Network Security Report: ECHRS Ltd. Case Study and Analysis
VerifiedAdded on  2022/10/11
|22
|5061
|22
Report
AI Summary
This report provides an in-depth analysis of network security, focusing on the threats and vulnerabilities faced by IT-based companies, particularly using the case study of ECHRS Ltd. The report begins by outlining current security threats such as computer viruses, hackers, spyware, phishing, and SQL injection, and then discusses various tools and techniques to mitigate these threats, including encryption and vulnerability identification. It then assesses ECHRS Ltd.'s IT infrastructure, identifying vulnerabilities such as outdated systems, lack of a robust framework, and firewall configuration issues. The report considers legal, ethical, and professional issues, including GDPR compliance, and recommends specific security enhancements. The report highlights the importance of proactive and adaptive cybersecurity approaches to protect sensitive data and ensure the integrity of the network. Finally, the report concludes with a call for improved security measures and provides recommendations for ECHRS Ltd. to strengthen its network security posture and protect its clients and employees.
Running Head: Security of Network 0
Security of Network
Report
Student name
Security of Network
Report
Student name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security of Network 1
Table of Contents
Introduction......................................................................................................................................1
Task 1...............................................................................................................................................2
Current security threats................................................................................................................2
Computer viruses:.....................................................................................................................2
Hackers and Predators..............................................................................................................3
Spyware threats........................................................................................................................3
Phishing....................................................................................................................................3
SQL injection...........................................................................................................................3
Tools and techniques....................................................................................................................4
Encryption:...............................................................................................................................4
Vulnerabilities identification....................................................................................................4
Consideration of legal, ethical and professional issues................................................................4
Task 2...............................................................................................................................................5
Vulnerabilities in the company....................................................................................................8
Lack of updated in systems:.....................................................................................................8
No framework:.........................................................................................................................8
Firewall configuration:.............................................................................................................8
Selection, justification, and Evaluation........................................................................................9
Critical reflection.......................................................................................................................12
Recommendations..........................................................................................................................14
Conclusion.....................................................................................................................................15
References......................................................................................................................................16
Table of Contents
Introduction......................................................................................................................................1
Task 1...............................................................................................................................................2
Current security threats................................................................................................................2
Computer viruses:.....................................................................................................................2
Hackers and Predators..............................................................................................................3
Spyware threats........................................................................................................................3
Phishing....................................................................................................................................3
SQL injection...........................................................................................................................3
Tools and techniques....................................................................................................................4
Encryption:...............................................................................................................................4
Vulnerabilities identification....................................................................................................4
Consideration of legal, ethical and professional issues................................................................4
Task 2...............................................................................................................................................5
Vulnerabilities in the company....................................................................................................8
Lack of updated in systems:.....................................................................................................8
No framework:.........................................................................................................................8
Firewall configuration:.............................................................................................................8
Selection, justification, and Evaluation........................................................................................9
Critical reflection.......................................................................................................................12
Recommendations..........................................................................................................................14
Conclusion.....................................................................................................................................15
References......................................................................................................................................16
Security of Network 2
Introduction
In this report, task 1 will describe the security techniques for IT-based companies in the UK. In
task 2, it will explain about the issues of ECHRS Ltd with their IT Services and Its infrastructure.
It will include cybersecurity and other frameworks to secure their data from the third party.
Task 1
Equifax is a good and popular company in the UK. It provides various services to its customers.
It provides global information solution to their clients. It uses data analytics, unique data,
information technology, and experts for providing solutions. A computer network is an important
thing for an organization. A network is a group of computer systems and other networking
devices including router, switch, data centers, and other peripherals ( Beaver, 2013). There are
few things, which are a matter a lot for a network, which is the privacy and security of the data
and information. In addition, network management and controls are necessary to identify all the
things properly (Forouzan, 2007).
Current security threats
In the present era, various security threats are present in the network, which can damage data and
other things using malfunctions (Certiology, 2018). There are various threats for users and
companies for their data. Equifax is a well-known company of the UK, which has been faced
data breach in 2017 in which the company losses 143,000,000 number of records of financial and
credit reporting because of poor security. The company has few loopholes in their security.
