Networks and computer systems are imperative to establishments in the present age. They have managed to simplify sending and receiving of information and colossal data processing over very short time periods. However, they are always facing threats and attacks from hackers. Dangers to the computing environment, network, and the database comes from everywhere. In such a high stake facility, it is critical to ensure that the main threats are identified and mitigated. The major threats can come from three areas: the physical installation, the users, and malicious attacks. The five top threats to the new network will be the building security, malware, mobile attacks, uneducated users and errors made by users in this computing environment.
People usually relate computer threats to originate from only within the computer or network alone. However, this is not usually the case. The security of the physical space occupied by such computing environment significantly influences safety and integrity of the computers and the network. The building security to me serves as the first level of security to protecting computer systems because it will prevent people who do not associate with the network from gaining access to the computing environment. The security of the building is, therefore, the first threat of the computing space and the system.
If the physical security in not good, the first element of risk is the physical hardware. Someone can easily come in and steal the servers where all the data is stored. If the computers are stolen, the party has unlimited access to all the data that is stored on the servers. The second risk to the computing environment is access. If an educated malicious party with the necessary tools gains access to one of the computers in the building connected to the network, he/she will have access to the data stored on the servers. This computer will act as an access portal.
Malware is a serious threat to any computing environment and or computing network. I view malware as a serious threat because they are very stealth and can have adverse impacts. Despite operating systems and security software advancing day by day, hackers are also adopting to the changes and coming up with serious undetectable malware to exploit vulnerable computer systems. Also, malware may not even target the organization directly, however, if any penetrates, it can lead to serious and expensive loss of data and corporate secrets worth billions. Because of their nature, malware will be a serious threat to the computers and computer network.
Malware can threaten different levels of computer usage. First, destructive malware can corrupt the database and with it the serious loss of time and money, more so in such a work environment where research is very expensive and data collected is key. Second, malware can give their designer remote access to the system. This will allow such a party to have almost unlimited access and control to data stored in the servers and even other security systems in places such as cameras and access doors. These threatened areas can lead to irreversible damage to the company.
In order to keep malware from the computer systems, all entry points must be guarded. All the computers in the network must have current up to date antivirus software to detect malware and prevent them from entering the computer system. The users of the computers must be fully educated about malware in order to detect and avoid them when using their computers. a user may innocently plug their favorite music flash disk into their work computers without knowing that her home computer was infected. System administrators must also monitor the network and database to detect any malicious activities.
These refer to remote attacks conducted by hackers directly targeting a system. Mobile attacks will be a significant threat because of the nature of industry this business operates in. health care research are closely guarded secrets and usually, lead to multi-billion dollar ideas. This makes firm such as this one a target by competitors or just people who trade corporate secrets. Others may just have the intent of sabotage to inhibit development. Hackers may do this through imposing as an employee or use of malware as earlier discussed. It is, therefore, crucial that mobile attacks be kept at bay to ensure the integrity of the computer network and related databases.
Mobile attacks mainly threaten the computing environment such as the network and database. This is because they mostly focus on stealing and corrupting data. Any device connected to the network and database are therefore threatened. This is due to the fact that they can be used as access portals to the servers they are connected to. Because the information stored in the servers is at risk, so is the entire health research company. This is because the data accumulated during research and the subsequent products that will arise from that are what determine the survival of the company.
In order to keep mobile attacks at bay there need to be system admins who will be able to detect any malicious activity when the system is intruded. Abnormalities such as in the behavior of the network and the database are indicators that hackers may have made their way into the network (Pei, Yung, Lin & Wu, 2008). To assist the administrators, powerful firewalls both hardware and software must be in place to keep such hackers from gaining access in the first place. Users of the system must also be well educated because all hackers use malware for their attacks. The users should be well aware that they are a crucial part in keeping the system secure.
Uneducated users are serious threats to the computing environment, network, and database because they may easily help other forms of attacks to find their way into the system easily. Since a user has authorized access to the system, they can be used to infect it with malware without knowing. They may also give away specifications to the network to a malicious party without their knowledge. This will involve things such as their credentials and some specifications to the security system. Such information can easily help a hacker attack the network and database of the company leading to an irrecoverable loss.
Mistakes made by uneducated users threatens every part of the computing environment, network, and database. They threaten the security of the building, which is the first defense for the computer system of the company giving away keycard information or even just employee credentials may prove fatal in many occasions. In addition, such employee information may be used to login to the system giving the hackers almost unlimited access and enough time to cause serious damage. This means that the entire network and database is threatened by the mistake of the user.
The first line of defense in this scenario is educating the users on the importance of keeping their work credentials private. This will allow them to detect a person who had bad intent when they have conversations regarding work. They should also be made aware of malware and how to keep them away from the system through scanning their USB devices using antivirus software. The system administrator must also be on the lookout to ensure that users are not allowed to do certain things that can jeopardize the security of the computing environment.
