Comprehensive IT Risk Management Report for Aztek's Financial Services
VerifiedAdded on 2020/04/07
|21
|5543
|435
Report
AI Summary
This report assesses IT risks for Aztek as they integrate IT services and outsource operations. It highlights advantages, disadvantages, and financial risks, detailing systematic and unsystematic risks, strategic risks, market risks, and credit risks. The report emphasizes compliance with government regulations and best practices. It analyzes threats such as phishing attacks, data packet sniffing, IP spoofing, port scanning, and backdoors, and proposes control measures to mitigate these risks. It recommends a security model focused on recognizing objectives, assessing applications, and highlighting security objectives to protect sensitive client and company data. The document is available on Desklib, a platform offering study tools and solved assignments for students.
Running head: IT RISK MANAGEMENT
IT Risk Management
Name of the Student
Name of the University
Author’s note
IT Risk Management
Name of the Student
Name of the University
Author’s note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1IT RISK MANAGEMENT
Executive Summary
The report has been developed for Aztek as they are going to adopt the IT services to
facilitate their company's objectives and also to outsource their services to a third party
company. The advantages and disadvantages, the financial risks have been highlighted in the
report, along with that the financial risks have been discussed. The threats and the
vulnerabilities have been showcased in the report as well. The security measures that Aztek
must adopt to mitigate the risks have been elaborated in the report as well. The secure
business operations can assist Aztek as well as their stakeholders and investors.
Executive Summary
The report has been developed for Aztek as they are going to adopt the IT services to
facilitate their company's objectives and also to outsource their services to a third party
company. The advantages and disadvantages, the financial risks have been highlighted in the
report, along with that the financial risks have been discussed. The threats and the
vulnerabilities have been showcased in the report as well. The security measures that Aztek
must adopt to mitigate the risks have been elaborated in the report as well. The secure
business operations can assist Aztek as well as their stakeholders and investors.
2IT RISK MANAGEMENT
Table of Contents
Introduction................................................................................................................................3
Review in regards to the financial services................................................................................3
Government regulations.............................................................................................................5
Best practices.............................................................................................................................6
Review of project along with the current security measures.....................................................6
Analysing threats, vulnerabilities and the final outcome...........................................................7
Control measures to mitigate the threats associated with Aztek..............................................13
References................................................................................................................................17
Table of Contents
Introduction................................................................................................................................3
Review in regards to the financial services................................................................................3
Government regulations.............................................................................................................5
Best practices.............................................................................................................................6
Review of project along with the current security measures.....................................................6
Analysing threats, vulnerabilities and the final outcome...........................................................7
Control measures to mitigate the threats associated with Aztek..............................................13
References................................................................................................................................17
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3IT RISK MANAGEMENT
Introduction
Aztek is going to adopt the IT services to embellish their company’s objectives and
also to outsource their services to a third party company and they can be highly benefitted
from the cloud technology (Wu & Olson, 2015).
The report will highlight the threats and the vulnerabilities involved with the system.
The report will also showcase the security measures by which they can carry on their
business activities in a well-secured manner.
Review in regards to the financial services
The risks correlated with the financial sector are-
The systematic risks
The systematic risks are the risks in which individual has no control over. The risks
occur due to the external factors are influenced by external factors like war, political factors
whose effect cannot be controlled by any enterprise or any organisation or any industry.The
systematic risks also get affected by the interest rates and the recession (McNeil, Frey &
Embrechts, 2015). They can be divided into the following categories- Interest rate, risk,
market risk and the purchasing power risk. Here in this risk none have clue.
The Unsystematic risks
The risks can be well controlled. The individuals or any organisations can control and
manage the risks. The risks are within one's range and can be mitigated by simple means. The
types of risks that fall under unsystematic risk are a financial risk factor, liquidity risk and
operational risks (Lam, 2014). The effect is malignant compared to the systematic risk.
Relevant risk
Introduction
Aztek is going to adopt the IT services to embellish their company’s objectives and
also to outsource their services to a third party company and they can be highly benefitted
from the cloud technology (Wu & Olson, 2015).
The report will highlight the threats and the vulnerabilities involved with the system.
The report will also showcase the security measures by which they can carry on their
business activities in a well-secured manner.
