StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Transcorp Company System Security - Case Study Example

Cite this document
Summary
The study "Transcorp Company System Security" focuses on the critical analysis of the major scenarios of the system security of Transcorp Company, a transport company that uses break-in security in the management of its systems for security purposes…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.9% of users find it useful

Extract of sample "Transcorp Company System Security"

Name………………………………………………………………xxxxxx Tutor………………………………………………………………. xxxxx Institution……………………………………………………………xxxxx Title………………………………………………….Systems Security Course………………………………………………………………..xxxxx @2010 Systems security-Option 2 Introduction Transcorp Company, a transport company uses the break-in security in the management of its systems for security purposes. This type of security uses passwords to systems and files as well as locking systems in offices together with managing modem dial-in. To improve the employees and clients access to the information, Transcorp Company has decided to upgrade its LAN using a previously developed implementation plan. During the process of changing the equipments and the installation of new operating systems, some workstations will be used for Microsoft Office applications and others will be used infuture for graphics and web design applications as the company attempts to expand its E-commerce funtionality. The following scenarios will be integrated in the implementation process. Scenario 1 Personal information for the company is stored within the HR section relating to the company employees. This information will have to be protected under privacy legislation. Privacy is a very important aspect in systems security and all information should be held with much integrity, authenticity and confidentiality. Personal information includes passwords, credit card numbers aqnd bank account numbers (Frenzel, 1999). Transcorp Company has decided to upgrade its LAN so that all employees will be able to access the Internet and email on the upgraded LAN and this means that the company will be doing everything online and these calls for the need to secure the personal data by putting stringent procedures and policies into place. Personal data in the company need to be protected from online fraud and theft (Frenzel, 1999). The IT support team will see to the implemetation of the following measures or steps in the process of implementing personal security in the organization: i. Develop a security policy- The IT support team shall establish information security policies and practices with the aim of ensuring uninterrrupted security of the personal information in the company. The security plan or policy should address all areas of the companys operation, it should be appropriate to the size, activities and complexity of the consumer information handled by the company. The team shall ensure that the employee understand the security policy, sign agreements with the employees, develop a data recovery plan incase of a natural disaster and ensure that all practices and policies are reviewed continually to enhance security in the company. ii. Train the management and supervise for security- the IT support team shall insitute training to the management and the designated security team. All the employees with access to the information will be trained and supervised. The team will ensure that the company has a full time and designated team, which will develop and implement security in the organization. It will also ensure that the required resources to enhance security in the company are provided. The team will also ensure that a security audit is conducted once a year, security policies are revied periodically, passwords are changed everytime an employee leaves the organization. These policies should be accompanied by a penalty incase of a breach of security and should be known by all the employee and management as well. iii. The available or current technology will then be used to protect personal data- a technological wall to contain personal information shall be constructed and tests should be run to ensure that the system is working. That is the team should define the companys security needs, use the technology that meets the defined needs, use the latest and upadated antivirus, have a backup system so as to ensure an uninterrupted continuity of information and have a system of shredding all paper and electronic data before dumping in a move to enhance security. iv. Make a move to inform all Business Partners and Data Suppliers on their responsibilities towards meeting security specifications- transfer of any personal data for the company without informing the business partners should not be permitted. This will act as a move enhancing security standards in the company. All potential partners for the company shall be informed of their data security responsibilities and security practices to enhance security in the company. Scenario 2 The existing passwords in the companys systems have remained unchanged for two years. During the period of two years, employees have been leaving the organization by either retirement or resignation and it quite possible that some level of hacking or data security had taken place. To begin with, the IT support team should change all existing passwords for the company computer system (Frenzel, 1999). Since these employees have had the company passwords, it is possible that they will crack the new passwords. In the process of installing a new operating system, a back up should be used to create a secondary storage for all the company information. The main aim of this is to prevent total lose of data in case cracking takes place. To enhance security in the company, a strategy to change passwords every 90 days or in a period of three months or every time an employee leaves the organization will be implemented to limit or to minimize the ability of hackers having access to the functioning password (Frenzel, 1999). The systems passwords should be changed as part of the implementation process. Control panel will then be used to change passwords where the ‘passwd’ command performs the trick. During the password change, the computer users should ensure that no one is watching them when they type both the old and the new passwords. If possible, the password shall be changed over a secure connection like a secure shell (SSH). As part of the implementation process, the administrators and managers of Transcorp Company shall enhance security in their networks by setting a strong passowrd policy, which shall be built into the organizations policies. The role of the managers will be to remind the computer users on the need to change passowrds regularly in the move to minimizing hacking who may get their passowrds through online attacks and social engineering. Any new user in the company will be trained on good password ethics, practices, and the need to change passwords regularly. Transcorps Company password policy will then be intergrated into the company’s security policy and all the company members should abide by the policies. Similarly, the administrators of the company systems shall implement a safeguard, which will ensure that