Errors made by users
System users both educated uneducated are prone to making judgment errors hence may easily threaten the security of the computer network. Errors may be as a simple as plugging their auxiliary devices without scanning them for malware even though they are aware of the risk, to disabling a computer firewall. These people, therefore, are a security threat to the computer network.
Mistakes made by users usually threaten the whole system depending on the mistake they made. Computer network and database may be sabotaged due to a malware that penetrated the system through USB device. Giving away employee credentials may be used to access the building thus putting the computing equipment at risk of being stolen.
The security system design will be made so that computers with disabled firewalls can be immediately flagged and the errors corrected before any damage can be made. The system administrators will also remain on the lookout for malicious activity in the computer systems. Finally, the physical security of the building must employ addition scanning tools to ascertain that people access the building are meant to. This can be easily implemented through biometrics.
Security defense mechanisms
Closed circuit cameras
These are cameras installed in any space that requires constant monitoring of traffic. Closed circuit surveillance cameras make sure that the office spaces will be monitored all the time. By positioning these carefully in the office spaces, people moving in and out will be constantly surveilled. This eliminates the possibility of a foreign unauthorized person from being detected. Some security personnel will also be assigned to the monitor room and will keep a close eye to ensure anyone unauthorized or act suspiciously is attended to.
Key card access
Isolated important areas of the building that will host crucial hardware and/or personnel will have restricted access through key cards. These are unique cards containing employee information and are used to identify them in terms of their levels of security. This will ensure that strangers are locked out of secure locations even when their presence in the building is official. In addition, employees who are not cleared to access such locations will also be locked out.
Security guards will be placed at the entrance of every office to act as an added layer of security. They will be required to ascertain the identity of the people accessing the different floors of the building. This because key cards may be stolen at time thus there is a need for the presence of a security guard. He/she will have access to security cameras on the hallways leading to the entrance of every floor and/or that of the elevator. This will ensure that the guard is prepared for who is coming to access that floor. In the case of anything, it will allow for them to implement any emergency security protocols such as locking down the entire floor.
The office layout will ensure that any unescorted guest or unauthorized personnel is visible. In order to ensure this, the work areas shall be open and made of transparent materials mostly glass. This will ensure that all the employees are able to see the entire office space. The employees sitting positions will also face the walkways so that they can act as added eye to the already existing security cameras.
Defense mechanism for the corporate wireless network
Authentication and encryption: WPA2-Enterprise Security
Refers to an encryption and authentication method employed by organizations to ensure that they have a top notch wireless network security. It works through establishing a RADIUS server where unique user IDs in the form of username and password are defined. It uses the IEEE 802.1x. authentication protocol to identify the device trying to access the network through an access point such as a router. The users have the unique login details but do not see the actually encrypted keys. In addition, the devices cannot store the keys. The user will only be able to access the wireless network once the details are verified by the RADIUS server through a virtual port and the pass key is returned, otherwise, there will be no access.
WLAN security tools
These will be used to broadcast a 360-degree signal only in rooms where a wireless network is required. This will ensure that the signal is confined within the building thus preventing it from external threats.
Cisco Adaptive WIPS Software
The cisco intrusion prevention software will be active on all the Access points. It will help monitor and detect any wireless network anomalies and RF attacks. This too is crucial as it will log everything thus network administrators will be able to follow up recorded threats (Park, Zomaya, Jeong & Obaidat, 2014).
Figure 2. Wireless network diagram
Use of encryption technologies
Despite all the security protocols already in place in this system, the security of the data cannot still be ascertained. The use of encryption technologies in this system is a must for me. This is because it provides that extra layer of security and integrity to ensure that even of the data packets are interrupted, the malicious party cannot be able to access them.
Cloud computing simply refers to refers to online-hosted computing platforms that are provided to a pool of subscribing users who share the resources. It is a model for empowering pervasive, on-interest access to a mutual pool of customizable computing assets (Bento & Aggarwal, 2013).
It allows for easy setup of the company’s storage. Setting up cloud services is very simple. It entails creating user credentials and the necessary links for uploading and downloading data.
It is relatively cheap compared to creating a whole data center. Because the technology is based on a pool of users the cost is evenly spread hence pocket-friendly for SME’s.
Cloud computing allows for easy scaling. Increasing the amount of space, you want is just a matter of paying for the same. There is no need for new hardware because your hosts are responsible for everything.
Cloud computing is only a reasonable solution for backup. Fast real-time transfer of company data to and from the servers will not be efficient because of the server location.
Cloud computing is not fully customizable. There are certain applications and storage sizes that cannot be accepted by cloud companies.
