Amazon.com is one of the largest international corporation in the world. The organization deals with deals with an American commerce in electronic commerce and cloud computing. The company is situated at Seath, Washington and it was in the year 1994 by Jeff Bezos .
Currently Amazon is the second-largest private employer in the country, it has a stock worth US$1,944.30, and its subsidiaries are Zappos, Audible, Sough.com and Book Depository among others (Yang, 2018)
Amazon has been witnessing a lot of computer threats and vulnerability issues over the years, the attack ruin their computer systems. Ransomware and email attacks are the frequently reported to be the major issue in the company (Ferrante, Malek, Martinelli, Mercaldo & Milosevic, 2017).
Ransomware is a form of computer attack in which a rogue software cypher commendably holds personal computer hostage till a ransom remuneration is paid. Ransomware frequently infiltrates a personal computer Trojan or worm that will take advantage of an open network security vulnerabilities. The following are steps in which a ransomware attack a computer (Lee & Jeong, 2017).
The following are the tools that the organization may applied in order to prevent ransomware attack (Hampton, Baig, Zeadally, 2018).
This threat is referred to as Border Gateway Protocol. This threat exchange unique identifiers called ASNS (Autonomous System Numbers) and routing information. The ASNs are is assigned by Internet Assigned Number Authority or by the Regional Internet Registries. When the information is passed across the ISP’s gateway, this gateway will determine the type of ISP each packet originate from by analysing the ASN at the header of the packet. Occasionally, disreputable individuals will advertise ASN’s they are aware to belong to different autonomous system (El, Soltani, Sagduyu, & Li, 2016).
A firewall is a defensive appliance to an organization network, threats in firewall occurs when an attacker obtain management access beyond this firewall. The attacker would then manipulate the firewall or even remove it to enable certain traffic, the outcome would be very disastrous (Lopez, Mihelich & Hepburn, 2016).
If the organization by any chance have employed Cisco infrastructure, it is not up to the required standard of vulnerabilities. If the organization does not get latest vulnerability issues it may fail to dedicate precise personnel for nursing of newly emerging patches or vulnerabilities. It is responsibility of any successful organization to build a strong firewall infrastructure and to keep up to date on the emerging vulnerabilities (Metalidou Marinagi, Trivellas, Eberhagen, Skourlas & Giannakopoulos, 2014)
1. Do regular backups ups- this is the process of backing up data, it involves copying the data into an archive file so that it may be used in case of data loss to obtain the original data. The primary purpose of doing backup is to recover loss data. Another purpose backup is to enable an organization recover data that exist initially. Backups would assist the company in the following ways: (Medhi, Bora & Bezboruah, 2017).
2. Update systems regularly system updates would enable the organization installed more advance windows update from Microsoft corporation that has more security features
3. Set up a disaster recovery plan- This is a documented plan that has a set of measures that would help to protect and recover an organizations IT infrastructure in the incident of disaster. The plan is normally documented in a transcribed form, it outlines a procedure that an organization follow in case of a tragedy. It is a comprehensive proclamation with a steady action adopted before, throughout and after the disaster.
Since most of the organizations now days are highly dependent on the use of Information technology to carry out operations, the plan will be necessary to ensure the organizations operations continuity by revering of information technology file data (Gottscho, Shoaib, Govindan, Sharma, Wang & Gupta, 2017)
It may be difficult for an organizations to avoid disasters but it may take careful measure on how this tragedy can be reduced. The following are the benefits that comes with setting a good recovery plan:
In networking, the term applies to many methods of aggregating (combining) a numerous computer network acquaintances in parallel so as to increase connection as opposed to what a single network could sustain and it would. The link Aggregation Group syndicates a sum of physical havens together to create a distinct high-bandwidth data route, so as to instrument a shared load traffic between the affiliate ports in a group and therefore connection reliability is enhanced.
Others terms used to describe this link aggregations are port trunking, NIC teaming, Ethernet bonding and others.
