Aircraft Soutions
Essay by errigojp • November 8, 2012 • Case Study • 1,831 Words (8 Pages) • 2,222 Views
AIRCRAFT SOLUTIONS
Professor
SE571
Principles of Information Security and Privacy
Phase II Course Project
Company Overview
Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base: design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems.
The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements.
The company strategy is to offer low-cost design and computer-aided modeling packages to customers to reduce their development expenses. AS will help the customer through all phases of new product deployment, from initial prototypes through final large-volume production and assembly. By involving itself in all phases of customer product development, AS hopes to establish long-term relationships and secure repeated follow-on business with its customers. In addition, AS continues to invest heavily in workforce education and training, so as to improve capability to serve its customers.
Security Vulnerabilities
Overall the network has solid hardware firewall protection at every public network connection but one. The Commercial Division(CD) in Chula Vista, CA does not have a hardware firewall protection, it is connected directly to the public internet. The CD is directly connected to the headquarters in San Diego which contains the IT, Finance and S&M servers. These servers are vulnerable to attack since there is not a firewall in place to prevent an intrusion.
A perpetrator could infiltrate these servers and gain access to vital company information without much effort. A worst case scenario would be all of the clients information could be accessed by an outside entity. The information could be sold to competing companies and give them an advantage over Aircraft Solutions.
According to definition from Encyclopedia Britannica Academic Edition, "a firewall type of system used to monitor connections between computer networks. One of the earliest responses to malicious activity perpetrated through the Internet, firewalls became a standard part of corporate, governmental, and personal networks." The most common use of a firewall is to protect a private network from a public network such as the internet. Seemingly insignificant paths to and from the internet can provide unprotected paths into vital systems. Firewalls are a vital protection piece for any computer network. Top choice reviews states, "If you plan to access the internet without a firewall, it is like putting your hand in a beehive. The risk of you being stung are high, and it is the same risk for your computer to be hacked. Without a firewall your ports will be opened, and make it vulnerable for hackers."
Firewalls can also be used to separate a sensitive area of private network from less-sensitive areas. Firewalls can also offer other functions as well, such as a Network Address Translator(NAT). Without NAT, any host on the internal network that needs to send or receive data through the firewall need a registered IP address. Although such environments exist, most people have to settle for using a private address range on the internal network. Therefore they rely on the firewall system to translate the outgoing request into an applicable public network address.
Another security vulnerability is the interval at which firewalls and router rule sets are evaluated. Currently the interval is two years which is too long of an interval to evaluate rule sets. The computer world is constantly evolving and changing. Over a two years time computer hardware, software and security measures becomes antiquated and obsolete. Using obsolete rule sets in routers and firewalls is like using no protection at all. The methods of attackers will eventually evolve and surpass security measures which is why they should be updated at a closer interval than once every two years. Outdated rule sets in routers and firewalls could be used against the company by outside attackers. Attackers could potentially gain access to and change the security rules so they are in their favor. Disastrous conditions could occur and potentially it would be like the President without the Secret Service in place to protect him. He would be extremely vulnerable to attack. The company could lose all of its data to include client information, financial records, product details, employee records and even Aircraft Solutions tricks of the trade on what makes them profitable. All of these items should be closely guarded since they could potentially destroy the company and put them out of business.
Recommended Solutions/Justification
A firewall should be installed in the Chula Vista location. Cisco ASA 5500 Series Adaptive Security Appliances offer state-of-the-art security that is still flexible enough to meet your company's needs as it grows and changes. Cisco ASA 5500 Series Adaptive Security Appliances support:
* Customization: Personalize security for your specific access needs and business policies.
* Flexibility: As your business grows and needs change, you can easily add capabilities or upgrade from one device to another.
* Advanced Security: Take advantage of the latest in content security, encryption, identity authentication, authorization, and intrusion prevention.
* Simplicity: Use one device that's easy to install, manage, and monitor.
* Advanced Networking: Set up virtual private networks (VPNs) that give mobile and remote workers secure access to company resources or create VPNs between partners, other offices, or employees based on roles.
Firewall management is resource-intensive and requires a high level of expertise to prevent unauthorized access and costly breaches. Devices must be provisioned, deployed, upgraded and patched to keep up with the latest threats. Security policies and configurations must be updated to ensure appropriate
...
...