Cloud computing does not offer total security. This is because the customer is at the mercy of the company’s security.
I would not consider the use of cloud-based solutions to store the company’s data in real time or for backup. They key reason is security. Storing the data offsite leaves the company out of control. We will not be able to ascertain the security and integrity of our data because our extensive security measures discussed in the paper will not be in place (Bento & Aggarwal, 2013). In addition, the company has its own data center, thus no need for outside storage of data.
Network security tools
The network is the main entry and exit points of data into the computer system. It is, therefore, crucial to have security tools in place to ensure that the network is constantly monitored and in the case of any attacks, such tools can provide a front line defense. The five key security tools that I would employ in this system include firewalls, port scanners, Intrusion detection systems, file integrity checkers and network diagnostics.
They continuously probe servers and hosts to detect open ports. This tool will be used to identify exploit vulnerabilities and notify the system admins to the same. This tool is crucial for network security because it will help close all open gates that hackers could use to gain access to the system. One of the products I would use is SATAN because it is very aggressive; it will, therefore, deliver great results.
Firewall is a hardware or software based solution meant to isolate the company’s network that is trusted, against outside networks that are unchecked. Firewall are usually placed in network gateways. They work by checking incoming and outgoing packets against rules set protocols. If a packet does not meet the requirements, then it is flagged and blocked. The firewall will also be installed inside employee computers as a software based solution to act as an added layer of security.
Intrusion detection systems
Intrusion detection systems work by comparing set network characteristics against malicious activity database (Sharma & Singh, 2016). If the network behaves like any of prior recorded intrusion systems, then an alarm goes off. IDS are necessary for ensuring that the network is kept safe. In addition, they have logging capabilities that will be used for network auditing when necessary.
These systems compare current file checksum against those already stored in the system. They help in intrusion detection and file integrity as the name suggest. Flagged files will be pulled from the network and analyzed to ensure that they do not compromise the network.
Network diagnostics tools are used by administrators to monitor the performance of every network device. This is crucial to ensure that the network is work as efficient as possible. This is a great network audit tool that will be used to detect areas of the network that are not optimum. In addition, real-time monitoring will help detect nodes that act abnormally showing signs of compromise.
Recovery and continuity plans
Onsite redundant server
Data interruptions are a common problem in the enterprise world. Creating an onsite redundant server ensures that if one server is affected then the other substitutes its functions until the problem is solved. This ensures that there is little to no downtime (Nelson, 2011). Redundant servers are created by writing data to each at the same time. This will help deal with short-term disruptions.
Offsite redundant backup servers
Backups are copies of data that stored for recovery purposes. Backup is usually done overnight when everything for the day has been recorded. However, it can be customized as per company’s preference. Offsite backup ensures that any disruptions from the main data center does not affect the backup server. This comes in very handy when the onsite redundant servers are compromised. The backup server will also have another backup of itself in another location to act as a fails safe. These servers will ensure that prolonged disruptions are attended to. They can be re-tasked as main servers in extreme scenarios (Nelson, 2011).
The new computing environment, network, and database will be fully secured across the four floors. Major threats to the new network such as building security, malware, mobile attacks, uneducated users and errors made by users will be eradicated through measures put in places such as keycard accessed doors, security posts, proper office layouts and closed circuit cameras. Proper security for the wireless network through low range omnidirectional antennae and WPA2-Enterprise Security will ensure that nobody gains unauthorized access to the network wirelessly. Through encryption technologies and network security tools, the integrity of the data and its security is ensured. Finally, the new system will be able to handle almost any possible data loss or interruptions due to the redundant servers in place. With continued improvement over time, the new computing environment will be top notch.
Bento, A. M., & Aggarwal, A. (2013). Cloud computing service and deployment models: Layers and management. Hershey, PA: Business Science Reference.
Nelson, S. (2011). Pro data backup and recovery. Berkeley, CA: Apress.
Park, J. J., Zomaya, A., Jeong, H. Y., & Obaidat, M. S. (2014). Frontier and Innovation in Future Computing and Communications. Springer Dordrecht.
Pei, D., Yung, M., Lin, D., & Wu, C. (Eds.). (2008). Information Security and Cryptology: Third SKLOIS Conference, Inscrypt 2007, Xining, China, August 31-September 5, 2007, Revised Selected Papers (Vol. 4990). Springer Science & Business Media.
SANS - Information Security Resources. (2016). Sans.org. Retrieved 31 August 2016, from https://www.sans.org/security-resources/idfaq/how-is-a-tool-like-an-integrity-checker-used-in-intrusion-detection/1/6
Sharma, N. & Singh, G. (2016). Intrusion Detection System Using Shadow Honeypot. Retrieved 31 August 2016, from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.366.3355&rep=rep1&type=pdf