Based on the information provided, two vulnerabilities have been identified. The first vulnerability lies within the network infrastructure and the lack Of sufficient firewalls.
The second vulnerability is driven by their security policy as relates to the evaluation of firewall protection. Subsequently, it is suggested that the company purchase additional firewall protection for the connection been the main router, the internet and the Chula Vista location as well updating their security policy to evaluate firewalls every six months.Company Overview As a leader in its industry, Aircraft Solutions provides design and fabrication of component products and services for companies in the electronics, commercial, defense and aerospace industries. It is headquartered in Southern California with several locations throughout the state that were strategically placed close to intermediate hubs tort ease to access.These locations house a voluminous plant, extensive equipment and a highly skilled workforce that includes design engineers, programmers, machinists and assembly workers. Ultimately, the company’s goal is provide machined products and services that would enable heir customers achieve cost, quality and time requirements. The company uses one system, Business Process Management, to handle processes that span across several systems and organizations. The users fifths system are employees, customers, suppliers and contractors.
There is a multitude Of information stored on designated servers that include project information, design and development models, payroll data, sales figures, accounting and human resource data. The system is managed by the information technology group Within the company Who also selects, installs and trains the workforce on he system. Two Security Vulnerabilities Hardware Vulnerability The hardware vulnerability within this scenario is the insufficient number of firewalls used within this organization.According to the illustration below to Aircraft Solution’s network understructure, the connection been the main router, the internet and CD Chula Vista isn’t protected by a firewall, Source: SEXES Course Project: Security Assessment and Recommendations – Sceneries “A firewall is a software program or piece of hardware that helps screen out hackers, viruses and worms that try to reach your computer over he internet” (Microsoft, 2012). The absence of a firewall at the main connection to the internet leaves the company vulnerable to unauthorized network traffic and cyber attacks.Consequently, this could lead to malicious attacks on the entire company bringing operations to a halt.
According to a survey conducted by Symantec, forty-two percent of organizations rate cyber attacks their top security issue. While seventy-five percent Of respondents said their organization has experienced at least a few cyber attacks in the past 12 months. On average, Weber attacks cost companies about $2 million per year in reduced productivity, revenue and customer confidences associated with such events (Mastication, 2010).Policy Vulnerability The second vulnerability for Aircraft solutions is driven by its existing security policy that requires that all firewalls and router rule sets to be evaluated every two years, “Security needs to be addressed as a continued lifestyle to be effective. Daily, there are new attack signatures being developed, viruses and worms being written, natural disasters occurring, changes in the organization aerospace taking place and new technologies evolving, these all effect the security posture in the organization” (King, 2002).
This being said, it is important to evaluate firewall and router rule sets more frequently. The possible threats against this policy include improperly configured network infrastructure which leads to a domino effect that could start with malicious programming which could end in data loss Many of these threats may be unintentional as some users may not be aware of the risks and how their processes and procedures open the door for such attacks. For this reason alone, a more frequent evaluation is needed.This vulnerability could lead to data loss and the exposure of trade secrets, client lists and product design. The exposure of such information for most companies could mean a financial collapse as it no longer has the competitive edge that makes it the industry leader. While the likelihood of this threat is very high, “security risks to the network exist if users do not follow the security policy. Security weaknesses emerge when there is no clear cut or written security policy document.
A security policy meets these goals: i.To inform users, staff and managers of their obligatory requirements for protecting technology and information assets. Ii. Specifies the mechanisms through which these requirements can be met. Iii.
Provides a baseline from which to acquire, configure and audit computer systems and networks for compliance with the policy. ” (Common Network, 2010) Hardware Solution In efforts to remedy the hardware vulnerability of insufficient firewall protection, it is suggested that Aircraft solutions purchase the Cisco AS SO to serve as the tilter between the internet, the main router and the Chula Vista location.This product’s ” high performance application-inspection capabilities automate the network to treat traffic according to detailed policies based not only on port, state, and addressing information, but also on application information buried deep within the packet header.
Additionally, it “detects and filters protocols faith industry leading performance”( The Cisco AS 5500 as a Superior Firewall Solution, 1992-2006). The diagram below provides a sample network configuration utilizing this product.Source: The Cisco AS 5500 as a Superior Firewall Solution (1992-2006) The expense versus benefit trade off s highly in favor Of the purchase Of this product as this protection is virtually priceless and could mean the difference between continued operations and business failure. There would be no training costs involved as it would be installed by IT. The impact on business processes would be minimal as the firewall could be installed during off-peak hours.Policy Solution As a measure to resolve the policy vulnerability as it relates to the evaluation of firewall and router rule set, it is suggested that the company adopts a new policy to hold these evaluations every six months. The implementation of this new policy would be communicated company-wide and made available within the company’s intranet, The cost versus benefit is also highly favorable toward the change in policy as it could prevent the threat to beer attacks which could lead to great financial loss for the company.
There would be minimal impact on business processes. Summary In summary, Aircraft Solutions has a couple of IT security vulnerabilities surrounding the insufficient number of firewalls and the security policy surrounding the evaluation of these firewalls. Both vulnerabilities can be emptied cost effectively by the additional purchase and installation of the Cisco AS 5500 and the implementation of a new policy that would require more frequent evaluations.