Review in regards to the financial services
The risks correlated with the financial sector are-
The systematic risks
The systematic risks are the risks in which individual has no control over. The risks
occur due to the external factors are influenced by external factors like war, political factors
whose effect cannot be controlled by any enterprise or any organisation or any industry.The
systematic risks also get affected by the interest rates and the recession (McNeil, Frey &
Embrechts, 2015). They can be divided into the following categories- Interest rate, risk,
market risk and the purchasing power risk. Here in this risk none have clue.
The Unsystematic risks
The risks can be well controlled. The individuals or any organisations can control and
manage the risks. The risks are within one's range and can be mitigated by simple means. The
types of risks that fall under unsystematic risk are a financial risk factor, liquidity risk and
operational risks (Lam, 2014). The effect is malignant compared to the systematic risk.
Relevant risk
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4IT RISK MANAGEMENT
The systematic risk falls under the relevant risk. The relevant risks are those risks which can
be detected, the risks which can be analysed, the risks which can be controlled. The relevant
risks are systematic risks and not he unsystematic risks where individuals or nay enterprises
have no control over (Chance & Brooks, 2015). The key risks which fall under the category
are the operational risk, legal risk, regulatory risk and solvency risk.
Strategic risk
The strategic risks get erupted in the organisation due to improper decision-making
and wrong strategy due to which a project fails. The risks also state that the management
team has failed to come up with the changes. This risk can affect the growth of the
organisation.
Market risk
The market risks are the risks which get erupted due to the abnormal price rise of any
commodity or any resources. The price rise affects the company, affects the finance section
of the company (Chance & Brooks, 2015). The market risk is correlated with the financial
market risk, interest rate risk and the equity risk.
Credit risk
The credit risks occur when the borrower fails to pay the loan they have taken. The
lender should have taken the responsibility to judge whether the borrower is capable to repay
the loan with interest or not, if not judged properly the risk gets erupted. The credit risks
occur when the money lender lose the whole money or the whole principle.
The legal compliance of all the countries are more or less same and Australia is no
exception. Aztek must abide by the legal compliance as this can benefit them in the long run,
this can assist them to take the best decision so that they can run the business activities
The systematic risk falls under the relevant risk. The relevant risks are those risks which can
be detected, the risks which can be analysed, the risks which can be controlled. The relevant
risks are systematic risks and not he unsystematic risks where individuals or nay enterprises
have no control over (Chance & Brooks, 2015). The key risks which fall under the category
are the operational risk, legal risk, regulatory risk and solvency risk.
Strategic risk
The strategic risks get erupted in the organisation due to improper decision-making
and wrong strategy due to which a project fails. The risks also state that the management
team has failed to come up with the changes. This risk can affect the growth of the
organisation.
Market risk
The market risks are the risks which get erupted due to the abnormal price rise of any
commodity or any resources. The price rise affects the company, affects the finance section
of the company (Chance & Brooks, 2015). The market risk is correlated with the financial
market risk, interest rate risk and the equity risk.
Credit risk
The credit risks occur when the borrower fails to pay the loan they have taken. The
lender should have taken the responsibility to judge whether the borrower is capable to repay
the loan with interest or not, if not judged properly the risk gets erupted. The credit risks
occur when the money lender lose the whole money or the whole principle.
The legal compliance of all the countries are more or less same and Australia is no
exception. Aztek must abide by the legal compliance as this can benefit them in the long run,
this can assist them to take the best decision so that they can run the business activities
5IT RISK MANAGEMENT
smoothly and fast. The external risk can be fatal for any organisation or to an industry that is
why the unsystematic risk must be deal with patience (Chance & Brooks, 2015). The external
risks can cause a devastating effect to Aztek and the can increase the risks.
Aztek’s internal risks are-
The communication technique procedure
The transparent techniques follow through
In this case, Aztek must develop certain strategies to meet their business goals, have
to adopt certain strategies so that Aztek can execute the projects comfortably without any
risks. Aztek must take the initiative to educate their employees and if the employees have the
sound knowledge on the threats and the vulnerabilities and the security measures then they
can serve the customers well and with much ease (Bromiley et al., 2015. They can well adept
with the cloud technology and the IT services quite well. This can enhance their business
activities and market share as a whole.
Government regulations
The federal body of each and every country apply certain rules, certain policies and
by following those rules and the policies the organisations the enterprises can work fast with
more productivity. Similarly, Aztek following the rules and the policies made by Australia
can embellish their business activities as a whole. This can help to conduct the business
effectively as well as ethically (Sadgrove, 2016). Thus Aztek management team should act
proactively and must follow the rules accordingly as that can provide them with the business
benefits. The factors on which the authorities must focus on-
smoothly and fast. The external risk can be fatal for any organisation or to an industry that is
why the unsystematic risk must be deal with patience (Chance & Brooks, 2015). The external
risks can cause a devastating effect to Aztek and the can increase the risks.
