code galore caselet
CODE GALORE CASELET
1. What are some of the emerging IT security technologies that should be considered in solving the Problem related to the case?
Ans. The Problem areas in this case are:
1 The employees from the newly acquired company Skyhaven can have access to sensitive data of Code Galore because both servers have vulnerabilities that could allow an attacker to gain unauthorised remote privileged access it can be solved by using biometric security or face recognition methods as access methods that would make the data highly secure but since the company has cash crunch they can opt for access rights and permissions to the required users.
2 The source code from Skyhaven that is to be merged with the one from Codegalore is dispersed on workstations and servers alike. In this case we can install latest antivirus softwares and firewalls so that if there are malicious content on Skyhaven’s machines it will not affect code from Codegalore.
4 Code Galore employees are better aware of the company security policies than that of Skyhaven. Trainings on security can be conducted for Skyhaven’s employees so that they become aware of data security and the issues related to it.
5 Skyhaven employees do not take backups and are not aware of security configuration and patch management work. It should be made mandatory for the employees to take backups using technologies like snapshots and CDP(continuous data protection)
2. Which of the confidentiality, integrity and availability (CIA) triad is most critical to Code Galore’s business goals, and why?
Ans. There current goal is to make up decent profits and improve the financial condition of the company for survival. They want the merger with Skyhaven very urgently that too without spending much on the security they are also setting up a Wan to ease communication between both sets of employees and to allow easy access of code and data. So for code galore the most important aspect of the triad is availability and also
1. What are some of the emerging IT security technologies that should be considered in solving the Problem related to the case?
Ans. The Problem areas in this case are:
1 The employees from the newly acquired company Skyhaven can have access to sensitive data of Code Galore because both servers have vulnerabilities that could allow an attacker to gain unauthorised remote privileged access it can be solved by using biometric security or face recognition methods as access methods that would make the data highly secure but since the company has cash crunch they can opt for access rights and permissions to the required users.
2 The source code from Skyhaven that is to be merged with the one from Codegalore is dispersed on workstations and servers alike. In this case we can install latest antivirus softwares and firewalls so that if there are malicious content on Skyhaven’s machines it will not affect code from Codegalore.
4 Code Galore employees are better aware of the company security policies than that of Skyhaven. Trainings on security can be conducted for Skyhaven’s employees so that they become aware of data security and the issues related to it.
5 Skyhaven employees do not take backups and are not aware of security configuration and patch management work. It should be made mandatory for the employees to take backups using technologies like snapshots and CDP(continuous data protection)
2. Which of the confidentiality, integrity and availability (CIA) triad is most critical to Code Galore’s business goals, and why?
Ans. There current goal is to make up decent profits and improve the financial condition of the company for survival. They want the merger with Skyhaven very urgently that too without spending much on the security they are also setting up a Wan to ease communication between both sets of employees and to allow easy access of code and data. So for code galore the most important aspect of the triad is availability and also