Beruflich Dokumente
Kultur Dokumente
In every state, the company has a number of sites and each site has several
workers and customers. Offices are interconnected to each other and to the host
organization. As an international organization, Global Finance, Inc. requires a robust
network that can support its daily operations, a secure network system and efficient
network management strategies. Normally, network choices rely on the company
budget, network coverage, and internal and external regulations. Effective network
security requires constant upgrades and close monitoring to ensure possible
loopholes are sealed in time.
Executive Summery
Global Finance, Inc. network is constructed by sets of routers and switches.
The network switches and routers are designed with unique typologies including
different sizes of meshes. The network adopted packet switching and circuit
technologies. Packet switches are effective transfer paths and sharing carriers. The
network system allows sharing with clients and other management teams. There
are also virtual circuits connected to the main path to serve various needs.
Additionally, the network has circuit system, which facilitates data transfer only
when needed. Global Finance, Inc. has employed Integrated Services Digital
Network (ISDN), which only transfer data when initiated (Acharya, Lasse, Thomas &
Matthew, 2011).
Apart from Wide Area Network (WAN) and Local Area Network (LAN)
connections, Global Finance, Inc. has utilized other forms of connections such as
different internet ISPs, private networks and telephone connections. The design has
also incorporated Virtual Private Network (VPN) for in public switched networks
(PSTN) to enhance information privacy and security. Global Finance, Inc. developed
an encrypted network system as a security measure against its data (Dana & Arkin,
2010).
The expansion of Global Finance, Inc. has created openings for new threats,
risks and vulnerabilities. Some of these network challenges were not envisioned
during network structure development. Despite the expansion, Global Finance, Inc.
has experienced any incident as per PCI DSS. However as move to maintain network
security compliance, this Risk Assessment has been undertaken to limit any future
network risk that might have been overlooked during network initiation and over the
past risk assessments.
During the Global Finance, Inc. Risk Assessment, a number of potential
network threats were found. The company has no measures to contain physical
harm to computers and security measures to manage tampering from end users are
minimal. Global Finance, Inc. has no continuity plans to manage in the organization,
in case, the internets go out. Financial intuitions are vulnerable to attacks, owing to
the nature of business. As a result, mitigation measures should be in place for any
form of incompliance. Priority should be put in the most vulnerable places, which
could harm the organization in short term. Security breach in Global Finance, Inc.
might result into losses and loss of customers confidence. The diagram below
illustrates the major risk domains in Global Finance, Inc. (Dana & Arkin, 2010).
While several organization network system can pose risk to the organization, during
this risk assessment priority was put on:
1.
Un-Patched Servers.
These are servers used in the organization network. Un-Patched Servers exposed to
internal servers and internet without direct connection are vulnerable points. Many
companies, including Microsoft have not succeeded in managing their patches,
despite their diligence in patch maintenances. Usually, patches leads to internet
disruption by warms such as Code Red. The most vulnerable points are the internal
servers, which do not directly connect to the internet (Acharya, Lasse, Thomas &
Matthew, 2011).
2.
Daily routines in Global Finance, Inc. include sending files, printing and
making file copies with an office. Usually, this happens between or among office
computers. This is essential part organization administration; however, maximum
security must be taken in managing risks associated with file sharing. Warms and
virus spread easily among computers within LAN. At times, data managers even
spread the risks through portable devices such as hard disks and compact disks. To
manage possible file transfer risks, program folders, root folders and operating
system folders should not be shared (Acharya, Lasse, Thomas & Matthew, 2011).
4.
Insecure Passwords
Dial-up Connections
Corporate portable laptops are big security threats. They are exposed to
several networks including client networks and dial up connections. The disk space
of laptops, memory and speed makes them hard to keep up to date with patches. In
some corporations, employees are allowed to use their own laptops, which offer
similar security challenges to corporate laptops. The portability nature of laptops
also increases data insecurity when they are stolen.
Network Risk Assessment Tool
Network Security Designs should be geared towards meeting organization
goals and objectives. While planning financial organization network, the following
should be taken into consideration:
Managers should focus on value return and not investment return. The harm
security breach can cause to an organization should be the key consideration rather
than the profit on the network investment.
Yes
No
4.
5.
6.
8.
9.
10.
11.
12.
17.
18.
19.
20.
21.
23.
24.
25.
Are methods taken to control entry and movement of people in the offices
26.
Are the computers served by uninterruptable power supply to avoid unsaved
data loses
27.
