You are the Information Security Officer at a medium-sized company (1,500 employ

Question

You are the Information Security Officer at a medium-sized company (1,500 employees). The CIO asks you to explain why you believe it is important to secure the Windows and Unix/Linux servers from known shortcomings and vulnerabilities. Explain to your CIO what you can do to make sure the network infrastructure is more secure.

This assignment requires two to three pages in length, based upon the APA style of writing.

Use transition words; a thesis statement; an introduction, body, and conclusion; and a reference page with at least two references. Use a double-spaced, Arial font, size 12.

Explanation / Answer

As everyone knows the internet isn’t the most trusting place; measures are needed to protect people from harmful threats and vulnerabilities. The CIO should know that if the company doesn’t protect their Windows and Unix/Linux servers from unknown shortcomings and vulnerabilities, the company might get attacked by hackers, who want to steal confidential information to commit crimes, hurt/destroy the company and/or the data the company has saved on its computers. Hackers typically uses codes or malware in the form of viruses, worms, time bombs, logic bomb, Trojan, etc. to corrupt a company’s network infrastructure and it’s network operating system(s). Normally when they do this, they are looking to steal data, such as, credit card and property information, social security numbers, addresses, phone numbers, and anything else that could be used to identify a person or help duplicate a company. These hackers, however, aren’t always after information. Nor do they always attempt to attack software, sometimes hackers try to diminish computer performance, which could affect their velocity and cause the computers to crash, which could benefit the attackers in some way. The CIO should have a way to protect the company’s network infrastructure from such catastrophes. With that said, the network infrastructure should be more secure.

Indeed securing a network infrastructure or making it more secure is very important. In order to protect the company’s network infrastructure you have to create a solid foundation. This foundation requires the company to use “five crucial risk management practices or pillars: protection, detection, reaction, documentation and prevention” (Ameri). The company should also use physical security, strong passwords, firewalls and other software protections, backups, and constant system integrity checking and intrusion detection.

First, when it comes to the five crucial risk management pillars, it should be known that, in order to minimize our information security risks, we need to “ensure that we clearly define and precisely know what we are protecting, how we plan to protect it and its overall value. In this regard, the protection pillar is one of the first and most crucial for information security. Additionally, no matter how strong our protective measures are, there will be both internal and external breaches of it. The preferred approach in defining the detection pillar is to recognize the static and dynamic detection capabilities available. Static capabilities refer to a database of known past events for comparison, and dynamic events refer to patterns or trends of behavior that are considered unexpected or unaligned with requirements” (Ameri).

Next, “the reaction hinges on the actual actions that should already have been planned and put in place to address breaches that have occurred. One example would be the capability to capture the “purity” of the exploit in its original form for legal submission to court. Third is the documentation pillar which holds significant importance for reducing risk in the other pillars. It is the documentation pillar that enables the establishment of vulnerability trends that could influence our risk ratings in the future” (Ameri).

Our last pillar, prevention deals with the latest concept used in information security. “Of the two basic problems that rely on prevention, the first is that information security risks are multifaceted in nature, which implies that a virus arriving via e-mail, for example, may not only infect the local system but could also install a backdoor for unauthorized access to the network that can be connected to the utility provider of another country. The second problem is that true prevention requires the elimination of risk (i.e., stopping its occurrence) The only way to do that is to control most, if not all, components of the event. That said, practical prevention is both the implementation of lessons learned and the application of knowledge gained to avoid the same fate in the future. The prevention pillar is the readjustment and improvement required for the healthy maintenance of any system” (Ameri).

To continue, as mentioned earlier, physical security is also important. You can secure your server fully and completely, but if someone gains physical access to sensitive information, then more than likely you can’t really protect it. “In extreme cases there are some things you could do, such as encrypting data on the drive, but for the most part it is trivial to gain root (administrator) access to a server box once it has been physically compromised” (University of Oregon). I would also suggest a strong password to prevent people from hacking in physically if you have the computer locked. “Choosing a strong password is crucial in maintaining the security of networked host. A password that is ‘strong’ is a password that is less prone to be guessed” (University of Oregon).

Further, strong firewalls and other protection software are needed to prevent threats from occurring which could help keep information safe. “Backups are important because if your server is compromised, then you will need a good set of backups to recover from the compromise. If you know when the compromise took place, then it may be possible to restore your server and its data relatively quickly. If you are unsure of when your server was compromised, but you know what the compromise was, then you could decide to rebuild your server, but restore user data” (University of Oregon).

Lastly, “system integrity checking and intrusion detection systems are needed because a system integrity checker examines how your filesystem and network services behave. If your computer operates outside the systems administrator’s prescribed boundaries the system integrity checker notifies the administrator, or in drastic circumstances, halts the system” (University of Oregon).

So to conclude, it is important to secure your network infrastructure because it helps protect confidential information and it protects your company reputation. Protecting the company network infrastructure is the key to a successful business. Not to mention it helps protect the identity and information of the company’s clients and it prevents the company from being controlled and used by unwanted intruders.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.