Computer Systems Security - Security Weaknesses

[pic 1]                                                             

    Computer Systems Security

2015/2016

Name: Amira Gamal.                 ID Number:  119607

list of contents

Section        Page

SECTION 1.  organization overview        3

SECTION 2.  security weaknesses        4

2.1        Hardware Weakness        4

    2.1.1      Associated Threat        4

    2.1.2      Associated Risk        5

    2.1.3      Consequences On The Company        5

2.2        Policy Weakness        6

    2.2.1      Associated Threat        6

    2.2.2      Associated Risk        6

    2.2.3      Consequences On The Company        7

SECTION 3.  recommendations        8

3.1        Solution of Hardware Weakness        4

    3.1.1      Solution        4

    3.1.2      Justification        5

    3.1.3      Impact on Business Processes        5

3.2        Solution of Policy Weakness        6

    3.2.1      Solution        6

    3.2.2      Justification        6

    3.2.3      Impact on Business Processes        7

SECTION 4.  reference list        8

SECTION 1.  organization overview

Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base:  design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems.

The following section is going to discuss two items from two different areas that have security weaknesses and need improved security. One would be hardware weakness and the other would be policy weakness.

                SECTION 2.  security weaknesses

2.1   Hardware Weakness  

“Any network or standalone computer that's connected to the Internet, or any other external network, is potentially at risk for an attack” (F. Decker).  Every public network connection is protected by a firewall. However, the commercial division (CD) is not protected by a firewall as it is connected directly to the three servers; IT, Finance and S&M servers. This problem makes the servers being at risk of being attacked because of the absence of the firewall protection.

[pic 2]

1. Associated Threat

As the Commercial Division (CD) is not protected by a HW firewall, and it is connected directly to AS headquarters that has the Finance, IT and S&M servers, this make these servers close to be hacked and attacked. The attack can take many forms, depending on the hacker's motivation. Some malicious software, or malware, diverts a portion of AS’s hardware and bandwidth to its own uses. Competitors could access AS’s proprietary information or vendor and customer data, gaining a crucial advantage.