Securing Jacket-X Corporations Network against Cyber Threats - Coursework Example

Securing Jacket-X Corporation’s network against cyber threats Information Technology Network Infrastructure Security One of the ways by which Jacket-X can enhance its capability to carry out its objective as well as secure its ability to achieve its goals and vision would involve guarding its support infrastructure. Key to Jacket–X infrastructure is its information and network system that facilitates the day to day running of the organization and supporting productivity. It is therefore important that Jacket-X put in place policies as well as strategies that will enhance its information technology and network infrastructure. Key areas to address so as to avert cyber threats are: network security, protocol and services, user security, password security and data storage security. Network Security It is important for Jacket-X to implement ways of detecting and securing networks so as to counter cyber threats vulnerabilities such as email spoofing, denial of service attack, malware intrusion, spywares, hackers as well as data and information theft that are implemented through the network (Roberta Bragg, 2004). However there are several methods by which Jacket-X can implement to avert these risks they include the following: first is by Jacket-X ensuring the installation of firewalls. Firewalls comprises of hardware and software that controls the flow of data in and out of network. By using firewalls Jacket-X can be able to examine and validate address information on all packets of data as well as protect data stored in the network from unauthorized access (Roberta Bragg, 2004). It is therefore recommended for Jacket-X to put in place procedures and policies to allow for the periodical evaluation of firewalls and upgrades that involves the incorporation of current technologies to meet critical network risks. In the case of Jacket-X’s wireless network, it would be advisable to enable WPA (Wi-Fi Protected Access) encryption to facilitate the protection of data that is transmitted over a wireless network. WPA is considered more secure that WEP (Wireless Equivalent Privacy) because it utilizes dynamic key encryption. Also in order for Jacket-X to gain control of their network from unauthorized access would involve the use of MAC address filtering. This technique is made possible by some routers to specify which computers can access the network (Roberta Bragg, 2004). This is facilitated by using a MAC address that comprises of unique series of numbers and letters assigned to every networking device. This would prevent unauthorized access such as hackers from intruding the Jacket-X network. Another vulnerability posed by networks is the fast transfer of malwares such as viruses, adware, Trojans and worms that intercept the networks and cause harm to network system by destroying information and lowers the performance of computer systems. It is therefore important for Jacket-X to install counter-malwares applications and policies that can address this threat (Salvatore Joseph Stolfo, 2008). A notable way would be to install anti-malware software to secure the network key being anti-virus packages that clean, quarantine as well as delete malicious files and codes. Jacket-X should also include a policy of regular updates to ensure anti-malware software remain effective to new threats. Another network securing strategy that Jacket-X should adopt is network access control. This can be best implemented by using separate accounts for its staff both with different privileges and roles. For instance Jacket-X can have account for administrators and users. The administrator’s role would involve security implementation and user account management. This separation of accounts would facilitate network security against control by unauthorized personnel as well as facilitate monitoring of user activity. Protocols and Services Protocols are meant to provide high quality services to clients (protocolsecurity). It is important for Jacket-X to better train their security officers to manage better security protocols and services. These security protocols and services involve control of entry and exit points, external patrols of buildings facilities, screening of staff and visitors by use of electronic scanners as well as conduct patrol lock down for all windows and doors. As for services Jacket-X should ensure installation and maintenance of security alarm systems, installation of access control and closed circuit television as well as punctual attendance to alarms (protocolsecurity). By Jacket-X ensuring strict and constant adherence to its set protocols, it stands a better chance of intercepting and containing cyber threats that may cripple and adversely affect its information technology and network infrastructure. User security User security involves 2 key elements which are authentication and authorization. Authentication ensures that only valid users are logged in based on user ID and password provided by the user (adobe). Authorization on the other hand ensures those users logged-in are only allowed to carry out operations for which they are allowed to carry out operations for which their roles permit. One way Jacket-X can ensure this is through application authentication. In this case an application performs all user authentication and authorization and tracks user activity and logs (adobe). By Jacket-X assigning roles it is able to ensure that there is controlled access in application resources without the need to maintain knowledge about individual users. Password Security Passwords form a critical part of information and network security. They are important in protecting user accounts from unauthorized access however they possess serious network risks when compromised (Salvatore Joseph Stolfo, 2008). It is therefore important for Jacket-X to ensure that appropriate steps are taken to ensure that they create strong and secure passwords as well as safeguard them at all times. Some of the guidelines Jacket-X can effect to secure passwords include: first of all ensuring the password is not the same as user ID, secondly passwords must have a considerable length to minimize cases of accurate guessing, and it should also be set in a way that makes them easier to remember but hard for someone else to guess, it should also important that passwords are not trivial, predicable or obvious (Salvatore Joseph Stolfo, 2008). If Jacket-X undertakes these standard guidelines they stand a better chance of attaining accountability during transactions as well as other changes to system resources inclusive of data. Data Storage Security Securing stored data involves the prevention of data from unauthorized personal as well as prevention against accidental, intentional or corruption of information (John Chirillo, 2003). Jacket-X must take steps to secure data by understanding applicable threats as well as continuous monitoring of activity logs. There are several ways Jacket-X can secure stored data, this involves: implementing a tiered data protection and security model which includes perimeter rings of defense to applicable threats (John Chirillo, 2003). By enforcing multiple layers of defense Jacket-X can isolate and protect data in the case where defense perimeters have been compromised from either internal or external threat. Secondly Jacket-X can include both logical in this case authorization, authentication, encryption and use of passwords as well as physical security measures such as restricted access and locks on server, storage and networking cabinets (John Chirillo, 2003). Logical security includes securing network with firewalls, running anti-malwares on servers and network-addressed storage system. It is also recommended that Jacket-X implement storage system based volume or logical unit number mapping and masking as a line of defense for your stored data. Also Jacket-X can best ensure data security in stored devices by using data encryption. In this case plaintext data is converted into cipher text so that it cannot be read. Encryption facilitates protection of stored data by shielding its meaning from unauthorized access. This can be achieved by using encryption software such as true crypt that can encrypt data stored data in devices through encryption and control access by use of password authentication. Another way through which Jacket-X can ensure data security of stored devices involves the use of back-ups and data archives that are secure (John Chirillo, 2003). By providing redundancy of data Jacket-X can protect itself from total loss of data by utilizing its redundant data sources. This can be done by using cloud data back-up services or through use of redundant storage devices such as raiding storage devices to prevent the total loss of data. Conclusion Data security is an important issue that has been given enough attention. Information assets are becoming significant assets in any organizations. Proper policies should be put into place to ensure that standards are followed for proper use of information assets. With competition shifting to how best assets are used and data mining being a strategic tool, it is becoming important and critical to have proper safeguarding of information. Reference adobe. (n.d.). About user security. Retrieved April 2, 2012, from livedocs.adobe: http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=appSecurity_04.html John Chirillo, S. B. (2003). Storage security: protecting, SANs, NAS, and DAS. Wiley Publishers. protocolsecurity. (n.d.). Products and Services. Retrieved April 2, 2012, from protocolsecurity: http://www.protocolsecurity.com.au/products.htm Roberta Bragg, M. R.-O. (2004). Network security: the complete reference. Osborne: McGraw-Hill. Salvatore Joseph Stolfo, S. M. (2008). Insider Attack and Cyber Security: Beyond the Hacker. Springer. Schulz, G. (2006, August 3). Top 10 ways to secure your stored data. Retrieved April 2, 2012, from Computer world: http://www.computerworld.com/s/article/9002188/Top_10_ways_to_secure_your_stored_data?taxonomyId=19&pageNumber=1 Read More