IT Security Risks and Measures for Protection
Added on 2022-12-30
12 Pages2907 Words91 Views
Political Science
|
|
|
Security
Table of Contents
INTRODUCTION...........................................................................................................................3
TASK 1............................................................................................................................................4
P1 and P2 covered in power point presentation..........................................................................4
TASK2.............................................................................................................................................4
P3 Potential impact to IT security of incorrect configuration of firewall policies and third
party VPNs. ................................................................................................................................4
P4 How implementation of DMZ, static IP and NAT can improve network security with
examples. ....................................................................................................................................5
TASK3.............................................................................................................................................6
P5 Risk assessment procedures...................................................................................................6
P6 Data protection processes and regulations that are applicable to organisation. ....................7
TASK4.............................................................................................................................................7
P7 Design and implement a security policy for an organisation. ...............................................7
P8 Components of the organisational disaster recovery plan.....................................................8
CONCLUSION................................................................................................................................9
REFERENCES................................................................................................................................9
INTRODUCTION...........................................................................................................................3
TASK 1............................................................................................................................................4
P1 and P2 covered in power point presentation..........................................................................4
TASK2.............................................................................................................................................4
P3 Potential impact to IT security of incorrect configuration of firewall policies and third
party VPNs. ................................................................................................................................4
P4 How implementation of DMZ, static IP and NAT can improve network security with
examples. ....................................................................................................................................5
TASK3.............................................................................................................................................6
P5 Risk assessment procedures...................................................................................................6
P6 Data protection processes and regulations that are applicable to organisation. ....................7
TASK4.............................................................................................................................................7
P7 Design and implement a security policy for an organisation. ...............................................7
P8 Components of the organisational disaster recovery plan.....................................................8
CONCLUSION................................................................................................................................9
REFERENCES................................................................................................................................9
INTRODUCTION
IT security refers to security of data. They focus on three elements; confidentiality,
integrity and availability of data. In today's world, all important data is saved in laptop, PCs or in
any software. Earlier, data used to be secured in a filling cabinet but now everyone makes sure
that their data is secured enough and is a much broader term than cyber security. It is very
important to protect data, softwares so IT security helps in protecting it from all the damage
which can be done to particular information. There are many hackers so it is more necessary that
alll softwares are been secured. The below report involves security risks to organization,
procedures of organizational security, potential impact of wrong configuaration of firewall
policies and third party VPNs, implementation of DMZ, static IP, NAT can improve data
security, risk assessment procedures, process of data protection and regulations that are
applicable to organisation, designing and impletation of security policy and components of
organisational disaster recovery plan. The below report is about Soteria Cyber Safety Ltd. It is
the global leader in development and implementation of advanced physical and cyber security.
(Dycus and et.al, 2020)
TASK 1
P1 and P2 covered in power point presentation.
TASK2
P3 Potential impact to IT security of incorrect configuration of firewall policies and third party
VPNs.
The impact of IT security of incorrect configuration of firewall policies and third party
VPNs :-
FIREWALL POLICIES
IT security refers to security of data. They focus on three elements; confidentiality,
integrity and availability of data. In today's world, all important data is saved in laptop, PCs or in
any software. Earlier, data used to be secured in a filling cabinet but now everyone makes sure
that their data is secured enough and is a much broader term than cyber security. It is very
important to protect data, softwares so IT security helps in protecting it from all the damage
which can be done to particular information. There are many hackers so it is more necessary that
alll softwares are been secured. The below report involves security risks to organization,
procedures of organizational security, potential impact of wrong configuaration of firewall
policies and third party VPNs, implementation of DMZ, static IP, NAT can improve data
security, risk assessment procedures, process of data protection and regulations that are
applicable to organisation, designing and impletation of security policy and components of
organisational disaster recovery plan. The below report is about Soteria Cyber Safety Ltd. It is
the global leader in development and implementation of advanced physical and cyber security.
(Dycus and et.al, 2020)
TASK 1
P1 and P2 covered in power point presentation.
TASK2
P3 Potential impact to IT security of incorrect configuration of firewall policies and third party
VPNs.
The impact of IT security of incorrect configuration of firewall policies and third party
VPNs :-
FIREWALL POLICIES
Non-standard authentication methods:- If an organisation uses non standard
method then they may face risk in their cyber security and they rely completely on that
particular firewall even it has some kind of default. So, it is recommended that they
should use standard ways so that their security becomes strong. Various obstacles can
arise if an organisation uses non standard methods. Through non-standard methods it
becomes very easy for hackers to break network. In case of Soteria cyber safety ltd., they
always used standard methods and through this their security was very strong and they
were not facing any barrier.
Risky management services:- A security can be damaged if unncessary services
are running on firewall. There may be some IP conflicts that can arise due to rogue
DHCP servers who distributes IP addresses. So, organization must follow the concept of
generating lowest level of privileges which are necessary for organisation. As if too many
services will run together then it will not only affect performance but also increases
network load. In case of Soteria cyber safety ltd., they made sure that no unnecessary
services are being operating in firewall policy. (De Goede, 2018)
Open policy configurations:- Security risk occurs if firewalls allow traffic from
any source to ultimate destination. There are certain situations when organization is not
sure about what they exactly need so they use open policy configurations. The teams
should provide minimum level of privilege that are needed by users. To reduce risks,
organisation should regularly visit policies so that they can generate information
regarding whether their applications are being properly used or not.
THIRD PARTY VPNs
Compromised devices:- It is considered that third party VPNs will never destroy
vulnerabilities on internal basis. But the parties who use their own devices through the
use of VPN generate risk and due to this they bring malware to network.
method then they may face risk in their cyber security and they rely completely on that
particular firewall even it has some kind of default. So, it is recommended that they
should use standard ways so that their security becomes strong. Various obstacles can
arise if an organisation uses non standard methods. Through non-standard methods it
becomes very easy for hackers to break network. In case of Soteria cyber safety ltd., they
always used standard methods and through this their security was very strong and they
were not facing any barrier.
Risky management services:- A security can be damaged if unncessary services
are running on firewall. There may be some IP conflicts that can arise due to rogue
DHCP servers who distributes IP addresses. So, organization must follow the concept of
generating lowest level of privileges which are necessary for organisation. As if too many
services will run together then it will not only affect performance but also increases
network load. In case of Soteria cyber safety ltd., they made sure that no unnecessary
services are being operating in firewall policy. (De Goede, 2018)
Open policy configurations:- Security risk occurs if firewalls allow traffic from
any source to ultimate destination. There are certain situations when organization is not
sure about what they exactly need so they use open policy configurations. The teams
should provide minimum level of privilege that are needed by users. To reduce risks,
organisation should regularly visit policies so that they can generate information
regarding whether their applications are being properly used or not.
THIRD PARTY VPNs
Compromised devices:- It is considered that third party VPNs will never destroy
vulnerabilities on internal basis. But the parties who use their own devices through the
use of VPN generate risk and due to this they bring malware to network.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IT Security: A Comprehensive Guide to Protecting Your Organizationlg...
|25
|6063
|108
Assessing Security Risks to Organisationlg...
|21
|5004
|59
IT Security Management: A Comprehensive Guide for Organizationslg...
|30
|4787
|183
iT Securitylg...
|17
|5127
|60
Network Security: A Comprehensive Guide to Protecting Your Organizationlg...
|28
|5139
|104
Different Types of Security to Organizationslg...
|14
|4342
|38