There are some specific types of security threats are present in the environment, which can make
a huge impact on the reputation of Equifax, which areas:
Introduction
In this report, task 1 will describe the security techniques for IT-based companies in the UK. In
task 2, it will explain about the issues of ECHRS Ltd with their IT Services and Its infrastructure.
It will include cybersecurity and other frameworks to secure their data from the third party.
Task 1
Equifax is a good and popular company in the UK. It provides various services to its customers.
It provides global information solution to their clients. It uses data analytics, unique data,
information technology, and experts for providing solutions. A computer network is an important
thing for an organization. A network is a group of computer systems and other networking
devices including router, switch, data centers, and other peripherals ( Beaver, 2013). There are
few things, which are a matter a lot for a network, which is the privacy and security of the data
and information. In addition, network management and controls are necessary to identify all the
things properly (Forouzan, 2007).
Current security threats
In the present era, various security threats are present in the network, which can damage data and
other things using malfunctions (Certiology, 2018). There are various threats for users and
companies for their data. Equifax is a well-known company of the UK, which has been faced
data breach in 2017 in which the company losses 143,000,000 number of records of financial and
credit reporting because of poor security. The company has few loopholes in their security.
There are some specific types of security threats are present in the environment, which can make
a huge impact on the reputation of Equifax, which areas:
Security of Network 3
Computer viruses:
Computer viruses are complex computer programs, which make a huge impact on the data and
processing of computer systems. In addition, these programs can damage the software of the
computer systems as well as a network of the company. The company can use proper antiviruses
to stop these programs from internal and external networks (Coles, 2018).
Hackers and Predators
A normal person can access another person’s computer system using his or her personal
information and other data, which is easily available. Therefore, it is necessary to secure all the
personal data from strangers in online activities ( Dosal, 2018). They access the system and theft
important information of the victim and use that information in their personal uses. It is a serious
issue in front of a normal user as well as a professional user. Therefore, always use protection to
secure all the documents and credentials from hackers (Du & Chen, 2008).
Spyware threats
A severe laptop protection risk, spyware can access the devices and monitor them using online
activities and take permission for the installation of third-party software, which can access the
permission of the whole system ( Dosal, 2018). In addition, some users share their marketing
information for data analysis and other official works, which is not good for the reputation of the
company (Cowley, 2012).
Phishing
An attacker’s access economic information of the user for personal and third party uses in a
process. It is a bad practice of hackers to identify the data on the client's systems and access that
data without the permission of that user (Dye, et al., 2007). Phishing attacks are some of the
Computer viruses:
Computer viruses are complex computer programs, which make a huge impact on the data and
processing of computer systems. In addition, these programs can damage the software of the
computer systems as well as a network of the company. The company can use proper antiviruses
to stop these programs from internal and external networks (Coles, 2018).
Hackers and Predators
A normal person can access another person’s computer system using his or her personal
information and other data, which is easily available. Therefore, it is necessary to secure all the
personal data from strangers in online activities ( Dosal, 2018). They access the system and theft
important information of the victim and use that information in their personal uses. It is a serious
issue in front of a normal user as well as a professional user. Therefore, always use protection to
secure all the documents and credentials from hackers (Du & Chen, 2008).
Spyware threats
A severe laptop protection risk, spyware can access the devices and monitor them using online
activities and take permission for the installation of third-party software, which can access the
permission of the whole system ( Dosal, 2018). In addition, some users share their marketing
information for data analysis and other official works, which is not good for the reputation of the
company (Cowley, 2012).
Phishing
An attacker’s access economic information of the user for personal and third party uses in a
process. It is a bad practice of hackers to identify the data on the client's systems and access that
data without the permission of that user (Dye, et al., 2007). Phishing attacks are some of the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security of Network 4
most successful techniques for cybercriminals. In addition, they are accessing all the information
and share that information with another person for personal benefits (Forouzan, 2007).
SQL injection
A special program infected internal databases of Equifax, which is highly insecure for the
company. It is a complex function, which can affect the security of the database.
There are various common threats in the system, which can damage whole systems, as mention
in the above diagram, such as employees, virus, and many others (Gapiński, 2014).
Computer Network is a combined infrastructure of computer systems and networking devices.
