An Analysis of Security Issues and Solutions in Enterprise Systems
VerifiedAdded on 2022/09/07
|16
|4283
|17
Report
AI Summary
This report delves into the critical aspects of Enterprise System security, addressing various vulnerabilities at the network, operating system, and application levels. It emphasizes the importance of a well-defined information security policy, employee awareness, and access control mechanisms to safeguard sensitive data. The report further explores the significance of top-level management support and effective security management practices, including the integration of network and system security. It highlights the need for robust security features and object-oriented security approaches. A case study provides practical insights into real-world security challenges and solutions. The report concludes by discussing future works and ongoing trends in Enterprise System security.
Running head: ENTERPRISE SYSTEM
ENTERPRISE SYSTEM
Name of the Student
Name of the University
Author Note
ENTERPRISE SYSTEM
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ENTERPRISE SYSTEM
Table of Contents
Introduction:...............................................................................................................................3
Security Issues in Enterprise Systems........................................................................................4
Network layer.........................................................................................................................4
Operating System Level.........................................................................................................4
Application Vulnerabilities....................................................................................................5
Security of Enterprise Systems..................................................................................................5
Information Security Policy...................................................................................................5
Employee Awareness.............................................................................................................6
Access Control.......................................................................................................................6
Top Level Management Support............................................................................................7
Security Management.............................................................................................................8
Combining Network and System Security.............................................................................8
Security Features....................................................................................................................9
Object Oriented Security........................................................................................................9
Case Study based on Security of Enterprise Systems..............................................................10
Table of Contents
Introduction:...............................................................................................................................3
Security Issues in Enterprise Systems........................................................................................4
Network layer.........................................................................................................................4
Operating System Level.........................................................................................................4
Application Vulnerabilities....................................................................................................5
Security of Enterprise Systems..................................................................................................5
Information Security Policy...................................................................................................5
Employee Awareness.............................................................................................................6
Access Control.......................................................................................................................6
Top Level Management Support............................................................................................7
Security Management.............................................................................................................8
Combining Network and System Security.............................................................................8
Security Features....................................................................................................................9
Object Oriented Security........................................................................................................9
Case Study based on Security of Enterprise Systems..............................................................10
2ENTERPRISE SYSTEM
Introduction:
The Enterprises systems are systems of information technology that are companywide
and that the organizations utilise in order to amalgamate more than one functions of business
into one warehouse of data. The enterprise systems allow an enterprise in order to combine
the data that are utilised throughout its organization. The enterprise systems consists of data
from the different features of a company such as human resources, finance, sales and
marketing, operations and logistics and many more. The abundance of systems of information
that are created and improved over a small number of years has made the making of decisions
easy for managers. An issue that outputs from this benefit is that all of the information of the
organization is accessible only in one location. This makes the property those are intellectual
of the company more vulnerable, which is one of the competitive advantages of a company.
The breaches in security can result in disruption in continuity, lowered efficiency,
effectiveness, and legal implications.
The organizations must safeguard the access of the employees to the passwords and
the username that safeguards much information that ranges from credit card information to
financial reports. However, the security of system of information is essential for a company
to protect these informations from the hackers.
The report focuses on the security of the systems of information and relevant topics
that are associated to systems security of information. The report discusses about a case study
that are associated to the security of the information systems. Lastly, the future works are also
discussed in this report.
Introduction:
The Enterprises systems are systems of information technology that are companywide
and that the organizations utilise in order to amalgamate more than one functions of business
into one warehouse of data. The enterprise systems allow an enterprise in order to combine
the data that are utilised throughout its organization. The enterprise systems consists of data
from the different features of a company such as human resources, finance, sales and
marketing, operations and logistics and many more. The abundance of systems of information
that are created and improved over a small number of years has made the making of decisions
easy for managers. An issue that outputs from this benefit is that all of the information of the
organization is accessible only in one location. This makes the property those are intellectual
of the company more vulnerable, which is one of the competitive advantages of a company.
The breaches in security can result in disruption in continuity, lowered efficiency,
effectiveness, and legal implications.
The organizations must safeguard the access of the employees to the passwords and
the username that safeguards much information that ranges from credit card information to
financial reports. However, the security of system of information is essential for a company
to protect these informations from the hackers.
The report focuses on the security of the systems of information and relevant topics
that are associated to systems security of information. The report discusses about a case study
that are associated to the security of the information systems. Lastly, the future works are also
discussed in this report.
