Security Solutions Against Computer Network-Myassignmenthelp.Com

Question: Discuss About The Security Solutions Against Computer Network? Answer: Introduction Every business organization works with an objective of earning better revenues and experiencing enhanced growth. These objectives can be met only with the clientele that trusts the organization and there is a good customer engagement that is maintained. The case study talks about a company that deals in the area of software and technology. It is located in Melbourne, Australia and had set its foot in the industry 51 months back. Information and network security solutions are the products that the company develops and deploys for its clients. There are various processes through which the development of such solutions can be done; however, the company currently restricts to two methods as in-house development of the customization process. There is various small scale and medium sized firms that outsource the company for development of the security solutions for them. The company has now decided to step into the area of online security services and packages and the overall expansion of the organization are also targeted. There are several new clients that the company aspires to work with and there is a lot of change in the current strategy, set of operations and decision making processes that is being happening. Technology is an area that experiences a constant change. There are new technologies and concepts that are being created every day and there are chances that the current technological ideas and methods may soon become obsolete and be replaced by newer and advanced processes. The use, application and implementation of technology has led to several benefits for the organizations but has also brought in many of the security threats and occurrences. These threats make use of any of the technological component as a threat agent to cause damage and therefore, a lot of work is being in the area of security of information and network security (Mohammed Salim, 2016). The report lists out the meaning of information and network security with latest enhancements in the field. Examples of the security applications, their utility for the organization and expansion plan have been covered in the report. Information and Network Security Meaning Definition An organization may manage, process and store information sets with varying degree of information, such as, private, public, confidential, sensitive and so on. Each of the information categories has some of the common properties viz. availability, privacy, integrity and confidentiality that must be maintained and protected. However, occurrence of any of the security risks and attacks violate these properties and attributes of the information. There is a discipline called Information Security then came into the picture to apply and implement methods to avoid, prevent and control these risks and attacks. The specific controls and process that are adapted to stop and check the network based security attacks come under the domain of Network Security (Gnanasankaran, Natarajan, Alagarsamy Iyakutti, 2013). Information and Network Security Risks A Few Examples Information sets that are stored in the database or the information that is transmitted via internal or external network may be breached. The information sets may experience some form of loss is association with its properties, attributes or contents and may also go through leakages (Nazareth Choi, 2015). Denial of service attacks, distributed denial of service attacks and other forms of flooding attacks to damage information availability. Attack of malware on the information and networks. Eavesdropping and man in the middle attacks which include the unauthorized access to the networks (Lippmann Riordan, 2016). Impersonation attacks, such as, spoofing and phishing attacks (Bajwa, 2014). Integrity attacks, such as message alteration and media alteration (Shameli-Sendi, 2017). Latest Developments and Advancements Technology is an area that experiences a constant change. There are new technologies and concepts that are being created every day and there are chances that the current technological ideas and methods may soon become obsolete and be replaced by newer and advanced processes. The use, application and implementation of technology has led to several benefits for the organizations but has also brought in many of the security threats and occurrences. These threats make use of any of the technological component as a threat agent to cause damage and therefore, a lot of work is being in the area of security of information and network security (Haider, Samdani, Ali Kamran, 2016). There are many new technologies that have been developed and there are many improvements that have been done to the existing technological concepts. Some of the buzzwords in the area of technology are Big Data and Business Intelligence. Application of these in the security measures amalgamated with Cryptography, intrusion detection and access control can lead to improved state of security in the organization (Roozbahani Azad, 2015). Application Developed for Information/Network Security VeraCrypt In spite of the security controls and measures, the frequency of security attacks is on an all time rise. In such cases, the information properties are negatively affected and the attackers misuse the information sets that they succeed in capturing. There is a measure that needs to be taken to violate the attempts of the attackers for misuse of the information even if they succeed in breaking through the access and capture the same. One such measure is encryption of the information. Encryption is a process in which there are encryption algorithms and protocols that are applied on the information sets which transforms the information to a secure form called as cipher text. This information can be retrieved to its original form only when the user enters a security key to decrypt it. There are various automated applications that have been developed to carry out this task and IDRIX came up with its creation called VeraCrypt. The application has attracted hundreds and thousands of users and has a good market share and recognition as well. It implements disk encryption for the security of the information and data sets (Fearn, 2017). The application has managed to establish a name in the market and it is because of the interesting set of features and benefits that it provides to its users. Eavesdropping, man in the middle and cold boot attacks can be prevented (PCMag, 