Unit 1 Assignment 1 Application of Risk Management Techniques
1. Threats and Vulnerabilities
a. Windows Vista
b. Two large production facilities connected to headquarters via external ISP
c. Sales connects with VPN thru their own internet
2. Risk management techniques
a. Mitigation – modify the technical environment and train the employees
b. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
c. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
3. Windows Vista is outdated. This company needs to update all their machines to Windows 7 or 8. There aren’t any updates coming for Windows Vista anymore therefore they are putting their company at risk everyday that they keep Vista. Also, it’s stated that the workstations connect via industry standard managed switches. This may not be a high risk but it is still a risk.
The remote production facilities are connected to headquarters via routers T-1 (1.54 mbps telecomm circuit) LAN connections provided by an external ISP and share an internet connection through a firewall at headquarters. They do have firewalls in place; however there are still threats in place. Anyone could breach this firewall and use their system since it’s an external ISP.
Individual sales personnel connect to the system using a VPN which is great however they have to connect using their own individual internet connection typically in a home office. This puts them and the company at risk because again anyone could breach this internet connection. There needs to be multiple layers of security and firewalls protecting the information.
4. To prevent risk or threats of any kind you must safeguard all information stored on the database server. Employees have private information regarding business and customers stored on the database server and the loss or accidental leak of data could be a major hit to the company. This is why it is so important to use the risk management techniques of avoidance, transfer,
a. Windows Vista
b. Two large production facilities connected to headquarters via external ISP
c. Sales connects with VPN thru their own internet
2. Risk management techniques
a. Mitigation – modify the technical environment and train the employees
b. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
c. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
3. Windows Vista is outdated. This company needs to update all their machines to Windows 7 or 8. There aren’t any updates coming for Windows Vista anymore therefore they are putting their company at risk everyday that they keep Vista. Also, it’s stated that the workstations connect via industry standard managed switches. This may not be a high risk but it is still a risk.
The remote production facilities are connected to headquarters via routers T-1 (1.54 mbps telecomm circuit) LAN connections provided by an external ISP and share an internet connection through a firewall at headquarters. They do have firewalls in place; however there are still threats in place. Anyone could breach this firewall and use their system since it’s an external ISP.
Individual sales personnel connect to the system using a VPN which is great however they have to connect using their own individual internet connection typically in a home office. This puts them and the company at risk because again anyone could breach this internet connection. There needs to be multiple layers of security and firewalls protecting the information.
4. To prevent risk or threats of any kind you must safeguard all information stored on the database server. Employees have private information regarding business and customers stored on the database server and the loss or accidental leak of data could be a major hit to the company. This is why it is so important to use the risk management techniques of avoidance, transfer,