This assignment will enlighten on Information system security and risk management in MetaSoft Ltd. MetaSoft Ltd deals with clients located in Australia as well as New Zealand. It is a software development company and is planning to move its computer infrastructure to cloud. The board of directors assumes that this will increase the flexibility of operations that are being carried out in the company and will increase the responsiveness of the company along with some savings in cost. The company provides IS services to its staffs and clients. The data collected from the staffs and clients are securely stored in servers. The company will shift all the data to cloud to make them more secure. The three services open to them are Infrastructure as a service (IaaS), Software as a service (SaaS) and Platform as a service (PaaS). However, network information systems faces common malware problems like ransomware. The following paragraph will elaborately explain the working of ransomware in the network and the steps that MetaSoft will be required to take if such malware occurs in their system.
Ransomware malware threats against MetaSoft:
One of the fastest growing threats in the world of computers is ransomware. Ransomware is defined as a malicious software that takes away ransom from an infected computer (Pathak & Nanded, 2016). There are various types of ransomware that exists in IT world. They differ from each other by the process they extract ransom from the infected systems. They are System lockers that blocks the access of the user to the operating system unless the user pays some ransom to it. Application lockers is another type of ransomware that blocks the access of the user to certain application unless some ransom is paid. Data encrypting ransomware works on the data of targeted computer and encrypts them unless the system pays some ransom. Fake data encryption ransomware just deletes all the data present in the targeted system and makes the user believe that the data has been encrypted to take some ransom from it.
To combat and tackle ransomware attacks MetaSoft can implement three types of anti-ransomware that are available in the market. The first category is the disinfection tool that cleans the PC before data is restored after an attack (Richardson & North, 2017). The disinfection tool is similar to that of integrated multiple anti-virus programs. The second category is the decryption tool. It helps to tackle the data encryption ransomware attack (Mercaldo et al., 2016). The third category is the protection tool used to protect the computers from ransomware attacks beforehand.
Threats faced by the routers and switches connected to the network:
The way routers and switches are vulnerable to destruction:
The threats that routers and switches faces are unauthorized access, masquerading, password guessing as well as router protocol attacks. Session replay attacks and ping of death attacks are the other forms of attacks faced by the routers. MetaSoft Ltd is vulnerable to router and switch attacks through session hijacking, rerouting hijacking and masquerade attacks. When the attackers insert falsified IP packets in the network after a session is established through IP spoofing, session hijacking occurs (Shu et al., 2016). Rerouting hijacking is defined as modifying routers in the network such that traffic flows to unauthorized destinations. Last type of attack that MetaSoft faces is the masquerade attack where the IP packets are modified or masked and sent to falsify IP addresses.
Reliability and availability of Windows Server 2012 web services:
It has been assumed that MetaSoft System is using Windows server 2012 to provide web services. The organisation will ensure reliability of its web services by using Storage Spaces, a new concept that has been introduces by the windows server. Storage Spaces manage all the disk drives connected to the server with the help of Storage Pool concept. Storage Pools consists of one or more physical disks that are attached and help to create Volumes. Individual Volumes can be created by the three layouts simple, mirror or parity.
The availability in the Windows server 2012 web service can be ensured by the use of Dynamic quorum. The quorum majority is determined in Windows server 2012 by a set of nodes that are active members of the cluster.
Confidentiality and integrity in staff mails through Microsoft Exchange servers:
Microsoft Exchange server is a mail or calendar server that facilitates the transfer of emails and its connection to mobile phones while maintaining the reliability and confidentiality and improved performance. The server runs only on Windows server operating systems. As it is assumed that MetaSoft uses Windows server 2012 therefore, it will be using Microsoft exchange servers to maintain confidentiality in its staffs emails (Trotter, 2013). When a person is not in office, the exchange server allows his colleagues to check emails so that important information do not get unnoticed thus maintaining confidentiality as well as integrity of staff emails.
Working principle of the Microsoft Exchange server:
The various steps of email exchange to maintain confidentiality and integrity are:
Threats that webmail and webservers of MetaSoft face:
The various threats that emails and webservers that MetaSoft face are discussed below:
2.6 Two proposed method that will ensure the availability of email server:
To maintain IT business continuity redundancy and fault tolerance are the two key factors. Similarly, to maintain the continuity and availability of email servers two proposed method would be the DKIM settings and the Reverse DNS. The two methods are explained in details in the following paragraphs:
2.6.1 DKIM setting: Domain Keys Identified Mail is a new standard authenticates the delivery chain of email messages. The key signs the message with a special cryptographic signature that can be verified by a third party however, cannot be counterfeited (Ho, Javed, Paxson & Wagner, 2017). The relay server in the delivery chain includes the signature in the emails that proves message is passed via that server (Backholm, 2016). This helps in eliminating spammers that creates fake messages. DKIM cannot block spam messages in the network however, gives receiver confidence on the source of the message.
Reverse DNS: When mail servers receive connection from a particular IP address then reverse DNS is performed to look for the IP address. The reverse DNS process yields a hostname. Forward lookup is performed by the server to check if the generated IP address matches with the original address. This process is known as forward confirmed reverse DNS. If the addresses do not match with each other then message delivery is not successful.