2017). Tokens and smart cards can be safely used with the aid of this tool. Information security attacks such as breaching, loss and leakage can be avoided. Backdoor access attacks can be checked and avoided. With the set of benefits, there are also some of the weak points that are associated with the application that need to be understood before deciding to purchase or implement it in the organization. The tool demands the user to receive a training prior to the practical use of the application. Many operational errors have been reported (Veracrypt, 2017). Comodo Advanced Endpoint Organization in the present times makes use of numerous technological components and tools. Some of these tools and concepts include hardware, software, networks, databases etc. With all of these components, there are certain security risks that can be curbed by the application of security controls. The use of separate applications for every component may have a bad impact on the budget of the organizations which promotes the demand for a single and integrated security package. Comodo Advanced Equipment is being extensively used by the business organizations and other users to experience an integrated approach to security. This application can also prove to be of great utility for the software company in the case study (Strom, 2016). The platform on which this application has been built is the major strength of the application. It is due to the reason that the platform of the application only allows the secure files to have the access while the unsecure and suspicious ones are blocked. There are various security solutions that are integrated in this application, such as, malware protection, Internet Security, intrusion detection and prevention, SSL certificates, firewalls, proxy servers and many more. With the changing nature of the threat landscape, mere identification of the threats and application of a response strategy is not enough. It is necessary to work on the root cause of the same and remove it from the organizational architecture so that the attacker does not attempt the same and similar attacks again. It is essential to analyze the behavior of the attack and the attacker for this purpose which is offered by the application. There is good use and application of Business Intelligence and Big Data techniques that has been done for threat analysis and prevention. The application and its features will have a high degree of usability for the organization. The application has managed to establish a name in the market and it is because of the interesting set of features and benefits that it provides to its users. The application prevents and detects the security threats for each of the technological component and provides an integrated solution. Patch management (Comodo, 2016). The application would prove to be compatible for the other systems and tools used in the organization. Remote monitoring and control can be executed by the administrators and senior management. The latest technologies are also used for security the organizational assets. Cost-effective in nature. With the set of benefits, there are also some of the weak points that are associated with the application that need to be understood before deciding to purchase or implement it in the organization. Deployment may become complicated if the correct model is not selected for the task. Not enough documentation is provided at the time of dleivery (Stephenson, 2017). Bitdefender Antivirus Plus There are many incidences of malware attacks that have been witnessed in the recent times. Recently, WannaCry, a ransomware was triggered which had an adverse impact on the systems and applications across 150 countries. The severity of the malware attacks can therefore be significantly high and it is necessary to implement measures to detect and prevent these malicious programs. Bitdefender Antivirus Plus is an anti-malware tool that makes sure that malware attacks are violated and security is ensured (Pcmag, 2016). The application has managed to establish a name in the market and it is because of the interesting set of features and benefits that it provides to its users. Phishing protection without the need of browser plug-ins. High level of user interaction as the user is made aware of the activities carried out by the tool with the use of messages, alerts and also reports with utmost clarity. Security scans are automatically carried out and can also be scheduled. Wi-Fi scans to avoid the network based attacks. Ransomware protection and controls. Safety of financial transaction by implementing a security control called Safepay specifically for this category of transactions. With the set of benefits, there are also some of the weak points that are associated with the application that need to be understood before deciding to purchase or implement it in the organization. Security issues with the Password Manager in the application. Addition costs that are hidden at the time of purchase. Expansion Plan In the process of expansion by any organization, it is necessary to have enhanced level of planning so that the results that are achieved at the end are positive in nature. The same applied to the software company mentioned in the case study. The company must plan out the activities and tasks that it will cover to attain the goals of expansion. There are certain technological concepts that also be analyzed clearly. As a first step, the target set of customers and users shall be identified. A gap analysis must be performed on the existing solutions and required solutions. The latest developments and advancements in the field of security shall be researched. The findings shall be mapped with the requirements for the organization. The expansion process must include the phases as initiation and planning, analysis, execution, implementation and control. Marketing of the new services shall be done. The management shall also take initiatives to realize the goals and objectives of the expansion process. There must be correct allocation of roles and responsibilities along with regular inspections and reviews. There must also be specific teams set up in the areas of security, management and administration. This will ensure that the expansion process is successful. Conclusion There is a lot of work and research that is being executed in the areas of information and network security (Allen, 2012). There are various automated applications that have been developed to carry out encryption and IDRIX came up with its creation called VeraCrypt. The application has