Fig 1 link aggregation between a switch and a server
This refers to errors that may occur in the process of reading, writing, and transmission, storage of data or processing which will give inadvertent changes of the original data. Computer, storage systems and transmission use several measures to give end-to-end data integrity or error free data. Window server 2012 provide means of fixing this data corruption errors. The windows would automatically scan and fix data corruption issues and thus will provide reliability (Berrocal, Bautista-Gomez, Lan, & Cappello, 2015).
This is a mechanism which restrict an access of computer file by permitting only a single user or activity to access it at a given time. With this the systems will implement a locking mechanism that will prevent interceding update set-up. Microsoft windows 2012 uses the following distinct measures to manage file access (Schumacher, 2014).
Data retention states the guidelines of persistent data and registry management for reaching business and legal data archival needs, this is sometimes interchangeable unlike data protection.
The major objectives in the data retention is the retention of mass surveillance of government data retention. The government analyses data retention to determine locations of individuals, an individual’s acquaintances and members of the group like political opponents, these deeds may either be lawful or unlawful contingent to the laws of a country (Syu, Call, Kang & Phan, 2018)
Reliability and availability of a web service depend on the mechanism that has been employed in setting up web service. Webs service trustworthiness (Cai, Luo, Haratsch, Mai & Mutlu, 2015)
In today’s business, there are high security threats and there is need to secure information from falling into wrong hands. The following are some of the suggestions that can help to ensure integrity and confidentiality of staff email (Kalra, Kollisch, MacDonald, Dickey, Rosner, & Venters, 2016).
Prober labelling: the company should initiate steps to treat the confidential email of the company. Legal protection would be lost if this would not be done. The label should be ‘’information is confidential’’ this would mean that no part of the information in the email may be clichéd.
Malware- increasingly, invaders takes advantage of email to send malicious data that may include warm, virus spyware or Trojan horses (Aziz, Uyeno,Manni, Amin, & Staniford, 2015).
Spam and phishing – this is an unsolicited email that is commonly called spam, the attackers sends a huge and bulky malicious emails to a target recipient. This messages will disrupt the organization productivity and utilize all the IT resources. If the company in any case responds to this email, it would be disclosing the company’s sensitive information. The compromised e-mail address would always receive spam email address (Tewari, 2018).
Unintentional activities initiated by authorised users- not all threats take place intentionally, authorised users may inadvertently submit proprietary or any other sensitive information through email which would expose the organization legal action or embarrassment.
Entities containing malicious intent- malicious gain access anywhere in the organization network through a successful spasm on the email sever. For instance, once the server has been compromised, the intruder would retrieve the mail password which he would use to gain access to various hosts on the company’s network.
TLS and SSL are very common. When they are used to send emails, both the email results are send securely protectively between the computer and the SMTP service. The SMTP must be properly encrypted using latest version of TLS between the TLS service and the recipient (Bhargavan, Delignat-Lavaud, Pironti, Langley& Ray, 2015) server.
The use of antivirus would help protection of email. The user is required to input password to allow access, if the password would be verified by the server to ensure authentication. If the authentication is passed the user is granted access but if the opposite happens the user would be denied access. The bit defender and Kaspersky anti-virus are recommended to be used in this case. The diagram bellow shows the illustration (Kaur, Gupta & Singh, 2018).
Log files are frequently a company’s record of any suspicious activity. Permitting logging mechanism will allow the organization to utilize collected data to determine both successful and failed intrusions, pledge alert notifications when supplementary investigation is required.
Company need both tools and procedures to analyse, process log files and review alert notifications (Greiff, 2015).
Log files is post-intrusion threats detection applications that archives activities of the concern that is taking place inside a computer operating system. The archived messages are then used to measure the quantity of operations performed by the operating system.
For security reasons of the system, one thing that is mostly monitored in servers are is the intrusion of a network and computers system log files. Network detection of intrusion in this case is very important because it helps in detecting security threats that comes from log in triumphs due illegal too many attempts to achieve entrance or due to the cracking of passwords using brute force attack., accounts user log outs, failed unauthorised access to the secure files and the security log preventing, identifying and tempering this attacks is crucial (Vaarandi, Blumbergs & Kont, 2018).