Besides, most of the organizations are having their private network for security purposes.
However, the Internet is a basic requirement of an organization (So, 2011).
Tools and techniques
There are various tools and techniques are used for resolving and avoidance of security issues in
the company. These are the tools to protect the whole system from computer viruses, such as
Wireshark, Vega, Nmap, Oedipus, Paros, BeEF, Brakeman, and many others (Ghosekar, et al.,
2010). There are some good practices to avoid such types of issues in the system, which areas:
Encryption:
It is the best practice to secure data from hackers in the network. Humans within corporations
purpose the most problems. It provides education on the way to keep away from malware and
phishing assaults. The Yahoo breach becomes because of an employee clicking on a malicious
hyperlink (Groot, 2019).
most successful techniques for cybercriminals. In addition, they are accessing all the information
and share that information with another person for personal benefits (Forouzan, 2007).
SQL injection
A special program infected internal databases of Equifax, which is highly insecure for the
company. It is a complex function, which can affect the security of the database.
There are various common threats in the system, which can damage whole systems, as mention
in the above diagram, such as employees, virus, and many others (Gapiński, 2014).
Computer Network is a combined infrastructure of computer systems and networking devices.
Besides, most of the organizations are having their private network for security purposes.
However, the Internet is a basic requirement of an organization (So, 2011).
Tools and techniques
There are various tools and techniques are used for resolving and avoidance of security issues in
the company. These are the tools to protect the whole system from computer viruses, such as
Wireshark, Vega, Nmap, Oedipus, Paros, BeEF, Brakeman, and many others (Ghosekar, et al.,
2010). There are some good practices to avoid such types of issues in the system, which areas:
Encryption:
It is the best practice to secure data from hackers in the network. Humans within corporations
purpose the most problems. It provides education on the way to keep away from malware and
phishing assaults. The Yahoo breach becomes because of an employee clicking on a malicious
hyperlink (Groot, 2019).
Security of Network 5
Vulnerabilities identification
It is necessary to identify vulnerabilities of the system and remove it as soon as possible to
secure the whole systems from various security issues because of that vulnerability (Hern, 2018).
Consideration of legal, ethical and professional issues
There are many legal rules and regulations have created for the security of information assets by
the local and federal governments to secure personal data and financial information. In addition,
laws are those rules that mandate the behavior of people in accessing data and other assets (Jain,
2011). Laws are drawn from ethics. Therefore, ethics are necessary for information security and
other things. In addition, laws carry the authority of different government bodies to protect the
system from cybercrimes. However, ethics do not carry any authority of government agencies
(Kenneth C. Mansfield & Antonakos, 2009).
In addition, there is a huge impact on social and ethical issues on the security of the company. It
is necessary to provide training to the employees to understand cybersecurity and other
securities. It will provide better results for the company in terms of security (Mahto & Yadav,
2017). Besides, there are some internal security issues in the company, which is poor security
management. Therefore, the company must provide full security to its information security.
Vulnerabilities identification
It is necessary to identify vulnerabilities of the system and remove it as soon as possible to
secure the whole systems from various security issues because of that vulnerability (Hern, 2018).
Consideration of legal, ethical and professional issues
There are many legal rules and regulations have created for the security of information assets by
the local and federal governments to secure personal data and financial information. In addition,
laws are those rules that mandate the behavior of people in accessing data and other assets (Jain,
2011). Laws are drawn from ethics. Therefore, ethics are necessary for information security and
other things. In addition, laws carry the authority of different government bodies to protect the
system from cybercrimes. However, ethics do not carry any authority of government agencies
(Kenneth C. Mansfield & Antonakos, 2009).
In addition, there is a huge impact on social and ethical issues on the security of the company. It
is necessary to provide training to the employees to understand cybersecurity and other
securities. It will provide better results for the company in terms of security (Mahto & Yadav,
2017). Besides, there are some internal security issues in the company, which is poor security
management. Therefore, the company must provide full security to its information security.
Security of Network 6
There are many security solutions available in the market, such as cybersecurity, security
software, and hardware (Masucci, 2016).
The company uses various social media for marketing and advertising. It is a useful thing to
analyze market-using data analytics based on social media data. The company uses DMZ and
Virtual Private Network (VPN) for security of the data. However, the company faced data
breaches because of poor security.
