Introduction how a company such as SonyIntroduction how a company such as Sony

Introduction

 

The purpose of this report is to provide
assistance for an organisation to train staff and to formulate a working
strategy for computer, network and information security. I have highlighted the
main threats and possible vulnerabilities and explained about managing to have
a balance between accessibility and security, I have also mentioned how an SME
network operates and the roles that need to be secured as well as explaining
the physical security that needs to be in place.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Computer Security

When somewhere or something has private
information that could be used against an individual or a group of individuals
it always needs to be protected as this information could be used against an
individual or group, when looking at breaches of data/information there are
many large scale events that can be referred to such as the Sony 2014 data
breach where data including employee information “This data included personal
information about Sony Pictures employees and their families, e-mails between
employees, information about executive salaries at the company” (‘Sony Pictures
hack’, 2017). This was in response to a movie that was planned for release by
Sony known as “The Interview” a comedy starring Seth Rogen and James Franco in
which the characters the stars play try to assassinate North Korean leader Kim
Jong-Un, the North Koreans were unhappy about this film and ordered a ban on
the release of the film from the United States government and failure to do so
would be “an act of war” (McCurry, 2014).

The example above shows how a company such
as Sony which of May 2017 has a net worth of 40.4 billion dollars (Forbes, no
date) can still have major data breaches and can be held hostage, in response
to this attack Sony did invest $15 million in to security after both the 2011 attack
and the 2014 attack (Raywood, 2015), thousands of employees at Sony could have
had their personal information leaked on the web which could be used for small
things such as cold calls or spam email or something severe such as identity
theft.

There aren’t only external threats there
are also internal threats that are just as much of an issue there are many
examples of this happening such as a network engineer at EnerVest “committed
data sabotage after learning he was going to be terminated” (von Ogden) in this
example the engineer “reset all network servers to factory default settings and
disconnected remote backups” this ended up costing EnerVest an excess of $1
million and was unable to conduct operations for 30 days (von Ogden). Another
example includes “disgruntled employee exposed the protected details of India’s
new Scorpene submarines” (von Ogden) “some 24,000″ pages of classified
information were exposed” (von Ogden). These examples show how vital it is to
make sure it is monitored what employees can access and what they do access so
that examples like this do not happen but the problem with this will be that an
excessive amount of security makes it very inconvenient for employees who are
doing their job to access that data and can slow down work productivity.

To ensure the security of company data is
to have different accounts and login details for different services, for
example, one login username and password for getting into the PC and then
another username and password to login to the system server to access server
wide files and programs. There are also devices called security tokens, one of
these is an “entrust security token” which provide a series of numbers on a
little keyring sized screen that is a generated password which will expire after
a certain amount of time therefore making it very difficult to predict/guess
the password and since it is not a constant password it is harder to hack.
Between the internet connection and the router there would be a firewall filter
to stop unwanted packets from coming through and damaging systems. After the
router, there would be a switch which would direct the flow of data to the
machine it is supposed to be reaching and display the user with the requested
information. There can be a server which can hold executables, files, tools
that the user might need and can be accessed over the network and when this
happens the user sends a request to the server through the router and if
permitted access to the data it will be sent back to the user.

Network Security

For a server network, there are a few
different parts that come together with the first part being an internet
connection, this is usually sorted by the internet service provider after
signing a contract with them, they provide the internet at the speeds
advertised, then comes the router which is provided by the chosen internet
service provider which is then set up in the building and grants access to the
users.

Packet filtering firewalls, which is on the
network level of the OSI model, scans every packet to drop or allow through to
the firewall, this allows a firewall to stop some potentially harmful packets
from damaging systems. A user can allow certain programs access to bypass the
firewall if the firewall had attempted to block any of the packets coming
through, although this is typically at home whereas at a workplace it would be
a technician/admin, the risk in doing that is that some programs might be
deceiving the user or trying to mask as a different popular program when all it
is doing is damage to the system/user.

A packet filtering firewall filter based off
rules that have been set by the network administrator this is commonly known as
an Access Control List, an Access Control List is created on the packet
attributes, protocols and address and packets that are dropped are logged.
Since one of the biggest advantages to using packet filtering firewalls is its
cost and low resource usage it is best for small networks. When it comes to the
disadvantages of packet filtering firewall would be that you need a lot of
knowledge and a proper aim to have it configured correctly and once it is
configured it is tough to test all the aspects of the filter.

As well as protecting from hacking for from
bad packets infiltrating your servers you also need to protect from physical
damage, when dealing with servers they need to be protected for this two of the
most important things to consider is access to the room and surveillance of the
room. For access the servers should be in a secure location with
policies/restrictions for who can access the server room as well as also making
sure that the room is under surveillance 24/7 as well as keeping a log of who
enters and exits the room.

Keeping backups of the backups is also
another key thing to do as the servers could be damaged intentionally by
employees or they could also be damaged by natural disasters, if there is an
earthquake or flooding and the building/room is not properly secured to deal
with those threats then there needs to be a backup of the data accessible if
the server room is breached. There is a chance that employees could try to steal
data via a removable drive e.g. disk, USB drive etc. although it could be
considered a bit excessive one solution is to fill ports with glue so that it
is impossible to connect/insert any removable media.

Any building that contains servers will
always want backup power available to them so the servers can remain on
therefore not risking and corrupting data if files were mid transfer or were
being saved. Another concern is cooling, as there may be many servers in one
room there would be a lot of heat generated and keeping heat down would be an
important factor in preventing possible server problems such as overheating,
another hazard is fire, there needs to be adequate fire response/policies in
place to limit the amount of damage done to the servers, for example sprinklers
are not ideal because the water would damage the system just as much as fire if
not worse.

Information Security

The first signs of encrypting dates to 600
BC to “the ancient Spartans use a device called a scytale to send messages during
battle” (Gemalto, 2016), as well as in 60 BC “Julius Caeser invents a
substitution cipher that shifts characters by three places” (Gemalto, 2016).
This shows that encryption has been happening for thousands of years before it
came to be used on computers, in 1918 a German engineer by the name of Arthur
Scherbius invented the Enigma machine (Gemalto, 2016) this was later used by
the German military during the second world war.

Data encryption happens when passing
sensitive information across the internet such as your full name or your bank
account information etc. During this process of passing information the data
that is contained will become locked, this then becomes encrypted, this data
can only be viewed if you have access to a key or password that will allow you
to decrypt it. When it comes to entering these details online if the website
has “https” in the URL instead of “http” then the data will automatically by
encrypted when connecting to a server. This process changes little things
around such as the previous example of Caesar moving the letters around and
this makes the data look like a collection of information that doesn’t make
sense unless you have the key/password to decrypt it.

It is possible to encrypt data yourself,
you can do this via a third-party program such as VeraCrypt, you can encrypt different
files such as text documents and can also encrypt folders, in doing this the
folder/file will be password protected and cannot be opened unless the correct
password is entered.