The three fundamental concepts of security are availability, integrity, and confidentiality. These concepts are commonly referred to as CIA or AIC triad which form the main role of any security program.
Confidentiality prevents unauthorized disclosure of company’s data and ensures secrecy of the company’s data and information.
Confidentiality should be maintained at all times while data is within the company’s network or during transmission through the network to its destination (Parikka 2007).
Threat sources associated with confidentiality include network Monitoring, monitoring key strokes or screen, stealing of password files, social engineering.
Countermeasures are encrypting data during storage and transmission by using network padding, employing strict access control mechanisms and data classification, training personnel on proper procedures.
Associated threat sources include viruses, logic bombs and backdoors. Countermeasures include strict access control, intrusion detection and hashing. Availability ensures reliability and accessibility to data and resources to authorized individuals, malicious attacks and threats.
There is a set of mechanisms used by firewalls to protect networks from unauthorized access and allowing access to the authorized once. Below is a figure of a firewall.
The company has two working firewalls, threats associated with firewalls, as software, include penetration, i.e. hackers being able to get into the companies machines (Ludwig 1996).
This may be a result of a misuse of the software (Firewall) where the firewall is configured or modified by a person who doesn’t understand internet security or it is turned off.
As a result of malfunctioning of the firewall viruses, trojan horses, or worms, may gain access to the network causing serious damage or loss of data and information. In addition, computers may also be destroyed in case of such attacks.
Firewall may also develop bugs and flaws leading to its malfunction. Unauthorized deletion is yet another threat to the company’s network as there will be no control of access. It is thus very important that we ensure firewalls of the company are well configured and updated often.
Windows 2008 Active Directory Domain Controllers (DC) – These are servers that control access to the network resources. Domain controllers work with computers with Windows NT Operating system. The company has two DC.
One is the main or primary DC that controls access to the network resource and the secondary DC which acts as a reserve just incase the primary DC fails or assists the Primary DC when busy e.g. during heavy network traffic.
The main threat associated with DC is Password cracking by hackers (Ludwig 1993). A hacker is any unauthorized person trying or having gained an access to the network resources.
Hacking in to the company’s network can be prevented by changing of passwords often, using strong passwords that are not easy to guess and lastly by ensuring that the company hires employees that are loyal and can’t disclose passwords to strangers.
Web / FTP server – This is an application (.html) running the File Transfer Protocol. FTP is the protocol in which files are transferred through the internet, it also provides file security.
These threats can be prevented by proper configuration of routers and the IP protocol and by ensuring that the company has a secure Sockets Layer (SSL) which is a protocol that ensures secure transfer of data between Web browsers and Web servers.
File server – This is a computer on a network responsible for providing a location for a shared file access or shared disk access, i.e. shared storage of computer files e.g. photographs, movies, documents etc.
The three file servers in the company’s network face the likelihood of attacks from Viruses, Trojan horses or worms in case there is no firewall or it is malfunctioned, these elements may cause serious damage to the storage devices of the file servers, thus affecting shared disk access by other computers in the network.
Exchange E-mail server – It works hand in hand with MS- Outlook. It enables users in a network to safely access communications like e-mail messages, instant messaging, and text messages from their devices such as desktops and mobile devices or Web browsers.
Wireless access point (WAP) – Wireless application protocol is a secure specification providing instant communication access for users with wireless hand held devices such as mobile phones etc.
The company’s wireless access point (WAP) faces the threat of eavesdropping which may expose the company’s confidential data and / or information to unauthorized people. Eavesdropping can be prevented by encrypting data packets sent from one device to another.
The company’s wireless access point (WAP) is vulnerable to attacks from viruses, Trojan horses or worms that may cause difficulty or lack of communication in the company leading to serious problems and loss.
To prevent attacks to the company’s Wireless access point (WAP), the firewalls must be in good working condition at all times.
Network Intrusion Detection System (NIDS) –This is a system that detects unauthorized access to the network. It does this by monitoring the network traffic for signs of malicious activities.
The company’s NIDS faces threats, such as denial of service attack tools such as firewalls that can block the malicious elements, programs or persons trying to access the company’s network and cause destruction to the computers, alter the organization of data files or cause loss of data files leading the company incurring huge losses.
To prevent such attacks and threats security measure needs to be put in place like ensuring that firewalls are installed and are working efficiently (Gunn 1984).
Desktop / Laptop computers – A computer is an electronic device that accepts user’s data as input, processes it using special programs to more meaningful state that can be understood by the user as output called information.
Computers face threats such as theft. This can be prevented by hiring guards and by ensuring that the computer rooms are burglar proofed.
VoIP telephone system – VoIP stands for Voice over Internet Protocol. It is a digital telephone service that uses the public Internet and private backbones for call transport.
VoIP calls can originate and terminate from regular telephones since support for the public switched telephone network (PSTN) is also provided.
Through VoIP telephone system the company faces the threat of eavesdropping which may expose the company’s confidential data and / or information to unauthorized people, resulting into exposure of confidential data to strangers (Hancock 1998).
Eavesdropping can be prevented by encryption of data packets sent from one device to another.
Proper implementation of security control should be put in place and adhered to for the company to be safe from the above attacks, threats, and vulnerabilities.
These problems continue to make computer based operations difficult and unless proper measures are taken this problem will persist now and in the future.
References
Gunn, J.B. (1984). Use of virus functions to provide a virtual APL interpreter under user control. ACM SIGAPL APL Quote Quad archive (ACM New York, NY, USA), 14(4), 163–168.
Hancock, B (1998). Steps to a Successful Creation of a Corporate Threat Management Plan. Computer Fraud & Security, (7), 16-18.
Ludwig, M. (1993). Computer Viruses, Artificial Life and Evolution. Tucson, Arizona: American Eagle Publications, Inc.
Ludwig, M. (1996). The Little Black Book of Computer Viruses. Tucson, Arizona: American Eagle Publications, Inc
Parikka, J. (2007). Digital Contagions. A Media Archaeology of Computer Viruses, Digital Formations. New York: Peter Lang.