3ENTERPRISE SYSTEM
Security Issues in Enterprise Systems
Network layer
In the year 2011, some of the specialists examined DIAG protocol that is used in the
enterprise systems that transfers data from the client end to the server of SAP. There were
two utilities that were published and it allowed intercepting, decrypting and then modifying
the requests of server-client that contains the information that is critical (Tjoa et al.,2016).
This attack is possible by the attack knows as man-in-the-middle. The second utility that is
present operates like a proxy and it was developed to recognise new threats. It allowed the
modification of the requests that is coming from to the server and the clients.
Operating System Level
The operating system software threats
Any distant vulnerability in the operating system is utilised in order to gain entry into the
applications.
Weak operating systems password
Empty passwords for tools of management that are remote
Password brute-forcing that are remote
Insecure settings of operating systems
The access rights of the files. The DBMS and the SAP files have access rights that are
insecure.
The remote users can access the SAP data through SMB and NFS
The host settings that are insecure. In the hosts that are trusted, the servers can be listed
and then an hacker can access them easily.
Security Issues in Enterprise Systems
Network layer
In the year 2011, some of the specialists examined DIAG protocol that is used in the
enterprise systems that transfers data from the client end to the server of SAP. There were
two utilities that were published and it allowed intercepting, decrypting and then modifying
the requests of server-client that contains the information that is critical (Tjoa et al.,2016).
This attack is possible by the attack knows as man-in-the-middle. The second utility that is
present operates like a proxy and it was developed to recognise new threats. It allowed the
modification of the requests that is coming from to the server and the clients.
Operating System Level
The operating system software threats
Any distant vulnerability in the operating system is utilised in order to gain entry into the
applications.
Weak operating systems password
Empty passwords for tools of management that are remote
Password brute-forcing that are remote
Insecure settings of operating systems
The access rights of the files. The DBMS and the SAP files have access rights that are
insecure.
The remote users can access the SAP data through SMB and NFS
The host settings that are insecure. In the hosts that are trusted, the servers can be listed
and then an hacker can access them easily.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4ENTERPRISE SYSTEM
Application Vulnerabilities
The Enterprise systems transfers more features on the level of web application with
several vulnerabilities:
The vulnerabilities of web application
Overflow of buffer and format string in the application and web servers
The access of insecure privileges
Security of Enterprise Systems
Information Security Policy
A policy of security of information is a sequence of processes, practices, standards
and rules that an organization employs in order to support a secure information technology
systems. This policy consists of information such as how and when a worker should
admission the knowledge that is secured and how frequently the pass codes of the employees
should be altered. It can be said the program of security of information of an organization
depends upon a security policy that is well defined (Grytsenko, 2018). Many experts think
that the creation of a policy of security is one of the procedures those are practical in order to
safeguard a system that are protected. Some experts think that the creation of a policy of
security of information is the first stage by making the company prepare against the external
and internal attacks. One of the most important factors that must be stick to in the
development of the policy is the support of the management that are at the top level of the
organization. The best means to get the workers to abide with the policies of security of
information is to implement policies into the culture of organization (Delas, Nosova &
Yafinovych, 2015). The main aim is to have the employees of the organization follow and
protect the policies. The security processes and the policies are one of the most executed
Application Vulnerabilities
The Enterprise systems transfers more features on the level of web application with
several vulnerabilities:
The vulnerabilities of web application
Overflow of buffer and format string in the application and web servers
The access of insecure privileges
Security of Enterprise Systems
Information Security Policy
A policy of security of information is a sequence of processes, practices, standards
and rules that an organization employs in order to support a secure information technology
systems. This policy consists of information such as how and when a worker should
admission the knowledge that is secured and how frequently the pass codes of the employees
should be altered. It can be said the program of security of information of an organization
depends upon a security policy that is well defined (Grytsenko, 2018). Many experts think
that the creation of a policy of security is one of the procedures those are practical in order to
safeguard a system that are protected. Some experts think that the creation of a policy of
security of information is the first stage by making the company prepare against the external
and internal attacks. One of the most important factors that must be stick to in the
development of the policy is the support of the management that are at the top level of the
organization. The best means to get the workers to abide with the policies of security of
information is to implement policies into the culture of organization (Delas, Nosova &
Yafinovych, 2015). The main aim is to have the employees of the organization follow and
protect the policies. The security processes and the policies are one of the most executed
5ENTERPRISE SYSTEM
security measures. It has been found through several surveys that the organizations of
Norway are not effective in terms of security of information.
Employee Awareness
The maintenance and development of awareness of security that consists of both
collective and the individual activities that is taking initiatives to educate and raise awareness.