There are many security solutions available in the market, such as cybersecurity, security
software, and hardware (Masucci, 2016).
The company uses various social media for marketing and advertising. It is a useful thing to
analyze market-using data analytics based on social media data. The company uses DMZ and
Virtual Private Network (VPN) for security of the data. However, the company faced data
breaches because of poor security.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Security of Network 7
Task 2
ECHRS Ltd has implemented a proper network to manage their various things. It provides
services in the healthcare sector. All the processes are properly monitored using DMZ and other
firewalls. In addition, the company has situated in Bradford. It provides web-portal and
telephone outsourcing services to various companies including payroll, and human resources
records. Besides, the company has a specialist division in Leicester, which handles health
services on causal zero-hour contracts with the help of doctors and nurses. The company has
maintained external clients from the ECHRS staff at Bradford.
In addition, General Data Protection Regulation (GDPR) has used for ethical and legal regulation
in the company, as the data of company and their customer’s data. Moreover, the company has a
proper IT infrastructure at Bradford, which full fill the basic requirements of all the clients. In the
present time, the company has implemented this hardware and software at the Bradford location,
which areas:
ï‚· Personal computer with Windows 10 operating system
ï‚· Windows Server 2012 R2 to run IIS web server and remote desktop services
ï‚· FAX services
ï‚· VoIP telephony server
Task 2
ECHRS Ltd has implemented a proper network to manage their various things. It provides
services in the healthcare sector. All the processes are properly monitored using DMZ and other
firewalls. In addition, the company has situated in Bradford. It provides web-portal and
telephone outsourcing services to various companies including payroll, and human resources
records. Besides, the company has a specialist division in Leicester, which handles health
services on causal zero-hour contracts with the help of doctors and nurses. The company has
maintained external clients from the ECHRS staff at Bradford.
In addition, General Data Protection Regulation (GDPR) has used for ethical and legal regulation
in the company, as the data of company and their customer’s data. Moreover, the company has a
proper IT infrastructure at Bradford, which full fill the basic requirements of all the clients. In the
present time, the company has implemented this hardware and software at the Bradford location,
which areas:
ï‚· Personal computer with Windows 10 operating system
ï‚· Windows Server 2012 R2 to run IIS web server and remote desktop services
ï‚· FAX services
ï‚· VoIP telephony server
Security of Network 8
The company makes a backup in magnetic tape, which is stored in the fireproof safe that is
situated at Bradford. The company has used GoDaddy to provide web and email services to their
clients. That division uses different types of systems, which are having Windows XP operating
systems as well as Windows 10 operating systems. All the staff members are using email
services though personal computer systems and few are accessing on their mobile devices as
well.
In addition, ISO/IEC 27001 framework is highly used at the international level to secure all
things properly. It has included audit process to know about the vulnerability and threats in the
system. Moreover, it is necessary to identify the vulnerabilities of the system and reduce them
for overcoming the losses of the system.
In addition, sometimes doctors have required remote desktop services to create notes about the
patients before making a report. Therefore, it is necessary to provide remote desktop service to
them to access the system from their home PCs.
The maximum tough undertaking in cyber safety is the ever-evolving nature of protection risks
themselves. Traditionally, companies and the government have centered most in their cyber
safety assets on perimeter protection to shield the simplest their maximum important system
The company makes a backup in magnetic tape, which is stored in the fireproof safe that is
situated at Bradford. The company has used GoDaddy to provide web and email services to their
clients. That division uses different types of systems, which are having Windows XP operating
systems as well as Windows 10 operating systems. All the staff members are using email
services though personal computer systems and few are accessing on their mobile devices as
well.
In addition, ISO/IEC 27001 framework is highly used at the international level to secure all
things properly. It has included audit process to know about the vulnerability and threats in the
system. Moreover, it is necessary to identify the vulnerabilities of the system and reduce them
for overcoming the losses of the system.
In addition, sometimes doctors have required remote desktop services to create notes about the
patients before making a report. Therefore, it is necessary to provide remote desktop service to
them to access the system from their home PCs.
