Threats

docx

School

University of Louisiana, Lafayette *

*We aren’t endorsed by this school

Course

590

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

3

Uploaded by ChancellorWrenMaster1014

Report
4. Threats and Vulnerabilities In addition to threats previously identified, a broader re-evaluation may uncover additional threats: a). Threats 1. Unauthorized extraction or loss of data from main servers. 2. Misappropriation or loss of data from company devices. 3. Disruption of organizational operations due to events, such as natural disasters or unstable software. 4. Cyber threats targeting Health Network’s internet-accessible products. 5. Insider threats from employees or associates. 6. Regulatory changes that could affect our operations. b) Vulnerabilities: 1. Weak access controls and authentication mechanisms. 2. Inadequate physical security measures. 3. Lack of regular vulnerability assessments and patch management. 4. Insufficient disaster recovery and backup processes. 5. Incomplete or outdated documentation of IT processes and configurations. 5. Types of Controls to be Assessed
Our assessment will evaluate both the existing and potential controls in various categories: 1. Physical Security Controls: Think of these as the physical bodyguards of our system. These systems keep an eye on our important tech locations like CCTV cameras or monitor who comes and goes with biometric access points. It is like having a bouncer for your network who checks IDs at the door. 2. Network Security Controls: These safeguard our network and prevent any obtrusive intruders. They detect hazards and neutralize them as they arise, acting as our network's immune cells. Our network is protected from unwanted access by firewalls, and Intrusion Detection and Intrusion prevention systems function as immunity cells that monitor and neutralize invaders. 3. Server Security Controls: These protective measures are like the guardians of the server realm, always watching and ready to act protecting our servers. Regularly updating the server's software is like giving it essential vitamins and nutrients, while antivirus solutions act as an extra layer of defensive Armor against malicious invaders. 4. Access Control Measures: Imagine these like different keys given to different members of a family. Everyone has access to the front door, but only parents have the safe's key. Similarly, these policies ensure employees can only access data they need for their jobs, acting as a key inspector and distributor.
5. Data Encryption Methods: These are like secret codes that convert understandable information into a series of random figures, readable only by those possessing the decrypt key. It is like our network's secret language that only trusted devices understand. 6. Incident Response and Business Continuity Plan: This is like our organization's superhero plan, ready to leap into action when disaster strikes. It sets the stage for how to respond efficiently and recover quickly from any incident stripping our company's powers, ensuring you are back on our feet in no time. Off-site backup data storage is our company's secret fortress where it can bounce back, and disaster response planning is the emergency drill preparing everyone for potential threats.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

4-1.docx
98_Unit3_Excel_Fa23.docx
1-1.docx
Assignment Four - Juan Carlos Maravilla.docx
chapter10Quiz.rtf
Roles and Responsibilities.docx
Module I James Gans.pdf
ACC 531 Final Exam-12.docx
Part 2 Data Collection Group 10-1.docx
ACC 531 Final Exam-28.docx
Unit 3 Assignment 2_ Implementing the Physical Model Using SQL Data Definition Language (DDL).docx
BUS-027-16-1.docx