Aztek’s internal risks are-
The communication technique procedure
The transparent techniques follow through
In this case, Aztek must develop certain strategies to meet their business goals, have
to adopt certain strategies so that Aztek can execute the projects comfortably without any
risks. Aztek must take the initiative to educate their employees and if the employees have the
sound knowledge on the threats and the vulnerabilities and the security measures then they
can serve the customers well and with much ease (Bromiley et al., 2015. They can well adept
with the cloud technology and the IT services quite well. This can enhance their business
activities and market share as a whole.
Government regulations
The federal body of each and every country apply certain rules, certain policies and
by following those rules and the policies the organisations the enterprises can work fast with
more productivity. Similarly, Aztek following the rules and the policies made by Australia
can embellish their business activities as a whole. This can help to conduct the business
effectively as well as ethically (Sadgrove, 2016). Thus Aztek management team should act
proactively and must follow the rules accordingly as that can provide them with the business
benefits. The factors on which the authorities must focus on-
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6IT RISK MANAGEMENT
i. The policies made by the federal authority must be carefully examined, it must be checked
whether the policies are related to financial sections or not. If those policies are applied must
be applied in an effective manner so that the productivity can be gained.
ii. The risks residing within the company must be checked and analysed, the market of the
employees and the financial market must be analysed as well. Otherwise, the company will
face huge losses.
iii. The process which is absolute necessity must be followed accordingly and that to be
followed in the best way. Following the procedure, the risks incurred within the organisation
huge losses can be minimised (Bolton, Chen & Wang, 2013).
Best practices
Aztek by following the aforesaid procedures can solve the problems that incurred as a
result of outsourcing. The challenges that Aztek faced while conducting the business
activities must be addressed and if possible in some cases must be discussed with the
investors and the stakeholders to get an any better outcome. The following report has
showcased the advantages as well as the problems incurred while performing the mentioned
practices.
Review of project along with the current security measures
The report has showcased various aspects of the Aztek company as a whole. The
benefits and the ill effects of the related IT services have been detailed in the report. The IT
services that Aztek has planned to perform are network configuration, installation of
application software and conducting proper management system for the desktop (Ali,
Warren, & Mathiassen, 2017). Aztek needs to identify the various aspects of the IT services
i. The policies made by the federal authority must be carefully examined, it must be checked
whether the policies are related to financial sections or not. If those policies are applied must
be applied in an effective manner so that the productivity can be gained.
ii. The risks residing within the company must be checked and analysed, the market of the
employees and the financial market must be analysed as well. Otherwise, the company will
face huge losses.
iii. The process which is absolute necessity must be followed accordingly and that to be
followed in the best way. Following the procedure, the risks incurred within the organisation
huge losses can be minimised (Bolton, Chen & Wang, 2013).
Best practices
Aztek by following the aforesaid procedures can solve the problems that incurred as a
result of outsourcing. The challenges that Aztek faced while conducting the business
activities must be addressed and if possible in some cases must be discussed with the
investors and the stakeholders to get an any better outcome. The following report has
showcased the advantages as well as the problems incurred while performing the mentioned
practices.
Review of project along with the current security measures
The report has showcased various aspects of the Aztek company as a whole. The
benefits and the ill effects of the related IT services have been detailed in the report. The IT
services that Aztek has planned to perform are network configuration, installation of
application software and conducting proper management system for the desktop (Ali,
Warren, & Mathiassen, 2017). Aztek needs to identify the various aspects of the IT services
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT RISK MANAGEMENT
that can assist them to carry out the business operations in an effective manner. Aztek has
planned to undertake the strategies that can prove helpful in mere future.
The stakeholders involves the-
i. The government agencies work together in accordance with the policies relevant to
outsourcing.
ii. Investors of Aztek
iii. The management team and staffs of Aztek
iv. Regular clients and irregular clients
Analysing threats, vulnerabilities and the final outcome
Effective decision making is important and must be chosen wisely to outsource all the
IT services and for this reason, Aztek should test all the vulnerabilities of the company. This
kind of initiative will help them to get the desired result which can help them to enhance the
services. The threats can be disastrous so they must be handled with care and effective
decision-making can help to mitigate the threats and vulnerabilities incurred. Generally,
Aztek serves financial services to the clients all over Australia s (Rittinghouse & Ransome,
2016). Therefore they deal with the personal information of the clients and that is why they
must safeguard these vital data of the customers safely and securely and must not disclose.
