The Security Breach at Nelm - Case Study Example

Only on StudentShare

Extract of sample
The Security Breach at Nelm

However, there are serious flaws in the system configuration and the access control.
The first concern should be that an insider might be acquiring the information in question. There are currently members of the sales, engineering, and production that are sharing the files on the LAN. The files should be restricted and only available on a need to know basis. There should only be a limited number of people in the marketing department that have access to the advertising files. This would eliminate unauthorized access to this sensitive information by a member of the production or engineering staff.
If the attack is coming from an outside source, system access needs to be secured and limited. This may be done by the addition of an effective User ID and password system. The system should require regular changing of the passwords and have a mechanism to lockout the user after a limited number of failed attempts to stop a brute force attack. In addition, IP address monitoring should be implemented and users should be restricted to entering the system only from approved IPs. This would prevent off site hackers from gaining access to the system.
To further secure the system, the Web server needs to be properly configured. The web based e-mail system will give unauthorized users a portal that may be exploited if the server has security flaws in it. ...
Download paper


The security breach at Nelm has resulted in data being acquired by unauthorized users tapping into the system and gaining access to sensitive files. There is a concern that an insider is gaining the information on the advertising campaign and making it available to the Erm Company…
Author : harrisalana

Related Essays

Information Security
There is also a vast body of empirical evidence that demonstrates that general managers ought to be much more involved in the formulation and implementation of information security because they are more able to assess particular types of risks, more attuned to cost-benefit considerations, and better able to integrate information security into a business organization's larger structure than narrow-minded security specialists (Lacity, 2005). In order to more clearly elaborate how organizations should approach information security issues, this essay will discuss how businesses should strike a...
4 pages (1004 words) Essay
Collective Security
To preserve peace after World War I the League of Nations was created in 1920 and the principle of collective security was adopted. . It entails that all members have to accept and obey the rules of international law which forbid any process of employing violent behavior within the group (Stromberg, 2008, p. 1). Three important agreements have been made in this context, those are, The RIO in 1947, NATO in 1949 and WARSAW in 1955, pledging each member to avoid belligerence against each other. (Ishay, 2004, p. 225)...
2 pages (502 words) Essay
Data Security
The purpose of this report is to research the necessary solutions and to provide recommendations for management team....
8 pages (2008 words) Essay
Security Planning
In this endeavor, attention has to be given to the provision of gas masks to the public and the shortcomings in tackling terrorist attacks, natural calamities and emergencies has to be ascertained. In addition, it is essential to estimate the extent of safety enjoyed by citizens, governments, communities, businesses and systems of information technologies in the context of such attacks, calamities and emergencies. The cost effective nature of preparedness in respect of uncertain and unpredictable has also to be estimated (Department Of Homeland Security Centers)....
9 pages (2259 words) Essay
Social Security
Full employment does not mean zero unemployment but means a situation where an economy experiences only structural and frictional unemployment and an absence of cyclical unemployment. This is because structural and frictional unemployment are considered unavoidable and work positively to some extent too. The rate associated with full employment is known as the full-employment rate of unemployment or as the natural rate of unemployment (NRU) and is considered to be consistent with a level of unemployment that predominantly comprises voluntarily unemployed workers.1...
5 pages (1255 words) Essay
Aviation Security
Besides screening the passengers and the carry-on baggage, the screening of checked baggage is also carried out. The motive behind the checked baggage screening is to detect the presence of bombs....
3 pages (753 words) Essay
Breach of Confidentiality
This means that a physician cannot reveal any information of the patient during the course of treatment unless under the patients approval. The essence of physician’s responsibility is to preserve patients’ confidentiality, and help them to be open and able to give all the information regarding their health status. This is done with the assurance that the physician will safeguard such personal information. The honest revelation by the patient provides for a proper and effective treatment of the condition. There are, however, exemptions, for instance, if a patient may hurt others or himself...
2 pages (502 words) Essay
Got a tricky question? Receive an answer from students like you! Try us!