Various researchers consider that the alertness of employees is one of the important methods
to safeguard the data and information of the company (Yildirim, 2016). It is found out the
development of awareness is one of the most essential program of information security.
Training can maximize the awareness of security, understanding the awareness and
participating in it. The employees of the organization can safeguard the systems better as they
have an increased perceptive of the consequences those are possible of infringement of
security and the means these infringments can be mitigated (McIlwraith, 2016). In addition to
all these, the extent to which the employees of the organization recognize that compliance
with the policies of security that are existing are compulsory and they are directly associated
to the motivation of the employees that are present in the organization in order to take
security precautions.
For example, let us take the case of Sony PlayStation network cases; the maximized
advantages of security are not only essential to the organization that is sponsoring but also to
the customers and the suppliers (VLĂDESCU & Sgarciu, 2016). The companies offer
security training free of cost to the customers in order to give the customers a true
appreciation of the danger of security of information in Enterprise systems. Similar to the
creation and the execution of the policies of security, it is very important for the
consciousness of the employees to be an important tool in order to mitigate the poor security
and the support of management that are at top-level of organization is important.
security measures. It has been found through several surveys that the organizations of
Norway are not effective in terms of security of information.
Employee Awareness
The maintenance and development of awareness of security that consists of both
collective and the individual activities that is taking initiatives to educate and raise awareness.
Various researchers consider that the alertness of employees is one of the important methods
to safeguard the data and information of the company (Yildirim, 2016). It is found out the
development of awareness is one of the most essential program of information security.
Training can maximize the awareness of security, understanding the awareness and
participating in it. The employees of the organization can safeguard the systems better as they
have an increased perceptive of the consequences those are possible of infringement of
security and the means these infringments can be mitigated (McIlwraith, 2016). In addition to
all these, the extent to which the employees of the organization recognize that compliance
with the policies of security that are existing are compulsory and they are directly associated
to the motivation of the employees that are present in the organization in order to take
security precautions.
For example, let us take the case of Sony PlayStation network cases; the maximized
advantages of security are not only essential to the organization that is sponsoring but also to
the customers and the suppliers (VLĂDESCU & Sgarciu, 2016). The companies offer
security training free of cost to the customers in order to give the customers a true
appreciation of the danger of security of information in Enterprise systems. Similar to the
creation and the execution of the policies of security, it is very important for the
consciousness of the employees to be an important tool in order to mitigate the poor security
and the support of management that are at top-level of organization is important.
6ENTERPRISE SYSTEM
Access Control
Another technique to maintain information security in the enterprise systems in to
limit the access of the employees to some information by the roles of the employees. Access
control is described as a procedure an organization takes in order to bound the entry of a
worker has to the different features of business (Hu et al.,2015). These particular functions
are not relevant to the roles of the employees or containing much more information that the
employees should have the access. The researchers have found out that many organizations
follow Role Based Access Control. It is a means to bind the admittance of the employees by
users, responsibilities, constraints and permissions. A framework was created in order to
develop awareness of security in which RBAC has an essential functionality. By splitting the
workers into various profiles and roles, it is very easy to decide what employees have
admittance to which of the information (Preuveneers, Joosen & Ilie-Zudor, 2018). For
example, an employee that works on accounts those are payable should have admittance to
the invoices that are processing. Tracking the access of the user to the information that are
critical and detecting the access that is not authorized are important steps all organizations
should take in order to protect the high-risk data and sensitive information. Due to the
changes in the organization or the modifications of the policies of security, the rules of access
have to be updated often. This is the procedure that requires to be controlled in a manner such
that it is efficient, secured and adaptable by the company (Sindiren & Ciylan, 2019).
Top Level Management Support
The top researchers that researches in the security of the enterprise systems have
stated that the opportunities and the threats that are faced by us are becoming greater day by
day (Soomro, Shah & Ahmed, 2016). The new technologies and the rapid globalization are
changing the economy and the way people work. The employees of an organization must
recognize that the top-level management of the organization believes that security of
Access Control
Another technique to maintain information security in the enterprise systems in to
limit the access of the employees to some information by the roles of the employees. Access
control is described as a procedure an organization takes in order to bound the entry of a
worker has to the different features of business (Hu et al.,2015). These particular functions
are not relevant to the roles of the employees or containing much more information that the
employees should have the access. The researchers have found out that many organizations
follow Role Based Access Control. It is a means to bind the admittance of the employees by
users, responsibilities, constraints and permissions. A framework was created in order to
develop awareness of security in which RBAC has an essential functionality. By splitting the
workers into various profiles and roles, it is very easy to decide what employees have
admittance to which of the information (Preuveneers, Joosen & Ilie-Zudor, 2018). For
example, an employee that works on accounts those are payable should have admittance to
the invoices that are processing. Tracking the access of the user to the information that are
critical and detecting the access that is not authorized are important steps all organizations
should take in order to protect the high-risk data and sensitive information. Due to the
changes in the organization or the modifications of the policies of security, the rules of access
have to be updated often. This is the procedure that requires to be controlled in a manner such
that it is efficient, secured and adaptable by the company (Sindiren & Ciylan, 2019).