The maximum tough undertaking in cyber safety is the ever-evolving nature of protection risks
themselves. Traditionally, companies and the government have centered most in their cyber
safety assets on perimeter protection to shield the simplest their maximum important system
Security of Network 9
components and shield against regarded treats. These days, this approach is inadequate, because
the threats develop and change speedier than groups can preserve up with. As a result, advisory
companies sell greater proactive and adaptive methods of cyber safety ( Dosal, 2018).
The issue is that ECHRS believes that data of the company has been breach from the third party
using any unofficial method. The company has suffered an intrusion. According to the General
Data Protection Regulation (GDPR), this type of condition is not good for the company because
personal and payroll data is highly sensitive for the company and its employees as well as
customers. Therefore, the company should make a decision to stop such type of issues on high
priority. In addition, the company has been found that some details of external clients' employees
with health reports.
Vulnerabilities in the company
The company has much vulnerability because of old systems and lack of update devices and
software. These are the vulnerabilities of the company:
Lack of updated in systems:
Computer systems are not properly updated with the advanced operating systems, such as
Windows 10, and others. Those systems are able to handle various types of security issues based
on their program definitions. Therefore, all the systems should update with Windows 10
operating systems with the latest patch (Yadav, 2018).
components and shield against regarded treats. These days, this approach is inadequate, because
the threats develop and change speedier than groups can preserve up with. As a result, advisory
companies sell greater proactive and adaptive methods of cyber safety ( Dosal, 2018).
The issue is that ECHRS believes that data of the company has been breach from the third party
using any unofficial method. The company has suffered an intrusion. According to the General
Data Protection Regulation (GDPR), this type of condition is not good for the company because
personal and payroll data is highly sensitive for the company and its employees as well as
customers. Therefore, the company should make a decision to stop such type of issues on high
priority. In addition, the company has been found that some details of external clients' employees
with health reports.
Vulnerabilities in the company
The company has much vulnerability because of old systems and lack of update devices and
software. These are the vulnerabilities of the company:
Lack of updated in systems:
Computer systems are not properly updated with the advanced operating systems, such as
Windows 10, and others. Those systems are able to handle various types of security issues based
on their program definitions. Therefore, all the systems should update with Windows 10
operating systems with the latest patch (Yadav, 2018).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security of Network 10
The threat is always finding a vulnerability to break the protection of the system or assets of the
organization. In addition, all those vulnerabilities make a way for threats to enter in the whole
system. Therefore, it is necessary to reduce the vulnerabilities of the system (Techdonut, 2018).
No framework:
The company should use the IT governance framework to monitor all the threats and
vulnerabilities of the system to reduce risks from the system. In addition, the IT governance
framework will provide full protection to the systems as well as the client’s data as well. There
are various types of IT governance frameworks are available in the market to secure the whole
system from cyber-attacks, such as COBIT, ISO/IEC 27001, ITIL, and many others (Subashini
& Kavitha, 2011).
Firewall configuration:
The company must configure their firewalls and other IDS and IPS systems to secure the whole
network of the company as well as different sites of the company. It will provide a high level of
network security to the company (Security-trails, 2018). Firewalls can reduce the chances of
cyber-attacks, as it secures all the incoming connection and other outgoing packets as well
(Tanenbaum, 2014).
Selection, justification, and Evaluation
Cybersecurity is a necessary thing for the company because the company has many personal data
of its clients as well as their employees. Therefore, the company is responsible for all data and
information of their clients because they stored all the data in their systems and databases. In
addition, there are many other issues of an organization, which are related to the security of the
data and information (Mukherjee, et al., 2014).
In addition, the company can manage a cybersecurity team to observe various types of issues in
the infrastructure related to IT assets. Moreover, many other things matter a lot for security of the
system, such as knowledge about a data breach, and other things.
The threat is always finding a vulnerability to break the protection of the system or assets of the
organization. In addition, all those vulnerabilities make a way for threats to enter in the whole
system. Therefore, it is necessary to reduce the vulnerabilities of the system (Techdonut, 2018).
No framework:
The company should use the IT governance framework to monitor all the threats and
vulnerabilities of the system to reduce risks from the system. In addition, the IT governance
framework will provide full protection to the systems as well as the client’s data as well. There
are various types of IT governance frameworks are available in the market to secure the whole
system from cyber-attacks, such as COBIT, ISO/IEC 27001, ITIL, and many others (Subashini
& Kavitha, 2011).