References
Aziz, A., Uyeno, H., Manni, J., Amin, M., & Staniford, S. (2015). U.S. Patent No. 9,106,694. Washington, DC: U.S. Patent and Trademark Office.
Berrocal, E., Bautista-Gomez, L., Di, S., Lan, Z., & Cappello, F. (2015, June). Lightweight silent data corruption detection based on runtime data analysis for HPC applications. In Proceedings of the 24th International Symposium on High-Performance Parallel and Distributed Computing (pp. 275-278). ACM.
Bhargavan, K., Delignat-Lavaud, A., Pironti, A., Langley, A., & Ray, M. (2015). Transport Layer Security (TLS) session hash and extended master secret extension (No. RFC 7627).
Cai, Y., Luo, Y., Haratsch, E. F., Mai, K., & Mutlu, O. (2015, February). Data retention in MLC NAND flash memory: Characterization, optimization, and recovery. In High Performance Computer Architecture (HPCA), 2015 IEEE 21st International Symposium on (pp. 551-563). IEEE.
El Jamous, Z., Soltani, S., Sagduyu, Y., & Li, J. (2016, May). RADAR: An automated system for near real-time detection and diversion of malicious network traffic. In Technologies for Homeland Security (HST), 2016 IEEE Symposium on (pp. 1-6). IEEE.
Greiff, S. (2015). Computer-generated log files and their potential for educational large-scale assessments. The example of PISA 2012 problem solving data.
Gottscho, M., Shoaib, M., Govindan, S., Sharma, B., Wang, D., & Gupta, P. (2017). Measuring the impact of memory errors on application performance. IEEE Computer Architecture Letters, 16(1), 51-55.
Kalra, R., Kollisch, S. G., MacDonald, R., Dickey, N., Rosner, Z., & Venters, H. (2016). Staff satisfaction, ethical concerns, and burnout in the New York City jail health system. Journal of Correctional Health Care, 22(4), 383-392.
Kaur, K., Gupta, I., & Singh, A. K. (2018). Data Leakage Prevention: E-Mail Protection via Gateway. In Journal of Physics: Conference Series (Vol. 933, No. 1, p. 012013). IOP Publishing.
Medhi, S., Bora, A., & Bezboruah, T. (2017). Investigations on some aspects of reliability of content based routing SOAP based windows communication foundation services. International Journal of Information Retrieval Research (IJIRR), 7(1), 17-31.
Hampton, N., Baig, Z., & Zeadally, S. (2018). Ransomware behavioural analysis on windows platforms. Journal of information security and applications, 40, 44-51.
Ferrante, A., Malek, M., Martinelli, F., Mercaldo, F., & Milosevic, J. (2017, October). Extinguishing Ransomware-a Hybrid Approach to Android Ransomware Detection. In International Symposium on Foundations and Practice of Security (pp. 242-258). Springer, Cham.
Lee, J. H., & Jeong, J. (2017). Increase of Awareness of the Importance of Information Security Using Simulation Experiment Technique Model as Ransomware. Advanced Science Letters, 23(10), 10246-10249.
Metalidou, E., Marinagi, C., Trivellas, P., Eberhagen, N., Skourlas, C., & Giannakopoulos, G. (2014). The human factor of information security: Unintentional damage perspective. Procedia-Social and Behavioral Sciences, 147, 424-428.
Lopez, E., Mihelich, J., & Hepburn, M. F. (2016). U.S. Patent No. 9,270,639. Washington, DC: U.S. Patent and Trademark Office.
Schumacher, M. K. (2014). U.S. Patent No. 8,819,639. Washington, DC: U.S. Patent and Trademark Office.
Syu, M. M. L., Call, M., Kang, H. F., & Phan, L. D. (2018). U.S. Patent No. 9,875,025. Washington, DC: U.S. Patent and Trademark Office.
Tewari, A. (2018). Detection and Classification of Spam and Phishing Emails.
Vaarandi, R., Blumbergs, B., & Kont, M. (2018, April). An unsupervised framework for detecting anomalous messages from syslog log files. In NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium (pp. 1-6). IEEE.
Yang, D. (2018). Has the arrival of Amazon altered the market structure for consumer electronic goods in Australia?.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download