Top Level Management Support
The top researchers that researches in the security of the enterprise systems have
stated that the opportunities and the threats that are faced by us are becoming greater day by
day (Soomro, Shah & Ahmed, 2016). The new technologies and the rapid globalization are
changing the economy and the way people work. The employees of an organization must
recognize that the top-level management of the organization believes that security of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7ENTERPRISE SYSTEM
enterprise systems is essential to the accomplishment of the organization and it is embedded
into the culture of corporate. The main aim of the management of security of information is
to change the policy of security of the organization into sequence of certain needs that can be
easily conversed to the company. Furthermore, it can be imposed and measured (Munira,
Molok & Talib, 2017). It is seen that better the support of the top-level of the information
security, greater will be preventative efforts a company will make. The top-level management
support is important to the success of the security governance.
Security Management
The security stack of an Enterprise system consists of the administration of the user,
security of the system and tracking for violations. The products of security must
communicate with each other in order to exchange information about the end users, resources
and data. The administration of the user is the daily responsibility of an administrator of
security (Moskalenko, Romanenko & Oliinyk, 2015). However, sometimes the administrator
of security is the network administrator, the system administrator and the administrator of
database. The main focus of the administrator is to keep the system running rather than on the
security of the enterprise systems. This happens when there are one or two people handling
the security as well as the system. The security administrator tries to make sure that the
username, the passwords are assigned properly, and the persons are given only allowed to see
the information that they want to know (Dotsenko et al.,2019). The administrators of security
spend their maximum time in order to determine the write, read, update and delete
permissions for the directories and the files. The managers of security create the policies of
security and these policies are programmed in the management software of security. If a
company starts with manufacturer based on one equipment for all systems of computers then
within a period of three years the company would become an environment that is
enterprise systems is essential to the accomplishment of the organization and it is embedded
into the culture of corporate. The main aim of the management of security of information is
to change the policy of security of the organization into sequence of certain needs that can be
easily conversed to the company. Furthermore, it can be imposed and measured (Munira,
Molok & Talib, 2017). It is seen that better the support of the top-level of the information
security, greater will be preventative efforts a company will make. The top-level management
support is important to the success of the security governance.
Security Management
The security stack of an Enterprise system consists of the administration of the user,
security of the system and tracking for violations. The products of security must
communicate with each other in order to exchange information about the end users, resources
and data. The administration of the user is the daily responsibility of an administrator of
security (Moskalenko, Romanenko & Oliinyk, 2015). However, sometimes the administrator
of security is the network administrator, the system administrator and the administrator of
database. The main focus of the administrator is to keep the system running rather than on the
security of the enterprise systems. This happens when there are one or two people handling
the security as well as the system. The security administrator tries to make sure that the
username, the passwords are assigned properly, and the persons are given only allowed to see
the information that they want to know (Dotsenko et al.,2019). The administrators of security
spend their maximum time in order to determine the write, read, update and delete
permissions for the directories and the files. The managers of security create the policies of
security and these policies are programmed in the management software of security. If a
company starts with manufacturer based on one equipment for all systems of computers then
within a period of three years the company would become an environment that is
8ENTERPRISE SYSTEM
heterogeneous. In the past several years, the administrator of security and managers operated
in homogenous environment (Soomro, Shah & Ahmed, 2016).
Combining Network and System Security
The essential aspect of security in order to manage a system of enterprise is the
integration of system security with network security (Singhal & Ou, 2017). The security of
network must audit, control and limit entry that is based on the username to all the systems of
computer on the intranet and the internet networks by enabling the policies of security of
network and the regulations to be centrally defined and enforced through the enterprise. The
managers of enterprise offer a benefit that is significant to the end user in terms of accessing
the various systems that are within the systems of enterprise. The management of security
should be conscious of enterprise (Pinto & Garvey, 2016). The firewall in the enterprise is
one of the most essential security measures that a company can take in order to protect the
business.