However, due to the malware attack, those data can get hacked and breached.
The IT services’ risks if not diminished in time can create havoc. The whole database
and the system can get breached as a result of this and Aztek’s reputation can be under threat.
The company can lose the clients’ base, can even lose huge lots of money (Choo, 2014). Thus
a security model must be developed to add the security measures to the Aztek database and
that can assist them to carry out the business operations in an effective manner. Aztek has
planned to undertake the strategies that can prove helpful in mere future.
The stakeholders involves the-
i. The government agencies work together in accordance with the policies relevant to
outsourcing.
ii. Investors of Aztek
iii. The management team and staffs of Aztek
iv. Regular clients and irregular clients
Analysing threats, vulnerabilities and the final outcome
Effective decision making is important and must be chosen wisely to outsource all the
IT services and for this reason, Aztek should test all the vulnerabilities of the company. This
kind of initiative will help them to get the desired result which can help them to enhance the
services. The threats can be disastrous so they must be handled with care and effective
decision-making can help to mitigate the threats and vulnerabilities incurred. Generally,
Aztek serves financial services to the clients all over Australia s (Rittinghouse & Ransome,
2016). Therefore they deal with the personal information of the clients and that is why they
must safeguard these vital data of the customers safely and securely and must not disclose.
However, due to the malware attack, those data can get hacked and breached.
The IT services’ risks if not diminished in time can create havoc. The whole database
and the system can get breached as a result of this and Aztek’s reputation can be under threat.
The company can lose the clients’ base, can even lose huge lots of money (Choo, 2014). Thus
a security model must be developed to add the security measures to the Aztek database and
8IT RISK MANAGEMENT
system. Aztek requires cooperation from the clients as they are going to shift to the cloud,
shift to a cloud platform. They should not forget the demands and wishes of the third party
organisation. In this case, Aztek's management team has developed a model and the model is
based on the following factors-
Strategies to recognise the objectives- The risks involved with the database storage is
the main area of concern. The secured framework can protect them from potential threats and
cater them the best solutions.
The assassination of applications- The application programs must be chosen wisely
by Aztek. The assessment of risks must be conducted after that. The aforesaid approach can
help them to get the desired outcome they want (Islam et al., 2016). The secured framework
can help them to use the IT services in a more efficient manner; it also assists them to take
the best plan to assure the security of their database and the system.
The highlight of the features of the security objectives- Aztek via the security
framework model can assess the vulnerabilities and the threats associated with Aztek's
system. The Aztek management should act in a proactive manner and should be aware of the
fact their database contains the sensitive information of the clients and also the financial data
of their company (Choo, 2014). These data must not get compromised at any cost and Aztec
should make sure of this.
Identification of threats
Phishing attacks- The phishing attack is carried out by the hackers. The hackers gain
access to one’s system and stole all the vital data. They copy the HTML code of Aztek and
develop a site which is Aztek look-alike. The users who are innocent tries to gain access to
the system entering all the credentials and thus the hackers acquire all the credentials for
system. Aztek requires cooperation from the clients as they are going to shift to the cloud,
shift to a cloud platform. They should not forget the demands and wishes of the third party
organisation. In this case, Aztek's management team has developed a model and the model is
based on the following factors-
Strategies to recognise the objectives- The risks involved with the database storage is
the main area of concern. The secured framework can protect them from potential threats and
cater them the best solutions.
The assassination of applications- The application programs must be chosen wisely
by Aztek. The assessment of risks must be conducted after that. The aforesaid approach can
help them to get the desired outcome they want (Islam et al., 2016). The secured framework
can help them to use the IT services in a more efficient manner; it also assists them to take
the best plan to assure the security of their database and the system.
The highlight of the features of the security objectives- Aztek via the security
framework model can assess the vulnerabilities and the threats associated with Aztek's
system. The Aztek management should act in a proactive manner and should be aware of the
fact their database contains the sensitive information of the clients and also the financial data
of their company (Choo, 2014). These data must not get compromised at any cost and Aztec
should make sure of this.
