Applied Business Project 2 Security Analysis

Submit your ABP-2 report to TurnItIn as a PDF file

Name: Barton, Ian (ianbarton97)

Project: ABP-2 Financial Analysis

Task 1: Ishikawa Cause-and-effect Diagram

Inadvertent or
Intentional Online Computer Compromise
Sharing by Individual

Minimum Variation in Same Password for Multiple

Password Selection Applications

Google Drive Sharing of Keystroking

Personal Documents
Why Are Usernames and
Passwords compromised?

Passwords Automatically
Saved for Website

Sharing Information with a

spouse or boyfriend/
girlfriend

Inadvertent or
Intentional Offline
Sharing by Individual

Task 2: Two-dimensional mapping of root causes

a) Two-dimensional (2D) mapping chart

Barton, Ian Page 1 of 5

 Applied Business Project 2 Security Analysis

Blue Circle Offline Share

1. Saving Passwords for
(Infrequent to Frequent)

5
websites on computer
Likelihood to Occur

2. Close Relationships with

others
3
Orange Circle Online
Sharing
3. Minimal Variations in
Passwords
4. Google Drive Sharing

4 Green Circle Computer

Compromise
5. Same password for
6
multiple websites
6. Keystroking

Effort to
Remediate
(Easy to Hard)

150 word discussion

The two dimensional mapping of the main causes for the compromise of username and
password is easier to understand and discuss than a fishbone diagram. The two dimensional
mapping allows students to understand the severity of losing their information, while also
showing how easy it is to fix the problem that may have arisen. For instance saving a password
to a website, although is easier to save a password to a particular website, it also make the
password unnecessary because all the information is inputted into the required boxes. This makes
it easier for people trying to learn what information is being stored on the website to access
details regarding the user. Another example is using the same password for multiple websites.
Despite the strength of the password, using the same identification code multiple times provides
the hacker with motivation to infiltrate one password to know all of the others.

Task 3: VPN Authentication Process (Cross-functional diagram)

Barton, Ian Page 2 of 5

 Applied Business Project 2 Security Analysis

Barton, Ian Page 3 of 5

 Applied Business Project 2 Security Analysis

Task 4: Recommendation to Management

To minimize the probability that a persons NetID and password will be compromised
includes limiting the opportunity for others to find out the information that is needed to access
the account. Protecting the account involves entering the password manually every time a person
wants to access the website. Along with having multiple variations in characters within the
password itself to make it harder for the hacker to guess the password, as well as not using the
same password for different websites as it makes it easier to access. These problems if not
corrected each provide a different security risk, saving a password to the computer is a higher
risk than that of having the same password for multiple websites. The swim lane diagram
provides multiple checks to ensure the user is who they say they are by using multiple devices to
log in to the website.

Task 5: VPN Compromise Analysis and Report

a) Question 5A Bar Chart

b) Question 5B Report

To investigate whether an international VPN connection might indicate that a students

NetID and password have been compromised, it is best to follow the cross-functional process
Barton, Ian Page 4 of 5
 Applied Business Project 2 Security Analysis

diagram. This process is used to ensure that the student is in fact accessing the website. The first
precaution is to send the NetID+ code, a computer generated passcode to the students phone. If
the student is indeed accessing the website, they can enter the password into the specified area
and can carry on the process. By chance the student did not want to enter the website but
receives the generated password, it may be a sign that someone is attempting to enter the NetID
and password. In this instance it is best to phone the IT department to discuss changing the
username and password to ensure that nobody is able to access the account.

Barton, Ian Page 5 of 5