Security Features
Many systems of pre-enterprise need the end user to memorize large number of
passwords and various usernames. This functionality is known as single-sign-on. The user
requires only knowing one username and one password in order to get entry to all the
directories, reports and files that are authorized (Feldman et al., 2016). The screen that the
end user sees initially upon logging in the system is determined by the membership, policies,
access privileges, role of database and the policies of security. The end users should not have
to be re-defined between more than one systems. When an event of security takes place
anywhere in the organization, the information about the various event should be acquired and
reported properly to the security administrators and the matter is serious then it is escalated to
the managers of security (Govindaraju, & Prabhavathi, 2017).
heterogeneous. In the past several years, the administrator of security and managers operated
in homogenous environment (Soomro, Shah & Ahmed, 2016).
Combining Network and System Security
The essential aspect of security in order to manage a system of enterprise is the
integration of system security with network security (Singhal & Ou, 2017). The security of
network must audit, control and limit entry that is based on the username to all the systems of
computer on the intranet and the internet networks by enabling the policies of security of
network and the regulations to be centrally defined and enforced through the enterprise. The
managers of enterprise offer a benefit that is significant to the end user in terms of accessing
the various systems that are within the systems of enterprise. The management of security
should be conscious of enterprise (Pinto & Garvey, 2016). The firewall in the enterprise is
one of the most essential security measures that a company can take in order to protect the
business.
Security Features
Many systems of pre-enterprise need the end user to memorize large number of
passwords and various usernames. This functionality is known as single-sign-on. The user
requires only knowing one username and one password in order to get entry to all the
directories, reports and files that are authorized (Feldman et al., 2016). The screen that the
end user sees initially upon logging in the system is determined by the membership, policies,
access privileges, role of database and the policies of security. The end users should not have
to be re-defined between more than one systems. When an event of security takes place
anywhere in the organization, the information about the various event should be acquired and
reported properly to the security administrators and the matter is serious then it is escalated to
the managers of security (Govindaraju, & Prabhavathi, 2017).
9ENTERPRISE SYSTEM
Object Oriented Security
The development in the future can consist of a motion to the repositories that are
object-oriented in order to specify the policies of management that adjust proactively the
settings in addition to launching actions that are corrective and that are automatic (Happe,
Duncan & Bratterud, 2017). Another utilization of object is an agent that is intelligent and
that can expect both the present and the future outcome and that in turn can activate some
changes in the policies of security by identifying a prototype of behaviour of system. This
concept has been achieved partially by the utilization of neural networks and the agent that
are intelligent known as neugent that utilises the metaphor of a remote control of a VCR in
order to permit the user to reverse or fast-forward a situation (Bahssas, AlBar & Hoque,
2015).
Case Study based on Security of Enterprise Systems
The case study is about the security of enterprise systems of an organization that deals
with providing IT solutions to its clients. The company has implemented Enterprise systems
so that it is easy to perform its activities and can provide excellent services to its customers.
The importance of enterprise systems is that it will help the employees to do the work in an
easier way. It is used to store information of the clients and the sensitive data that is essential
to the company. It will help the organization in its back office activities (Ahmad, Maynard &
Shanks, 2015). The organization provides high-tech every type of IT solutions such as
software solutions, network solutions and many mire solutions to its clients and the clients
are happy with its services. The vision of this consultant firm is to make sure a safe
environment of work for its employees, clients and to provide the customers with technical
and professional excellence. The mission of this consultant company is to provide excellent
customer services to its clients. In order to reach its mission, the enterprise system that is
implemented will help the company. The enterprise systems will make important decisions
Object Oriented Security
The development in the future can consist of a motion to the repositories that are
object-oriented in order to specify the policies of management that adjust proactively the
settings in addition to launching actions that are corrective and that are automatic (Happe,
Duncan & Bratterud, 2017). Another utilization of object is an agent that is intelligent and
that can expect both the present and the future outcome and that in turn can activate some
changes in the policies of security by identifying a prototype of behaviour of system. This
concept has been achieved partially by the utilization of neural networks and the agent that
are intelligent known as neugent that utilises the metaphor of a remote control of a VCR in
order to permit the user to reverse or fast-forward a situation (Bahssas, AlBar & Hoque,
2015).
Case Study based on Security of Enterprise Systems
The case study is about the security of enterprise systems of an organization that deals
with providing IT solutions to its clients. The company has implemented Enterprise systems
so that it is easy to perform its activities and can provide excellent services to its customers.
