Information Security Assignment: Risks, Countermeasures, and Protocols

Verified

Added on 2022/11/13

AI Summary

This assignment delves into the realm of information security, specifically addressing the vulnerabilities associated with corporate email systems. It begins by identifying key risks such as human error and unauthorized access, detailing how these can lead to data breaches and compromise sensitive information. The assignment then explores various countermeasures and safeguards to enhance email privacy, including implementing management controls, careful system planning, two-factor authentication, and malware protection. Furthermore, it examines the benefits and drawbacks of cryptographic protocols, highlighting their role in confidentiality, authentication, data integrity, and non-repudiation, while also acknowledging their limitations in terms of accessibility and selective access control. Finally, the assignment outlines countermeasures to defend against network protocol attacks, such as fortifying network defense systems, installing anti-malware software, and educating employees on preventive measures. The assignment uses resources such as Stallings, W., & Brown, L. (2017). Computer security: Principles and practice (4th ed.).

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION SECURITY
Table of Contents
1. Risk associated with corporate email.....................................................................................2
2. Counter measures and safeguard to e-mail privacy...............................................................2
3.Benefits and drawback of cryptographic protocols:................................................................3
4. Countermeasures to defend network protocol........................................................................4
References:.................................................................................................................................5

2INFORMATION SECURITY
1. Risk associated with corporate email
The corporate webmail is a convenient service to its employees provided by the
organization. However, it also get opened several potential risks regarding information leaks
to other competitor companies. The two major risks which are associated with the corporate
email are listed below:
i) Human Error: The webmail makes easier for the employees to access to their
official emails. The employees often access their official emails from the outside of the office
too. Suppose any employee logged in to their official id from a public computer, their key
information can be easily monitored by anyone and that person can easily breach into the
employee’s official email id. Another case may arise if the employee forgets to log out from
their official email id which they have opened from the public computers can give easy
access to the computer’s next users.
ii) Easy access to email system: Once the official mail gets hacked it get easier for the
hackers to read confidential mails and also achieve the authority to send mail using
company's official account. Even if the employees of the company does not share their
webmail address, the hackers can easily guess it, as most of the corporate emails address
follows almost a common pattern. The hackers easily guess the login IDs by phishing attack
traps (Meyers et al., 2018). Thereafter, they can log in into the webmail page by hacking it
and easily steal any confidential data associated with the organization.
2. Counter measures and safeguard to e-mail privacy
The official e-mails are often sent outside to some external unauthorized networks
which is beyond the company's security boundary (Chory, Vela & Avtgis, 2016). If these

3INFORMATION SECURITY
messages are not encrypted properly then it can be easily read, copied and modified along the
way. Some safeguards and counter measures which can be adopted by the companies to
defend the confidentiality of the messages.
The security safeguards to be followed are:
i) Implementing management control: The efficient managerial planning and control
should be implemented regarding the risk management and security policies.
ii) Careful planning and system installation: It is important plan from the most
critical aspect of deploying a secure mail system before installation.
The Counter measures to be followed are:
i) Implementing two factor authentication: Two factors authentication plays an
important while logging in into the webmail. Every time the user log in, it generates an OTP
and sends it to the registered phone number for logging in. It provides an extra layer of
security protection.
ii) Malware protection: Enabling the firewall protection can provide a safeguard from
the unauthorized malicious software (Leitold, Arrott, & Kam 2017). The organization must
perform frequent malware scanning and spam filter scanning at the mail system levels.
3.Benefits and drawback of cryptographic protocols:
Cryptography is one of the most essential information security tool (Hussein., Khalid
& Khanfar ,2016). It provides four basic security services:
i)Confidentiality: Encryption technique provides guard from unauthorized access.
ii) Authentication: Digital signature protects information from forgeries.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION SECURITY
iii) Data integrity: The hash function plays an important role in assuring user about
data integrity.
iv)Non-repudiation: Digital signature provides the non- repudiation service to
safeguard the information which may arise due to the denial of message passing by the
sender.
The drawbacks of cryptographic protocols are:
i) Difficult to access at crucial time.
ii) High availability
iii) Selective access control
4. Countermeasures to defend network protocol
The countermeasures to defend against network protocol attacks are:
i) Fortifying the network defense system.
ii) Installing anti-malware and anti-virus software
iii) Educating employees across the organization to adopt preventing measure to avoid
webmail attacks

5INFORMATION SECURITY
References:
Chory, R. M., Vela, L. E., & Avtgis, T. A. (2016). Organizational surveillance of computer-
mediated workplace communication: employee privacy concerns and
responses. Employee Responsibilities and Rights Journal, 28(1), 23-43.
Hussein, N. H., Khalid, A., & Khanfar, K. (2016). A survey of cryptography cloud storage
techniques. Int J Comput Sci Mobile Comput, 5(2), 186-191.
Leitold, F., Arrott, A., & Kam, W. (2017, June). Measuring cloud-based anti-malware
protection for office 365 user accounts. In 2017 International Conference On Cyber
Situational Awareness, Data Analytics And Assessment (Cyber SA) (pp. 1-7). IEEE.
Meyers, J. J., Hansen, D. L., Giboney, J. S., & Rowe, D. C. (2018, September). Training
Future Cybersecurity Professionals in Spear Phishing using SiEVE. In Proceedings of
the 19th Annual SIG Conference on Information Technology Education (pp. 135-140).
International World Wide Web Conferences Steering Committee.