all users of the system are using strong passwords. The administartors shall set expiry dates of passwords on all systems of the organization, it shall also keep a password history to avoid reuse and ensure that all accounts are locked after 3-5 unsuccessful password attempts. Scenario 3 Viruses have corrupted the email servers. Virus corruption can be very detrimental to the companys informations system as it may lead to crushing of the system. Computer viruses are internal threats to the company. In the implementation process, an anti virus software will be run into the system (Frenzel, 1999). The anti virus to be used will be the latest in the market and upon installation in the computer system, it will scan all files, hard drives and any detected virus will be deleted. Updating the system using the latest anti virus in the market will reduce nasty viruses, which might be detrimental to the whole system. After all the viruses in the mail servers have been got rid of, the IT support team shall educate the company employees about viruses, how to update the anti virus software and they will also be discouraged from opening any email attachment from unknown senders since it is virus vulnerable. After that, the latest antivirus software should be permanently installed in each server, as it will ensure that all virus updates are periodically send to all client systems. The IT support team will also install an exchange server recovery or Visual Recovery for Exchange Server, which are types of exchange servers, and will be responsible for data recovery and especially for corrupted Microsoft® Exchange Server email database (Frenzel, 1999). This program will be used on healthy databases like EDD to PST conversion tool and it will have supported exchange sever versions like 2007, 2003, 2003 SPI, 2003 SP2, 2000 and 5.5 depending on availability and window type. The IT support team will also install an exchanger server for recovering email clients. They will choose between recovery for outlook and undelete for outlook depending on efficiency and windows type. This recovery for exchange server and email clients will be advantageous to the company due to their features, which include: The ability to recover folders, file attachments and messages The ability to recover email address from Active Directory storage Ability to recover creation dates for all objects Ability to recover contacts, notes, appointments and tasks It is capable of supporting Microsoft® Exchange server like 2003, 2007, 2003 SP2, 2003 SP1 and 5.5 It has full uninstall/install support It has the ability to recover password-protected files Undelete for outlook does not delete contacts, notes, messages, folders, file attachments and tasks Upon installation of the exchange server recovery, the company will be certain that it will not be prone to losing its information incase the system crushes (Frenzel, 1999). This software will increase information security in the company since no information will be lost incase of corruption of email servers. Systems failures may result to a total lose of data. To avoid this, the above exchange server recovery should be accompanied by back ups like diskettes and flash disks. Back ups will ease recovery of data incase the exchange server fails to work accordingly. Scenario 4 Employees who are no longer working with the company still have an existing logon and password and could log on to the system. If these former employees have a logon into the company system, hacking may take place and it will be possible for them to configure the information system to their favour. Displeased employees from Transcorp Company might have used their passwords to damage the company’s data, financial standing or even reliability (Frenzel, 1999). These former employees may have destroyed the hardware, entered data incorrectly, changed data, changed passwords or even deleted useful information to the company from the systems. The first thing the team will do is to delete all the existing logons for the employees who are no longer part of the company together with the deactivation and deleting of their accounts so that they may not have any access to the companys information system. In the process of changing the equipments and the installation of new operating systems, the following steps should be implemented to prevent hacking from former employees: i. Firewall implementation- This will act as a barrier and it will keep hackers out of the computer networks. The firewalls act as an intercept between the network traffic and the hackers and it denies access to any unauthorized access. ii. Corporate security policy development- the IT support teams will establish a corporate security policy with detailed information on the better practices to secure the network. Each employee of the company will choose a convinient password for himself or herself. This policy will ensure that all the passwords are changed in a period of 90 days to minimize hacking. If any employee leaves the company as in this case, their usernames and passowrds should be deleted immediately hence making them incapable of accessing the companys information system. Deleting the employee’s usernames and passwords will make them incapable of accessing the companys information without authorization. iii. Conducting a vulnerability test- the IT support team will begin a vulnerability test, which will be conducted twice a year with the aim of evaluating the security of the systems. This test will also be aimed at determining any hacking or flaws. iv. Keeping an up to date operating system- avoiding hacking and cracking was one of the main reasons behind upgrade of LAN in Transcorp Company. Upgrading an operating system involves the installation of the latest versions of software, which are free over the web. Maintaining the latest software in Transcorp Company will enable it to keep off hackers and especially its former employees. Therefore, the move by Transcorp Company to upgrade its operating system will see to the reduction of hacking by former employees. v. Design a network security- it should comprise of components like network attack recovery, network attack detection, network attack prevention and network attack isolation. This will enable the organization to detect any external threat from its former employees who might be out for ill motives. References Turban, et.al, (2000). Electronic Commerce. Prentice-Hall, Ins: New Jersey. Pages 341-379 Frenzel, C. (1999). Management of Information Technology. International Thomson Publishing. Canada Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Systems Security Example | Topics and Well Written Essays - 2104 words, n.d.)
Systems Security Example | Topics and Well Written Essays - 2104 words. https://studentshare.org/logic-programming/2045501-systems-security
(Systems Security Example | Topics and Well Written Essays - 2104 Words)
Systems Security Example | Topics and Well Written Essays - 2104 Words. https://studentshare.org/logic-programming/2045501-systems-security.
“Systems Security Example | Topics and Well Written Essays - 2104 Words”. https://studentshare.org/logic-programming/2045501-systems-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Transcorp Company System Security