The importance of enterprise systems is that it will help the employees to do the work in an
easier way. It is used to store information of the clients and the sensitive data that is essential
to the company. It will help the organization in its back office activities (Ahmad, Maynard &
Shanks, 2015). The organization provides high-tech every type of IT solutions such as
software solutions, network solutions and many mire solutions to its clients and the clients
are happy with its services. The vision of this consultant firm is to make sure a safe
environment of work for its employees, clients and to provide the customers with technical
and professional excellence. The mission of this consultant company is to provide excellent
customer services to its clients. In order to reach its mission, the enterprise system that is
implemented will help the company. The enterprise systems will make important decisions
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10ENTERPRISE SYSTEM
for the company and track the operations of the company and will store the important
informations and data in the systems of its clients, the credit card details and the username
and passwords of the each computer in the company.
Recently, the enterprise system of the company was hacked and the all the
informations and the data that was stored in the system was accessed by someone unknown.
The company came to know about this through a project that it got but later its competitor
took it up. The company was running in huge loss due to this as it was an important project
and the competitor was able to pick the project due to the lack of security of the enterprise
systems. Another problem of the company is that all the employees can access the enterprise
systems and the authentication of the enterprise systems is single authentication which is one
of the back dated authentication. This is the reason, the enterprise system of the consultant
company was hacked and all the critical information and sensitive data was accessed. The
company has provided no training to is employees so that they can know and take steps
regarding the security breaches of the enterprise systems.
The consultant company should upgrade the security of the enterprise systems so that
no such security breaches occur that will harm the company and the clients of the company.
First, the company should not allow all the employees to use the enterprise systems. The
username and password of the enterprise system should be with the top officials of the
company and only one employee that work with the enterprise system. The consultant
company should use two-step authentication techniques that include encryption and
decryption so that no one can understand the information and the data other than the
employee or the top officials of the company. The consultant company should train the
employees about the security breaches that is what should be done and how they can
understand when a security breach takes place. The company should control the access of the
employees on the informations system so that not anyone can touch the enterprise system.
for the company and track the operations of the company and will store the important
informations and data in the systems of its clients, the credit card details and the username
and passwords of the each computer in the company.
Recently, the enterprise system of the company was hacked and the all the
informations and the data that was stored in the system was accessed by someone unknown.
The company came to know about this through a project that it got but later its competitor
took it up. The company was running in huge loss due to this as it was an important project
and the competitor was able to pick the project due to the lack of security of the enterprise
systems. Another problem of the company is that all the employees can access the enterprise
systems and the authentication of the enterprise systems is single authentication which is one
of the back dated authentication. This is the reason, the enterprise system of the consultant
company was hacked and all the critical information and sensitive data was accessed. The
company has provided no training to is employees so that they can know and take steps
regarding the security breaches of the enterprise systems.
The consultant company should upgrade the security of the enterprise systems so that
no such security breaches occur that will harm the company and the clients of the company.
First, the company should not allow all the employees to use the enterprise systems. The
username and password of the enterprise system should be with the top officials of the
company and only one employee that work with the enterprise system. The consultant
company should use two-step authentication techniques that include encryption and
decryption so that no one can understand the information and the data other than the
employee or the top officials of the company. The consultant company should train the
employees about the security breaches that is what should be done and how they can
understand when a security breach takes place. The company should control the access of the
employees on the informations system so that not anyone can touch the enterprise system.
11ENTERPRISE SYSTEM
Another mitigation techniques of security breach of the enterprise system is that a proper
security policy. The consultant company should formulate a proper security policy and
should ensure that all the employees in the company should abide the security policies that
are formulated. These are all the primary concerns that the consultant company should take
into account so that the security breach does not take place. The secondary concern of the
company is to make the networks in the company safe so that any attacker cannot get in the
network and then access the enterprise system. For this the system should be installed with
firewall and other softwares that can catch the breach of security in the enterprise systems.
After taking these safety precautions, the consultant company can stop the security breaches
and can stop the information from accessed. The consultant company can then provide the
clients with excellent customer services, can retain the clients, and lastly, can meet its
objectives.
