to admin thus proper security control measures can be taken. It is a best method to stop an attacker when they are still at initial phase before they spread further.
Firewall acts like a gateway which blocks users which are not authorized to access the network. As it is secured our servers by strong firewalls and proper encryption techniques, hacker still tries to enter the system through back door where the security is not strong. Then hackers access the systems data by the bypass so it’s important to upgrade OS and all software to latest version and use of proper anti-virus software’s.
Virtual Private Network- VPN provides secure transmission path for data between remote user and network. It protects the network using security tool to make sure only official users can access the data.
Content security- This is attained by using switches and routers. Switches basically improve network efficiency and routers helps in blocking the packets that are vulnerable and act as a filter to authorize only valid packets enter in the network. Backing the data periodically also helps in recovering and making the data availability.
DMZ stands for De-Militarized Zone. It prevents outsiders from getting direct access to the company’s network. It acts as an intermediate between company network (trusted network) and external network (untrusted network). It can be treated as local network which is deliberated to enhance security. It bounds connectivity to limited hosts and prevents unrequested connections on internet.
Use Anti-Virus, Anti-Spyware software’s- These software’s safeguard the system from viruses and prevent spyware and bugs to enter in the network. Also, removes malicious software that has arrived in a system and infected the network. Its important updates these antivirus software regularly to fix all new vulnerability.
ACL stands for access control list it helps in knowing who can access what. Reliefs in knowing the user privilege to access the data which include who can read the data packets, who can make changes in the information stored on the network. It limits the traffic which increases network performance.
Filtering- Filtering can be done at various level such as MAC filtering, IP filtering or port filtering. These are applied at the access layer on the network which allows only desired traffic to pass through the network and blocks the others unofficial traffic.
Security Certification- Certifications are dedicated for maintaining secure network and reducing risks and managing the business efficiently. It provides eas to tackle risks and ways to recover from threats. They cover the business pathway to assure network security as they guarantee security department of an organization from internal as well as external threats.
Network security is very essential due to increasing threats and mostly all the organisation relies on the network as important data is stored over there. Securing the data over network cannot be overlooked as major cooperate businesses like banking, stock exchange, medical treatments or government companies stores there databases over network which should not be leaked at any cost. All types of network attacks and their solutions are planned beforehand to deal with every kind of damage. The risks cannot be ignored as it may bring the entire company. The consequences can cause interruption in legitimate users of network depending on the data maintained on the system.
Conclusion
Controlling unauthorized access, alternation of data, theft attacks is key concern in today’s era as network stores various sensitive documents thus unique security assurance. Therefore proper steps are taken for security. Firstly, the network devices are scanned properly then it is checked that services or application running on a particular host are free from vulnerabilities. Future, proper privilege access is granted for authentication. For network protection proper prevention, detection and reactions to restore the network are concerned. Technology has afforded many tools which serve as weapon for fighting against bugs, but the best defence are human beings who can conflict the hackers.
References
American Psychological Association, 2018, Threat assessment in action, viewed 30 January, <https://www.apa.org/monitor/2014/02/cover-threat.aspx>.
Eurocon, 2018, Asset Identification Facts, viewed 30 January, <https://sites.google.com/a/pccare.vn/it/security-pages/asset-identification-facts>.
Microsoft, 2018, Common Tpyes of Network Attacks, viewed 30 January, <https://technet.microsoft.com/en-us/library/cc959354.aspx>.
TechCrunch, 2013, Why IoT Security Is So Critical, viewed 31 January, <https://techcrunch.com/2015/10/24/why-iot-security-is-so-critical/>.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download