Identification of threats
Phishing attacks- The phishing attack is carried out by the hackers. The hackers gain
access to one’s system and stole all the vital data. They copy the HTML code of Aztek and
develop a site which is Aztek look-alike. The users who are innocent tries to gain access to
the system entering all the credentials and thus the hackers acquire all the credentials for
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9IT RISK MANAGEMENT
entering their system (Albakri et al., 2014). The hackers also attack the clients by means of
spam emails the innocent clients click on the suspicious email and get trapped.
Data Packet Sniffing- The insecure network can be vulnerable to attack, the insecure
network along with the data flow through this network can get hijacked by the hackers and in
this way they can rob all the sensitive data of the clients.
IP spoofing-IP spoofing is another means by which Aztek's clients can get trapped.
The hackers generally carried out their attack remaining in the background hibernating from
others. They hide their source and attack (Albakri et al., 2014). Thus Aztek can only find out
that the hackers have attacked but cannot be able to find out from which source they are
carrying out their vulnerable attack.
Port Scanning- The hackers via port scanning can know the service Aztek is utilising
in their office premises. Then the hackers try to figure out the loopholes in their services and
find out the loopholes they carry out their attack. Azteks’ system can be exploited by the
same.
Backdoors- The backdoors are created by the web developers to facilitate the
development of the site. The web developers keep a constant look on the website code and
decide
Identification of vulnerabilities
i. Predictable session identifiers- Using the Base 64 the hackers identify the session
identifiers. The algorithm is reverse engineered by the hackers to carry on their misdeeds.
ii. Dependent on client-side validation- The settings of browser and the browser
history can get hacked and along with that the Javascript stored in the database gets disabled
by the hackers. In this way, the security of the system and the database can get threatened.
entering their system (Albakri et al., 2014). The hackers also attack the clients by means of
spam emails the innocent clients click on the suspicious email and get trapped.
Data Packet Sniffing- The insecure network can be vulnerable to attack, the insecure
network along with the data flow through this network can get hijacked by the hackers and in
this way they can rob all the sensitive data of the clients.
IP spoofing-IP spoofing is another means by which Aztek's clients can get trapped.
The hackers generally carried out their attack remaining in the background hibernating from
others. They hide their source and attack (Albakri et al., 2014). Thus Aztek can only find out
that the hackers have attacked but cannot be able to find out from which source they are
carrying out their vulnerable attack.
Port Scanning- The hackers via port scanning can know the service Aztek is utilising
in their office premises. Then the hackers try to figure out the loopholes in their services and
find out the loopholes they carry out their attack. Azteks’ system can be exploited by the
same.
Backdoors- The backdoors are created by the web developers to facilitate the
development of the site. The web developers keep a constant look on the website code and
decide
Identification of vulnerabilities
i. Predictable session identifiers- Using the Base 64 the hackers identify the session
identifiers. The algorithm is reverse engineered by the hackers to carry on their misdeeds.
ii. Dependent on client-side validation- The settings of browser and the browser
history can get hacked and along with that the Javascript stored in the database gets disabled
by the hackers. In this way, the security of the system and the database can get threatened.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10IT RISK MANAGEMENT
iii. SQL injection- SQL injection threats is another notable one. The hackers by
exploiting the Aztek database can acquire the credentials of the clients from the database.
iv. Unauthorised execution of operations- The authorization and authentication of
Aztek can get threatened by the hackers and Aztek can face severe loss.
v. Cross-site scripting- The cookies can get stolen from the browsers by the hackers
and make it exploitable to attack (Peltier, 2016). The hackers who have the knowledge of
web scripting language, CSS and HTML can exploit and make any Aztek’s client website
vulnerable to attack. The hackers can install virus too.
vi. Issues related to uploading- The Aztek system applications and the database can
be under serious threat due to the malware attack. The hackers via XSS and the Trojans can
exploit the system and the database.
vii. Issues related to logging out- The clients sometimes feel too lazy to log out of the
system, the attackers can gain into the Aztek account via an insecure network and can rob the
important data of the database, thus the clients' data can get breached (Sennewald & Baillie,
2015).
viii. Passwords- The clients sometimes set very easy predictable passwords for their
system which can be guessable and thus the system becomes vulnerable to attack. The lazy
approach from the clients can prove dangerous (Rittinghouse & Ransome, 2016). The hackers
via brute force method can gain access to the system and expose the vulnerabilities residing
within the database and the system of Aztek.