Conclusion
The enterprise systems are one of the essential parts of an organization that does the
job that the employees of an organization do. In simple language, it decreases the complexity
of work of the employees in an organization. The enterprise systems are used to store
important information and sensitive data and the monitor and make decisions about the
important activities of an organization. The report discusses about the security of the
enterprise systems in an organization. There are different security issues of an enterprise
systems that are discussed in the report that consists of network layer vulnerability, operating
system level vulnerability and applications vulnerability that can harm the enterprise system
and the company as well and the important data and information can get accessed. There are
different security measures that a company should employ so that the security breach does
not take place. These include information security policy, awareness of the employees, and
control of the access of employees, integrating the network and the system security and many
Another mitigation techniques of security breach of the enterprise system is that a proper
security policy. The consultant company should formulate a proper security policy and
should ensure that all the employees in the company should abide the security policies that
are formulated. These are all the primary concerns that the consultant company should take
into account so that the security breach does not take place. The secondary concern of the
company is to make the networks in the company safe so that any attacker cannot get in the
network and then access the enterprise system. For this the system should be installed with
firewall and other softwares that can catch the breach of security in the enterprise systems.
After taking these safety precautions, the consultant company can stop the security breaches
and can stop the information from accessed. The consultant company can then provide the
clients with excellent customer services, can retain the clients, and lastly, can meet its
objectives.
Conclusion
The enterprise systems are one of the essential parts of an organization that does the
job that the employees of an organization do. In simple language, it decreases the complexity
of work of the employees in an organization. The enterprise systems are used to store
important information and sensitive data and the monitor and make decisions about the
important activities of an organization. The report discusses about the security of the
enterprise systems in an organization. There are different security issues of an enterprise
systems that are discussed in the report that consists of network layer vulnerability, operating
system level vulnerability and applications vulnerability that can harm the enterprise system
and the company as well and the important data and information can get accessed. There are
different security measures that a company should employ so that the security breach does
not take place. These include information security policy, awareness of the employees, and
control of the access of employees, integrating the network and the system security and many
12ENTERPRISE SYSTEM
such measures. The report concludes with a case study of a consulting company that provides
IT solutions to its clients and the security measures the company employs in order to escape
the security breach.
such measures. The report concludes with a case study of a consulting company that provides
IT solutions to its clients and the security measures the company employs in order to escape
the security breach.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13ENTERPRISE SYSTEM
References
Ahmad, A., Maynard, S. B., & Shanks, G. (2015). A case analysis of information systems
and security incident responses. International Journal of Information
Management, 35(6), 717-723.
Bahssas, D. M., AlBar, A. M., & Hoque, M. R. (2015). Enterprise resource planning (ERP)
systems: design, trends and deployment. The International Technology Management
Review, 5(2), 72-81.
Delas, V., Nosova, E., & Yafinovych, O. (2015). Financial security of enterprises. Procedia
Economics and Finance, 27, 248-266.
Dotsenko, S., Illiashenko, O., Kamenskyi, S., & Kharchenko, V. (2019). Integrated Security
Management System for Enterprises in Industry 4.0. Information & Security, 43(1),
294-304.
Feldman, G., Shah, H., Chapman, C., & Amini, A. (2016). Technological, Organisational,
and Environmental drivers for enterprise systems upgrade. Industrial Management &
Data Systems, 116(8), 1636-1655.
Govindaraju, C. S., & Prabhavathi, C. N. (2017, December). Administration based on
network computing for enterprise systems: Enhancing the efficiency of network based
administration. In 2017 International Conference on Circuits, Controls, and
Communications (CCUBE) (pp. 91-94). IEEE.
Grytsenko, A. (2018). Strategic Principles for Strengthening the Economic Security of
Agricultural Enterprises. Accounting and Finance, (2), 118-124.
References
Ahmad, A., Maynard, S. B., & Shanks, G. (2015). A case analysis of information systems
and security incident responses. International Journal of Information
Management, 35(6), 717-723.
Bahssas, D. M., AlBar, A. M., & Hoque, M. R. (2015). Enterprise resource planning (ERP)
systems: design, trends and deployment. The International Technology Management
Review, 5(2), 72-81.
Delas, V., Nosova, E., & Yafinovych, O. (2015). Financial security of enterprises. Procedia
Economics and Finance, 27, 248-266.
Dotsenko, S., Illiashenko, O., Kamenskyi, S., & Kharchenko, V. (2019). Integrated Security
Management System for Enterprises in Industry 4.0. Information & Security, 43(1),
294-304.
Feldman, G., Shah, H., Chapman, C., & Amini, A. (2016). Technological, Organisational,
and Environmental drivers for enterprise systems upgrade. Industrial Management &
Data Systems, 116(8), 1636-1655.
Govindaraju, C. S., & Prabhavathi, C. N. (2017, December). Administration based on
network computing for enterprise systems: Enhancing the efficiency of network based
administration. In 2017 International Conference on Circuits, Controls, and
Communications (CCUBE) (pp. 91-94). IEEE.