Firewall configuration:
The company must configure their firewalls and other IDS and IPS systems to secure the whole
network of the company as well as different sites of the company. It will provide a high level of
network security to the company (Security-trails, 2018). Firewalls can reduce the chances of
cyber-attacks, as it secures all the incoming connection and other outgoing packets as well
(Tanenbaum, 2014).
Selection, justification, and Evaluation
Cybersecurity is a necessary thing for the company because the company has many personal data
of its clients as well as their employees. Therefore, the company is responsible for all data and
information of their clients because they stored all the data in their systems and databases. In
addition, there are many other issues of an organization, which are related to the security of the
data and information (Mukherjee, et al., 2014).
In addition, the company can manage a cybersecurity team to observe various types of issues in
the infrastructure related to IT assets. Moreover, many other things matter a lot for security of the
system, such as knowledge about a data breach, and other things.
Security of Network 11
There are many advantages of a selection of a particular framework of cybersecurity and IT
governance for the company. The company can use a private virtual network for its enhancement
and security. There are many advantages of the virtual private network. VPN can be used for
securing all the personal computers from cyber-attacks and other issues (Rouse, 2015). However,
vulnerabilities are always present in the system but it can be managed with the security policies
and other things.
There are many advantages of a selection of a particular framework of cybersecurity and IT
governance for the company. The company can use a private virtual network for its enhancement
and security. There are many advantages of the virtual private network. VPN can be used for
securing all the personal computers from cyber-attacks and other issues (Rouse, 2015). However,
vulnerabilities are always present in the system but it can be managed with the security policies
and other things.
Security of Network 12
IT governance is necessary to implement in the company to manage their security and other
things in a proper way. All the information assets and domains must be secure from various
types of cyber-attacks. Therefore, it is necessary to manage all the issues at the proper time
without any delay. The computer network has many issues because of the various functions of
the working process (Sunshine, 2013).
In addition, IT governance provides management policies for security and privacy of the data
and information assets. Moreover, IT planning is highly required to manage various risks and
their consequences. However, cyber-attacks can choose any vulnerability of the systems but
systems must be fully protected to reduce losses as well.
Cybersecurity is necessary for securing all the information assets of the company. In addition,
network security evaluation is necessary for managing different works. There are many other
things, which matter a lot, such as product testing and certification. In addition, computer
security is necessary for the whole system (Mitchell, 2018).
IT governance is necessary to implement in the company to manage their security and other
things in a proper way. All the information assets and domains must be secure from various
types of cyber-attacks. Therefore, it is necessary to manage all the issues at the proper time
without any delay. The computer network has many issues because of the various functions of
the working process (Sunshine, 2013).
In addition, IT governance provides management policies for security and privacy of the data
and information assets. Moreover, IT planning is highly required to manage various risks and
their consequences. However, cyber-attacks can choose any vulnerability of the systems but
systems must be fully protected to reduce losses as well.
Cybersecurity is necessary for securing all the information assets of the company. In addition,
network security evaluation is necessary for managing different works. There are many other
things, which matter a lot, such as product testing and certification. In addition, computer
security is necessary for the whole system (Mitchell, 2018).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Security of Network 13
One of the most difficult elements of cybersecurity is the continually evolving nature of security
risks. In addition, the conventional approach has been to cognizance sources on important device
components. Moreover, it shields against the largest regarded threats, which supposed leaving
additives undefended and not shielding systems in opposition to much less risky risks.
One of the most difficult elements of cybersecurity is the continually evolving nature of security
risks. In addition, the conventional approach has been to cognizance sources on important device
components. Moreover, it shields against the largest regarded threats, which supposed leaving
additives undefended and not shielding systems in opposition to much less risky risks.
Security of Network 14
To cope with the present-day environment, advisory companies are promoting an extra proactive
and adaptive method. The National Institute of Standards and Technology (NIST), for example,
these days issued up to date guidelines in its threat evaluation framework that recommend a shift
toward non-stop monitoring and real-time checks.
