Security Assessment and Recommendation

1458 WordsMar 21, 20126 Pages
Running head: POTENTIAL WEAKNESSES Security Assessment and Recommendations Security Assessment and Recommendations I have been charged with the task of identifying potential security weaknesses and recommending solutions for Quality Web Design (QWD). The project was completed in two phases. The first phase of the project specifically identified and defined two potential security weaknesses: software and policy. The second phase recommends solutions to these potential weaknesses. I chose a scenario that outlines specifics of the organization’s type of business, business processes, assets, services, and security controls. It is crucial for any organization to take necessary steps in securing their business’ assets, and customer’s…show more content…
An attack to these mission-critical processes can mean a decrease in the organization’s revenue; client’s personal information being accessed, modified, or even deleted; and even degraded network performance. QWD would lose significant clientele and would not be as appealing to their target audience – not so good for their mission of providing top quality services. Policy Reducing the exposure of the corporate network from outside attacks is crucial in protecting mission-critical processes for QWD. The security assessment doesn’t end with software firewalls for their remote users. The company’s security policy must also address this vulnerability. QWD has policy in place that speaks to who has access to data and the type of data; username standards; password length, complexity, rotation, and history; and security training. However, their policy doesn’t address remote access devices: installation and configuration of firewall and anti-virus software on all employees’ remote computers and acceptable use. These are critical in preventing remote computers and mobile devices from compromising the corporate network (Ruskwig, 2006, pp. 1). Without such a policy in place, there is no guideline for securing QWD’s assets. Any remote employee that has Internet connection that is always on runs the risk of infection or even allowing access to
Open Document