Technical Paper

2497 Words May 27th, 2014 10 Pages
Technical Paper: Risk Assessment
Strayer University
CIS 502
December 15, 2013





Risk Assessment
Describe the company network, interconnection, and communication environment.
In order to support their growing business, Global Finance, Inc. (GFI) has taken necessary actions to ensure their network remains fault tolerant and resilient from any network failures. GFI has acquired network devices in order to support their network and maintain interconnection among their employees and customers.
The World Trade Organization defines interconnection as:
“Linking with suppliers providing public telecommunications transport networks or services in order to allow the users of one supplier to communicate with users of another
…show more content…
GFI cannot afford system outages because its cash flow and financial systems heavily depend on the network stability. GFI has experienced DOS network attacks twice this year and its Oracle database and email servers had been down for a week. The recovery process required GFI to use $25,000 to restore its operations back to normal. GFI estimated the loss from these network attacks at more than $100,000 including lost customer confidence. GFI’s failure to incorporate proper firewall devices at Internet access points can be linked to DOS network attacks and Oracle database and email servers being down.
Network security is just as important as securing the company’s web site and related applications. Networks, because of the sensitive data they usually give access to, are one of the most targeted public faces of an organization. Here are the top 5 network security vulnerabilities that are often omitted from typical reviews, and some tips to avoid making the same mistakes:
• Network Security Omission #1: Missing patches—all it takes for an attacker, or a rogue insider, is a missing patch on a server that permits an unauthenticated command prompt or other backdoor path into the web environment. Network security personnel should be extra careful when applying patches to servers but not applying any patches makes it too easy for attackers.
Solution: Follow network security best practices by updating the operating…