StudentShare solutions
Got a tricky question? Receive an answer from students like you! Try us!

Case Study example - The Security Breach at Nelm

Only on StudentShare
High school
Case Study
Pages 2 (502 words)
The security breach at Nelm has resulted in data being acquired by unauthorized users tapping into the system and gaining access to sensitive files. There is a concern that an insider is gaining the information on the advertising campaign and making it available to the Erm Company…

Extract of sample

However, there are serious flaws in the system configuration and the access control.
The first concern should be that an insider might be acquiring the information in question. There are currently members of the sales, engineering, and production that are sharing the files on the LAN. The files should be restricted and only available on a need to know basis. There should only be a limited number of people in the marketing department that have access to the advertising files. This would eliminate unauthorized access to this sensitive information by a member of the production or engineering staff.
If the attack is coming from an outside source, system access needs to be secured and limited. This may be done by the addition of an effective User ID and password system. The system should require regular changing of the passwords and have a mechanism to lockout the user after a limited number of failed attempts to stop a brute force attack. In addition, IP address monitoring should be implemented and users should be restricted to entering the system only from approved IPs. This would prevent off site hackers from gaining access to the system.
To further secure the system, the Web server needs to be properly configured. The web based e-mail system will give unauthorized users a portal that may be exploited if the server has security flaws in it. ...
Download paper
Not exactly what you need?

Related papers

Information Security
There is also a vast body of empirical evidence that demonstrates that general managers ought to be much more involved in the formulation and implementation of information security because they are more able to assess particular types of risks, more attuned to cost-benefit considerations, and better able to integrate information security into a business organization's larger structure than…
4 pages (1004 words)
Collective Security
To preserve peace after World War I the League of Nations was created in 1920 and the principle of collective security was adopted. . It entails that all members have to accept and obey the rules of international law which forbid any process of employing violent behavior within the group (Stromberg, 2008, p. 1). Three important agreements have been made in this context, those are, The RIO in 1947,…
2 pages (502 words)
Data Security
The purpose of this report is to research the necessary solutions and to provide recommendations for management team.…
8 pages (2008 words)
Security Planning
In this endeavor, attention has to be given to the provision of gas masks to the public and the shortcomings in tackling terrorist attacks, natural calamities and emergencies has to be ascertained. In addition, it is essential to estimate the extent of safety enjoyed by citizens, governments, communities, businesses and systems of information technologies in the context of such attacks, calamities…
9 pages (2259 words)
Social Security
Full employment does not mean zero unemployment but means a situation where an economy experiences only structural and frictional unemployment and an absence of cyclical unemployment. This is because structural and frictional unemployment are considered unavoidable and work positively to some extent too. The rate associated with full employment is known as the full-employment rate of unemployment…
5 pages (1255 words)
Aviation Security
Besides screening the passengers and the carry-on baggage, the screening of checked baggage is also carried out. The motive behind the checked baggage screening is to detect the presence of bombs.…
3 pages (753 words)