Furthermore, Model 1.1 of the Framework for improving essential Infrastructure changed into
released in April 2018. All sectors, which include federal and kingdom governments may adopt
the voluntary cybersecurity framework, developed for use within the banking, communications,
and protection and power industries.
Advantages of using cybersecurity include:
ï‚· Improved confidence in the product for both developers and customers.
ï‚· Business protection against malware, ransomware, phishing, and social engineering.
ï‚· Protection for end-users
ï‚· Improves recovery time after a breach
ï‚· Protection for data and networks
ï‚· Prevention of unauthorized users
Cyber protection refers back to the body of technologies, processes, and practices designed to
defend networks, gadgets, programs, and information from assault, harm, or unauthorized access.
Cybersecurity will also be called information era safety.
Critical reflection
I learned about the various security issues in the company because of their old systems and lack
of management as well. In addition, the company should manage their clients using a proper
framework. There are many good things, which I learned during this task, as security threats and
vulnerabilities of the network and IT infrastructure.
I learned that many loopholes are presented in the network of the company that requires huge
protection to avoid a high level of loss of data and information of the company as well as their
clients. In addition, cybersecurity is an essential thing in the whole assignment, which provides
security and privacy to the data of the company as well as their client’s personal data and
information.
To cope with the present-day environment, advisory companies are promoting an extra proactive
and adaptive method. The National Institute of Standards and Technology (NIST), for example,
these days issued up to date guidelines in its threat evaluation framework that recommend a shift
toward non-stop monitoring and real-time checks.
Furthermore, Model 1.1 of the Framework for improving essential Infrastructure changed into
released in April 2018. All sectors, which include federal and kingdom governments may adopt
the voluntary cybersecurity framework, developed for use within the banking, communications,
and protection and power industries.
Advantages of using cybersecurity include:
ï‚· Improved confidence in the product for both developers and customers.
ï‚· Business protection against malware, ransomware, phishing, and social engineering.
ï‚· Protection for end-users
ï‚· Improves recovery time after a breach
ï‚· Protection for data and networks
ï‚· Prevention of unauthorized users
Cyber protection refers back to the body of technologies, processes, and practices designed to
defend networks, gadgets, programs, and information from assault, harm, or unauthorized access.
Cybersecurity will also be called information era safety.
Critical reflection
I learned about the various security issues in the company because of their old systems and lack
of management as well. In addition, the company should manage their clients using a proper
framework. There are many good things, which I learned during this task, as security threats and
vulnerabilities of the network and IT infrastructure.
I learned that many loopholes are presented in the network of the company that requires huge
protection to avoid a high level of loss of data and information of the company as well as their
clients. In addition, cybersecurity is an essential thing in the whole assignment, which provides
security and privacy to the data of the company as well as their client’s personal data and
information.
Security of Network 15
A security professional must check all the basic points of cybersecurity, such as firewall,
antivirus, operating systems, and many other things (Paquet, 2013). There are many issues
related to the basic things of the whole IT infrastructure. In addition, basic policies are a matter
of a lot in the security of the whole system. There are many other points, which are necessary for
the security of the whole systems, such as no external devices in the company’s personal
computers to avoid viruses.
It is necessary to follow all the guidelines of network security, which are provided by the
frameworks to secure the whole system. There are many other advantages of following
guidelines such as reduce vulnerabilities (Lammle, 2011). The company must follow the
guidelines of GDPR, which provides a high level of security to information assets (Nadeau,
2019). In addition, the company makes its information assets secure using GDPR (Palmer,
2019).
Cybersecurity is a necessary thing for a normal user on the internet as well as professional in the
industry, as most of the person has their personal data on the internet, which is sensitive.
Therefore, it is necessary to secure all the documents from hackers and data breaches using
cybersecurity (Rouse, 2019).
The reason for cybersecurity is to assist prevents cyber-attacks, statistics breaches, and identity
theft and can useful resource in hazard control. While a business enterprise has a sturdy feel of
community protection and a powerful incident reaction plan, its miles higher capable of saving
you and mitigate cyber-attacks. As an example, quit user safety defends records and guards in
opposition to loss or robbery whilst also scanning computer systems for malicious code. Carriers
in cybersecurity fields will typically use the endpoint, community, and superior danger
protection security as well as information loss prevention. Three typically acknowledged
cybersecurity providers encompass Cisco, McAfee, and Trend Micro (Lord, 2019).