Security Administration and Management

rom our analysis, by focusing on differentiation strategies in the security industry, Securitas AB success can be attributed to its vast experience in the market, product differentiation, and assorted brands.... Securitas AB by using its trademark experience and know how both product differentiation and cost leadership strategy means the company has a focus strategy, focusing on cash on transit and other security system.... This has become part of the company's culture....
14 Pages (3500 words) Essay

Air Transport Management and Operations

Whenever there is something wrong in the airport, such as economic problems, security threats, and weather disruptions, the managers must take action to remedy the situation.... International air transport operations are one of the most complex transportation systems and possibly the most complex transportation system around the world....
12 Pages (3000 words) Essay

Security Management: Containing Cargo Risk

The paper aims at exploring cargo security measures initiated by the concerned authorities in the US, the EU, Canada, and New Zealand.... Since 9/11, governments of these countries have either implemented or initiated cargo security measures in their own ways to ensure safe passage.... The initiative was launched in 2004 for the companies who agree to follow minimum security procedures.... Cargo security Since 9/11, governments of many countries such as European Union, the US, Canada, New Zealand, Australia have either implemented or initiated cargo security measures in their own ways to ensure safe passage....
2 Pages (500 words) Essay

The Security of Networking

The paper "The security of Networking" states as the complexity of safety threats increases, so do the security mechanisms necessary to safeguard networks.... Information center operators, network administrators, need to appreciate the fundamentals of security to arrange safe and administer systems.... security events are on the rise at an alarming rate each year.... As the complexity of safety threats increase, so do the security mechanisms necessary to safeguard networks....
12 Pages (3000 words) Essay

Information Security Standards

The paper "Information security Standards" is a perfect example of a report on information technology.... The paper "Information security Standards" is a perfect example of a report on information technology.... The paper "Information security Standards" is a perfect example of a report on information technology.... In this scenario, we can be able to assess that businesses' success being reliant on the information communication networks, which are able to offer enhanced characteristics like integrated security, carrier-class reliability, plus QoS become even more important....
11 Pages (2750 words)

Activities of System Security

The paper "Activities of system security" is a perfect example of a report on information technology.... The paper "Activities of system security" is a perfect example of a report on information technology.... The paper "Activities of system security" is a perfect example of a report on information technology.... ctivity 1bTarget organizationThe transcorp company recently received many complaints from the full-time postgraduate students (FTPS) from the school of computer science regarding the quality of the current systems and other problems they are encountering....
11 Pages (2750 words)

Analysis for the New Technology Formwork Establishment for the TRANSCORP Business

.... ... ...
13 Pages (3250 words) Case Study

Analysis of Some of Main Aspects of the TRANSCORP Business

or effective management of the business security for the business TRANSCORP, we require to set up an appropriate structure intended for the management and organizing of the company system security plus privacy.... or better protection and security of the business network, we need to implement a better network and system security mechanism.... or the new technology platform establishment at the business of transcorp company, we require to offer enhanced business security advantages to all areas of the business....
10 Pages (2500 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us