ix. The unencrypted passwords- The clients unknowingly store passwords in their
system as they tend to forget the password. The attackers attack the system via virus and
malware and Trojan virus and acquire those files where the password is written. Also, the
iii. SQL injection- SQL injection threats is another notable one. The hackers by
exploiting the Aztek database can acquire the credentials of the clients from the database.
iv. Unauthorised execution of operations- The authorization and authentication of
Aztek can get threatened by the hackers and Aztek can face severe loss.
v. Cross-site scripting- The cookies can get stolen from the browsers by the hackers
and make it exploitable to attack (Peltier, 2016). The hackers who have the knowledge of
web scripting language, CSS and HTML can exploit and make any Aztek’s client website
vulnerable to attack. The hackers can install virus too.
vi. Issues related to uploading- The Aztek system applications and the database can
be under serious threat due to the malware attack. The hackers via XSS and the Trojans can
exploit the system and the database.
vii. Issues related to logging out- The clients sometimes feel too lazy to log out of the
system, the attackers can gain into the Aztek account via an insecure network and can rob the
important data of the database, thus the clients' data can get breached (Sennewald & Baillie,
2015).
viii. Passwords- The clients sometimes set very easy predictable passwords for their
system which can be guessable and thus the system becomes vulnerable to attack. The lazy
approach from the clients can prove dangerous (Rittinghouse & Ransome, 2016). The hackers
via brute force method can gain access to the system and expose the vulnerabilities residing
within the database and the system of Aztek.
ix. The unencrypted passwords- The clients unknowingly store passwords in their
system as they tend to forget the password. The attackers attack the system via virus and
malware and Trojan virus and acquire those files where the password is written. Also, the
11IT RISK MANAGEMENT
hackers search for the hidden files in the system where the password is saved in unencrypted
form.
x. Phishing attack- The phishing attack is another noteworthy mention which is a
disastrous one, the hackers send spam emails to the clients of Aztek claiming that they are
sending emails from Aztek (Almorsy et al., 2016). The clients can unknowingly enter those
malicious sites and thus can lose confidentiality and lose all the credentials and can even lose
all the sensitive data.
xi. The absence of account lockout- The account lockout absenteeism can lead to
cybercrime attack.
xii. Not showing the previous sessions- The innocent clients unknowingly can enter
their personal information again and again and thus risks their own privacy. In this way by
catering the username, password the clients can get into trouble and their confidential data
can get breached (Ahmad & Maynard, 2014).
xiii. No appropriate settings for cookie security: The hackers can develop a channel
for Aztek clients and the server and via this channel, the browser cookies get transmitted
(Siponen Mahmood & Pahnila, 2014). The hackers first exploit the system and gain access to
those browser cookies and this way threats can spread all over Aztek.
xiv. Weak cyphers- The attackers can expose the system and the database and can
record what is being transacted and in this way, the SSL key is cracked the intruders get into
the system.
It can be concluded that Aztek management needs to implement a correct strategy via
which the security management risks can be checked. Via this method correct methodologies
must be adapted to control, to implement, and to work on the information security system.
hackers search for the hidden files in the system where the password is saved in unencrypted
form.
x. Phishing attack- The phishing attack is another noteworthy mention which is a
disastrous one, the hackers send spam emails to the clients of Aztek claiming that they are
sending emails from Aztek (Almorsy et al., 2016). The clients can unknowingly enter those
malicious sites and thus can lose confidentiality and lose all the credentials and can even lose
all the sensitive data.
xi. The absence of account lockout- The account lockout absenteeism can lead to
cybercrime attack.
xii. Not showing the previous sessions- The innocent clients unknowingly can enter
their personal information again and again and thus risks their own privacy. In this way by
catering the username, password the clients can get into trouble and their confidential data
can get breached (Ahmad & Maynard, 2014).
xiii. No appropriate settings for cookie security: The hackers can develop a channel
for Aztek clients and the server and via this channel, the browser cookies get transmitted
(Siponen Mahmood & Pahnila, 2014). The hackers first exploit the system and gain access to
those browser cookies and this way threats can spread all over Aztek.
xiv. Weak cyphers- The attackers can expose the system and the database and can
record what is being transacted and in this way, the SSL key is cracked the intruders get into
the system.
It can be concluded that Aztek management needs to implement a correct strategy via
which the security management risks can be checked. Via this method correct methodologies
must be adapted to control, to implement, and to work on the information security system.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 21
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.