Are there measures in place against vandalism and any other form of attacks
Analysis of Global Finance, Inc. value chain was also important in determining
the type of risks organizations are exposed to. Values chains were used to illustrate
the organization activities, which can expose its network to vulnerabilities. Through
value chain analysis, we were able to understand how various activities and
stakeholders interact with the organization network. Examination of organization
value chain was also important in determining critical network paths, which required
utmost security procedures from those that posed limited threats. Among the
activities that was identified include Global Finance, Inc. online and offline inbound
and outbound logistics, operations, marketing, services and sales. These activities
expose the financial institution to interaction with different stakeholders, which
exposes its network to external vulnerabilities.
Value chains enumerated network components of the value activities. Based
on the assessment, each of Global Finance, Inc. value chain presented both physical
and online processing components. While the physical components are concerned
with physical handling of products, information components functions on
information delivery and data management. Financial institutions have very
comprehensive information components that their health is vital for organization
performance. Global Finance, Inc. have in place many computer aided programs
such as automatic teller machines, money withdrawals, deposit alerts, and
automatic money transfers services. As a result, secure network system is vital for
Global Finance, Inc. survival. The company has employed its information system in
multimedia marketing and sales, the value chain include telecommunications,
scheduling service force, answering clients on social sites and desktop publishing.
Risk Impact/Factor
LAN
Create back
LAN-to-WAN 2
Allow access
Remote
New
WLAN access points are required for LAN connections within warehouse
LANto-WAN
2
Secure point should be established inside warehouse for LAN
connection to WAN
Intra-office employee communications such as romantic affairs User 3
Fraternization policy should be established and employees involved should be
separated when working.
Workstation Operation Software has a known software vulnerability
LAN-to-WAN
3
All patches should be updates to date as per the growing concerns.
LAN server OS has a known software vulnerability
be updates to date as per the growing concerns
LAN
WAN 3
The provider
The risk assessment method employed in this project enabled risk auditors to
identify, score and rank risks in Global Finance, Inc. high priority risks were included
in the project schedule and marked appropriately for risk managers to take the most
appropriate steps in coming up with risk implementation strategies (Lelyveld &
Liedorp, 2006). It was recommended that risk managers to provide monthly status
update on the assigned areas. Based on the reports, the project managers will
determine risk improvement strategies, which could be necessary for feature
projects. During the risk assessment, short-term mitigation recommendations were
put in place to manage risks, which could have high impacts on the organization
within a short time. These include back up procedures and incidental responses.
The diagram below illustrates a secured Network system with IDS censors for Global
Finance, Inc.
Fig 2. Global Finance, Inc. with IDS censors
There are sensors to monitor public network since these are prime areas for
attackers. Another sensor has been placed behind the firewall LAN network and
internet. IDS can also be placed around remote servers such as VPN and dial ups.
Conclusion
It is hard to come by one hundred percent network security in financial
organizations. The root of network insecurities majorly emanates from lack of
awareness, concern, attention and commitment from organization management
team. As result, purchasing security wares contribute insignificantly on network
security management. Usually, new security measures come with regulations, which
require organization change management. The best approach is constantly assess
the organization security and makes improvement.
This Risk Assessment paper has employed multiple qualitative
methodologies, which include the use of questionnaires, scenarios and Delphi
methods. Single risks assessment methods do not offer flexibility required for the
wide variety of financial organizations threats, vulnerabilities and assets with easily
interpreted data. Based on the risk assessment findings, Global Finance, Inc. needs
to constantly update its security software, ensure security parches are effectively
sealed and develop secure VPN networks. Network security is important for this
company owing to its online transactions and storage systems. Risk assessments
also need to be conducted regularly to facilitate effective mitigation measures.
References
Acharya, V., Lasse H., Thomas P., & Matthew R. (2011). Measuring Systemic Risk,
Working
paper. New York: New York University.
Lelyveld, I., & Liedorp, F. (2006). Interbank contagion in the Dutch banking sector: a
sensitivity analysis. International Journal of Central Banking 2, 99133.
Dana P., & Arkin, W. (2010). "A hidden world, growing beyond control". The
Washington
Post. n.p. Accessed March 2014.
Yes
No
3.
4.
5.
6.
8.
9.
10.
11.
12.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
Are methods taken to control entry and movement of people in the offices
26.
Are the computers served by uninterruptable power supply to avoid unsaved
data loses