As stated by various researchers, employee commitment towards the organisation has an important role to play in information security. Employees who are committed towards the company will strive to abide by the security policies and maintain the rules and regulation of the organisation. The employees would understand the negative impact of not abiding by the security policies. Studies say that security of information in an organisation is completely vested on the employees. They are the key factors.
Risk management recommendation to reduce employee risk:
Some of the recommendations that MetaSoft should follow to reduce the risk of employees are:
Log records for analysing webservers and email server problems:
Log records has been identified to be an important piece of information that is provided by the server. It provides information on “who, when and how” accessed the server. This type of data will help to monitor the performance and eliminate the risk issues of the server. Log records also help to investigate web and email servers to find out the IP address of users in case any malicious events have taken place.
2.9 Use of audit log reports for performing auditing analysis:
The web and email servers provide two log files namely access.log and the error.log files. The access.log file records all the files that are requested. If a visitor requests www.example.com/main.php, the following entry will be added in the log file.
88.54.124.17 – – [16/Apr/2016:07:44:08 +0100] “GET /main.php HTTP/1.1” 200 203 “-” “Mozilla/5.0 (Windows NT 6.0; WOW64; rv: 45.0) Gecko/20100101 Firefox/45.0”
From the above log it can be revealed that a visitor with IP address 88. 54. 124. 17 requested for main.php file on 16 April 2016 at 7:44 and the request made was successful. If log file was not present, then the IP address that accessed the server could not be traced and therefore, auditing analysis and monitoring could not be done. Data stored in the log file or log report will help to solve the long-term security problems of the organization.
2.10 Propose five network devices that will help to mitigate the security issues and threats to webservers and email servers:
Conclusions:
From above discussions, it can be concluded that the network information systems faces common malware problems like ransomware. One of the fastest growing threats in the world of computers is ransomware. To combat and tackle ransomware attacks, organisation can implement three types of anti-ransomware that are available in the market. Employee commitment towards the organisation has an important role to play in information security. Studies showed that security of information in an organisation is completely vested on the employees.
Information security is one of the major issues that most of the organization are facing. Therefore, to overcome the security issues I would suggest the following actions:
References:
Backholm, A. (2016). U.S. Patent No. 9,444,916. Washington, DC: U.S. Patent and Trademark Office.
Balmer, M. L., Slack, E., De Gottardi, A., Lawson, M. A., Hapfelmeier, S., Miele, L., … & Bernsmeier, C. (2014). The liver may act as a firewall mediating mutualism between the host and its gut commensal microbiota. Science translational medicine, 6(237), 237ra66-237ra66.
Border, J., Dillon, D., & Pardee, P. (2015). U.S. Patent No. 8,976,798. Washington, DC: U.S. Patent and Trademark Office.
Brubaker, C., Jana, S., Ray, B., Khurshid, S., & Shmatikov, V. (2014). Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. IEEE security & privacy, 2014, 114.
Ho, G., Javed, A. S. M., Paxson, V., & Wagner, D. (2017). Detecting Credential Spearphishing Attacks in Enterprise Settings. In Proceedings of the 26rd USENIX Security Symposium (USENIX Security’17) (pp. 469-485).
Landsman, R. A. (2013). U.S. Patent No. 8,601,475. Washington, DC: U.S. Patent and Trademark Office.
Lee, S., Jo, J., Kim, Y., & Stephen, H. (2014, June). A framework for environmental monitoring with Arduino-based sensors using Restful web service. In Services Computing (SCC), 2014 IEEE International Conference on (pp. 275-282). IEEE.
Marman, T., & Kukreja, R. (2014). U.S. Patent No. 8,793,801. Washington, DC: U.S. Patent and Trademark Office.
Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals your phone. formal methods rescue it. In International Conference on Formal Techniques for Distributed Objects, Components, and Systems (pp. 212-221). Springer, Cham.
Pathak, P. B., & Nanded, Y. M. (2016). A dangerous trend of cybercrime: ransomware growing challenge. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume, 5.
Rad, P., Chronopoulos, A. T., Lama, P., Madduri, P., & Loader, C. (2015, November). Benchmarking bare metal cloud servers for HPC applications. In Cloud Computing in Emerging Markets (CCEM), 2015 IEEE International Conference on (pp. 153-159). IEEE.
Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In Communication Systems and Network Technologies (CSNT), 2013 International Conference on (pp. 437-439). IEEE.
Richardson, R., & North, M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10-21.
Schiffman, J., Sun, Y., Vijayakumar, H., & Jaeger, T. (2013, June). Cloud verifier: Verifiable auditing service for iaas clouds. In Services (SERVICES), 2013 IEEE Ninth World Congress on (pp. 239-246). IEEE.
Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software-defined networking: Threats and countermeasures. Mobile Networks and Applications, 21(5), 764-776.
Trotter, D. H. (2013). U.S. Patent No. 8,381,287. Washington, DC: U.S. Patent and Trademark Office.
Tuli, P., & Sahu, P. (2013). System monitoring and security using keylogger. International Journal of Computer Science and Mobile Computing, 2(3), 106-111.
Tyree, D. S., & Tomlinson, J. E. (2014). U.S. Patent No. 8,856,315. Washington, DC: U.S. Patent and Trademark Office.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download