attracted hundreds and thousands of users and has a good market share and recognition as well. It implements disk encryption for the security of the information and data sets. Comodo Advanced Equipment is being extensively used by the business organizations and other users to experience an integrated approach to security. This application can also prove to be of great utility for the software company in the case study. There are various security solutions that are integrated in this application, such as, malware protection, Internet Security, intrusion detection and prevention, SSL certificates, firewalls, proxy servers and many more. Bitdefender Antivirus Plus is an anti-malware tool that makes sure that malware attacks are violated and security is ensured. All of these applications have managed to establish a name in the market and it is because of the interesting set of features and benefits that these provide to its users. With the changing nature of the threat landscape, mere identification of the threats and application of a response strategy is not enough. It is necessary to work on the root cause of the same and remove it from the organizational architecture so that the attacker does not attempt the same and similar attacks again. The application involve latest technologies and concepts that may be useful for the organization in its expansion process and these may be used in both of the modes that the organization uses for providing security solutions. There shall also be adequate planning and control that must be carried out for making sure that the goals and objectives are achieved. Recommendations Findings Technology is witnessing many changes and transformation at an extremely rapid rate. The lack of updates and the use of obsolete technology can enhance the probability of the security risks and attacks. It is, therefore, required that technological tools that are used are as per the latest advancements. The organization shall research on the use on advanced technologies like Artificial Intelligence, Big Data, Business Intelligence etc to improve the quality and usability of its security solutions. The existing services shall also be improved by applying these technological concepts (Brecht, 2012). The client requirements will not be same for every client and will depend upon a number of factors like industry type, likelihood of the security attacks, types of information sets etc. The method of implementing and developing the security solution shall be determined by analyzing all of these factors. The success or failure of the organization expansion will be highly dependent upon the management and leadership of the organization. The correct set of managerial and technical skills along with adequate monitoring and control will provide the desired results. There will also be many modifications and changes that will come up during this phase of expansion which shall be handled with the aid of a change management plan covering the steps as planning, management and reinforcement of the changes. References Allen, J. (2012). Deriving Software Security Measures from Information Security Standards of Practice. Retrieved 19 September 2017, from https://www.sei.cmu.edu/library/assets/whitepapers/derivingsecuritymeasures.pdf Bajwa, M. (2014). Wireless Network Security Threats and MitigationA Survey. Retrieved 19 September 2017, from https://file.scirp.org/pdf/_2014091813425297.pdf Brecht, M. (2012). A Closer Look at Information Security Costs Working Paper. Retrieved 19 September 2017, from https://www.econinfosec.org/archive/weis2012/papers/Brecht_WEIS2012.pdf Comodo. (2016). Comodo Launches Advanced Endpoint Protection Solution. comodo.com. Retrieved 19 September 2017, from https://www.comodo.com/news/press_releases/2016/02/comodo-launches-advanced-endpoint-protection.html Fearn, N. (2017). Top 5 best encryption tools of 2017. TechRadar. Retrieved 19 September 2017, from https://www.techradar.com/news/top-5-best-encryption-tools Gnanasankaran, N., Natarajan, S., Alagarsamy, K., Iyakutti, K. (2013). A Case Study of the Application of COTS Components in a Molecular Dynamics Software. Retrieved 19 September 2017, from https://www.lnse.org/papers/31-E060.pdf Hagen, J. (2013). Effectiveness of Organisational Information security measures. Retrieved 19 September 2017, from https://www.frisc.no/wp-content/uploads/2013/02/finse2013-hagen.pdf Haider, S., Samdani, G., Ali, M., Kamran, M. (2016). A comparvative analysis of In-house and outsorced development in software Industry. Retrieved 19 September 2017, from https://www.ijcaonline.org/archives/volume141/number3/haider-2016-ijca-909578.pdf Lippmann, R., Riordan, J. (2016). Threat-Based Risk Assessment for Enterprise Networks. Retrieved 19 September 2017, from https://ll.mit.edu/publications/journal/pdf/vol22_no1/22_1_3_Lippmann.pdf Mohammed Salim, R. (2016). Importance of network security for business organization. Retrieved 19 September 2017, from https://file://melstud/12047542$/Downloads/9120836%20(3).pdf Nazareth, D., Choi, J. (2015). A system dynamics model for information security management. Retrieved 19 September 2017, from https://ac.els-cdn.com/S0378720614001335/1-s2.0-S0378720614001335main.pdf?_tid=c703030a-8eb5-11e7-b607-00000aacb362acdnat=1504229883_21b0981211b42a588a985a023ef05aa3 Pcmag. (2016). Bitdefender Antivirus Plus. PCMag India. Retrieved 19 September 2017, from https://in.pcmag.com/bitdefender-antivirus-plus-2015/52300/review/bitdefender-antivirus-plus PCMag. (2017). VeraCrypt. PCMag Business Software Index. Retrieved 19 September 2017, from https://www.pcmag.com/business/directory/encryption/1671-veracrypt Roozbahani, F., Azad, R. (2015). Security Solutions against Computer Networks Threats. Retrieved 19 September 2017, from https://www.ijana.in/papers/V7I-1.pdf Shameli-Sendi, A. (2017). Taxonomy of Information Security Risk Assessment (ISRA). Retrieved 19 September 2017, from https://www.synchromedia.ca/system/files/SurveyRisk.pdf Stephenson, P. (2017). Comodo Advanced Endpoint Protection product review | SC Media UK. Scmagazineuk.com. Retrieved 19 September 2017, from https://www.scmagazineuk.com/comodo-advanced-endpoint-protection/review/9393/ Strom, D. (2016). 10 cutting-edge tools that take endpoint security to a new level. Network World. Retrieved 19 September 2017, from https://www.networkworld.com/article/3089361/endpoint-protection/10-cutting-edge-tools-that-take-endpoint-security-to-a-new-level.html Veracrypt. (2017). VeraCrypt. CodePlex. Retrieved 19 September 2017, from https://veracrypt.codeplex.com/