Security Assessment and Recommendation
Running head: POTENTIAL WEAKNESSES
Security Assessment and Recommendations
Security Assessment and Recommendations
I have been charged with the task of identifying potential security weaknesses and recommending solutions for Quality Web Design (QWD). The project was completed in two phases. The first phase of the project specifically identified and defined two potential security weaknesses: software and policy. The second phase recommends solutions to these potential weaknesses. I chose a scenario that outlines specifics of the organization’s type of business, business processes, assets, services, and security controls.
It is crucial for any organization to take necessary steps in securing their business’ assets, and customer’s data. Furthermore, it is also important for these security measures to be effective, and thoroughly planned. It is as equally important, in this interconnected and high-tech world, for corporations to also have and enforce an effective corporate security policy, because there are both internal and external threats (Symantec Corporation, 1995-2010).
Company Overview
Based on the scenario given, Quality Web Design is an IT corporation, with approximately 50-100 employees, offering top quality web design services for their customers. In order to appeal to their target audience and enhance services, they offer over 250,000 proprietary images and graphical designs. QWD’s customers can only access their corporate website.
There business processes include the use of a repository of website templates, custom written scripts, and custom applications. This repository is used to monitor project development and quality assurance testing. Additionally, QWD offers IT support for their accounting, payroll, and marketing operations through the use of their digital assets. They utilize a Wide Area Network (WAN) and an internal Local Area Network (LAN) for their offices.
There are strict technology-based access controls and a published corporate
Security Assessment and Recommendations
Security Assessment and Recommendations
I have been charged with the task of identifying potential security weaknesses and recommending solutions for Quality Web Design (QWD). The project was completed in two phases. The first phase of the project specifically identified and defined two potential security weaknesses: software and policy. The second phase recommends solutions to these potential weaknesses. I chose a scenario that outlines specifics of the organization’s type of business, business processes, assets, services, and security controls.
It is crucial for any organization to take necessary steps in securing their business’ assets, and customer’s data. Furthermore, it is also important for these security measures to be effective, and thoroughly planned. It is as equally important, in this interconnected and high-tech world, for corporations to also have and enforce an effective corporate security policy, because there are both internal and external threats (Symantec Corporation, 1995-2010).
Company Overview
Based on the scenario given, Quality Web Design is an IT corporation, with approximately 50-100 employees, offering top quality web design services for their customers. In order to appeal to their target audience and enhance services, they offer over 250,000 proprietary images and graphical designs. QWD’s customers can only access their corporate website.
There business processes include the use of a repository of website templates, custom written scripts, and custom applications. This repository is used to monitor project development and quality assurance testing. Additionally, QWD offers IT support for their accounting, payroll, and marketing operations through the use of their digital assets. They utilize a Wide Area Network (WAN) and an internal Local Area Network (LAN) for their offices.
There are strict technology-based access controls and a published corporate
References: Beal, V. (2010). Hardware and software firewalls explained. Retrieved on January 23, 2011, from http://www.webopedia.com/DidYouKnow/Hardware_Software/2004/ firewall_types.asp. Check Point Software Technologies Ltd. (2011). Multi-user packs. Retrieved on February 13, 2011, from http://promotions.zonealarm.com/security/en/cdn/multiuser-smb.htm?lid=en-us. Computer Documentation Project (n.d.). Remote access policy. Retrieved on February 13, 2011, from http://www.comptechdoc.org/independent/security/policies/remote-access-policy.html. Ruskwig (2006) Sans Institute InfoSec Reading Room (2006). Remote access VPN: Security concerns and policy enforcement. Retrieved on January 23, 2011, from http://www.sans.org/reading_room/ whitepapers/vpns/remote-access-vpn-security-concerns-policy-enforcement_881. Symantec Corporation (1995-2010). Importance of corporate security policy. Retrieved on January 23, 2011, from http://securityresponse.symantec.com/avcenter/security/ Content/security.articles/corp.security.policy.html. Watson, K. (2005). Security assessment report. Retrieved on January 23, 2011, from http://www.docstoc.com/docs/7321054/Security-Assessment-Report-Template Appendix