Grytsenko, A. (2018). Strategic Principles for Strengthening the Economic Security of
Agricultural Enterprises. Accounting and Finance, (2), 118-124.
14ENTERPRISE SYSTEM
Happe, A., Duncan, B., & Bratterud, A. (2017, April). Unikernels for Cloud Architectures:
How Single Responsibility can Reduce Complexity, Thus Improving Enterprise
Cloud Security. In COMPLEXIS (pp. 30-41).
Hu, V. C., Kuhn, D. R., Ferraiolo, D. F., & Voas, J. (2015). Attribute-based access
control. Computer, 48(2), 85-88.
McIlwraith, A. (2016). Information security and employee behaviour: how to reduce risk
through employee education, training and awareness. Routledge.
Moskalenko, N., Romanenko, O., & Oliinyk, T. (2015). Approaches to enterprises’ financial
and economic security management. Економічний часопис-ХХІ, (7-8 (1)), 54-57.
Munira, R. A., Molok, N. N. A., & Talib, S. (2017, July). Exploring the Factors Influencing
Top Management Involvement in Information Security. In PACIS (p. 273).
Pinto, C. A., & Garvey, P. R. (2016). Advanced risk analysis in engineering enterprise
systems. CRC Press.
Preuveneers, D., Joosen, W., & Ilie-Zudor, E. (2018). Policy reconciliation for access control
in dynamic cross-enterprise collaborations. Enterprise Information Systems, 12(3),
279-299.
Sindiren, E., & Ciylan, B. (2019). Application model for privileged account access control
system in enterprise networks. Computers & Security, 83, 52-67.
Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic
attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
Happe, A., Duncan, B., & Bratterud, A. (2017, April). Unikernels for Cloud Architectures:
How Single Responsibility can Reduce Complexity, Thus Improving Enterprise
Cloud Security. In COMPLEXIS (pp. 30-41).
Hu, V. C., Kuhn, D. R., Ferraiolo, D. F., & Voas, J. (2015). Attribute-based access
control. Computer, 48(2), 85-88.
McIlwraith, A. (2016). Information security and employee behaviour: how to reduce risk
through employee education, training and awareness. Routledge.
Moskalenko, N., Romanenko, O., & Oliinyk, T. (2015). Approaches to enterprises’ financial
and economic security management. Економічний часопис-ХХІ, (7-8 (1)), 54-57.
Munira, R. A., Molok, N. N. A., & Talib, S. (2017, July). Exploring the Factors Influencing
Top Management Involvement in Information Security. In PACIS (p. 273).
Pinto, C. A., & Garvey, P. R. (2016). Advanced risk analysis in engineering enterprise
systems. CRC Press.
Preuveneers, D., Joosen, W., & Ilie-Zudor, E. (2018). Policy reconciliation for access control
in dynamic cross-enterprise collaborations. Enterprise Information Systems, 12(3),
279-299.
Sindiren, E., & Ciylan, B. (2019). Application model for privileged account access control
system in enterprise networks. Computers & Security, 83, 52-67.
Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic
attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
15ENTERPRISE SYSTEM
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
Tjoa, A. M., Da Xu, L., Raffai, M., & Novak, N. M. (Eds.). (2016). Research and Practical
Issues of Enterprise Information Systems: 10th IFIP WG 8.9 Working Conference,
CONFENIS 2016, Vienna, Austria, December 13–14, 2016, Proceedings (Vol. 268).
Springer.
VLĂDESCU, M., & Sgarciu, V. (2016). Maintaining high level information security in
enterprises using event correlation. Scientific Bulletin of University Politehnica of
Bucharest, Series C Electrical Engineering and Computer Science.
Yildirim, E. (2016). The importance of information security awareness for the success of
business enterprises. In Advances in Human Factors in Cybersecurity (pp. 211-222).
Springer, Cham.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
Tjoa, A. M., Da Xu, L., Raffai, M., & Novak, N. M. (Eds.). (2016). Research and Practical
Issues of Enterprise Information Systems: 10th IFIP WG 8.9 Working Conference,
CONFENIS 2016, Vienna, Austria, December 13–14, 2016, Proceedings (Vol. 268).
Springer.
VLĂDESCU, M., & Sgarciu, V. (2016). Maintaining high level information security in
enterprises using event correlation. Scientific Bulletin of University Politehnica of
Bucharest, Series C Electrical Engineering and Computer Science.
Yildirim, E. (2016). The importance of information security awareness for the success of
business enterprises. In Advances in Human Factors in Cybersecurity (pp. 211-222).
Springer, Cham.
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.