Cisco has a tendency to cognizance on networks and permits its customers to utilize firewalls,
VPNs, and superior malware protection alongside assisting electronic mail and endpoint security.
Cisco additionally supports actual-time malware blocking off.
A security professional must check all the basic points of cybersecurity, such as firewall,
antivirus, operating systems, and many other things (Paquet, 2013). There are many issues
related to the basic things of the whole IT infrastructure. In addition, basic policies are a matter
of a lot in the security of the whole system. There are many other points, which are necessary for
the security of the whole systems, such as no external devices in the company’s personal
computers to avoid viruses.
It is necessary to follow all the guidelines of network security, which are provided by the
frameworks to secure the whole system. There are many other advantages of following
guidelines such as reduce vulnerabilities (Lammle, 2011). The company must follow the
guidelines of GDPR, which provides a high level of security to information assets (Nadeau,
2019). In addition, the company makes its information assets secure using GDPR (Palmer,
2019).
Cybersecurity is a necessary thing for a normal user on the internet as well as professional in the
industry, as most of the person has their personal data on the internet, which is sensitive.
Therefore, it is necessary to secure all the documents from hackers and data breaches using
cybersecurity (Rouse, 2019).
The reason for cybersecurity is to assist prevents cyber-attacks, statistics breaches, and identity
theft and can useful resource in hazard control. While a business enterprise has a sturdy feel of
community protection and a powerful incident reaction plan, its miles higher capable of saving
you and mitigate cyber-attacks. As an example, quit user safety defends records and guards in
opposition to loss or robbery whilst also scanning computer systems for malicious code. Carriers
in cybersecurity fields will typically use the endpoint, community, and superior danger
protection security as well as information loss prevention. Three typically acknowledged
cybersecurity providers encompass Cisco, McAfee, and Trend Micro (Lord, 2019).
Cisco has a tendency to cognizance on networks and permits its customers to utilize firewalls,
VPNs, and superior malware protection alongside assisting electronic mail and endpoint security.
Cisco additionally supports actual-time malware blocking off.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security of Network 16
McAfee makes cybersecurity products for consumers and company customers. McAfee supports
mobile, corporation clouds, network, internet, and server-based protection. Information safety
and encryption are likewise presented.
Cybersecurity is vital due to the fact authorities, military, company, economic, and clinical
groups gather, procedure, and save exceptional quantities of facts on computers and other
devices. An extensive portion of those facts may be touchy records, whether that is highbrow
assets, economic statistics, personal data, or other varieties of information for which
unauthorized access or publicity could have terrible effects. Corporations transmit touchy facts
across networks and to other gadgets within the route of doing corporations. Cybersecurity
describes the field committed to protective that statistics and the systems used to the manner or
shop it.
As the quantity and sophistication of cyber assaults develop, businesses and businesses,
specifically the ones, which can be tasked with safeguarding information referring to
countrywide safety, health, or monetary information, need to take steps to guard their touchy
business and personnel statistics. As early as March 2013, the kingdom’s pinnacle intelligence
officers cautioned that cyber assaults and virtual spying are the pinnacle hazard to countrywide
safety, eclipsing even terrorism.
I want to share my critical learning from my experience of this case that vulnerabilities can be
overcome using finding them properly with the help of tools and techniques. IT infrastructure
must be secured to make a good image of the company in the market.
I also learned that education and training are must require the employees to reduce different
types of security consequences in the company. In addition, employees must know about the role
and responsibility of information assets in the company.
Recommendations
There are some recommendations for the company to avoid data breaches and other security
issues. These are the recommendations:
ï‚· Develop a cybersecurity team to secure all the sites under the company
McAfee makes cybersecurity products for consumers and company customers. McAfee supports
mobile, corporation clouds, network, internet, and server-based protection. Information safety
and encryption are likewise presented.
Cybersecurity is vital due to the fact authorities, military, company, economic, and clinical
groups gather, procedure, and save exceptional quantities of facts on computers and other
devices. An extensive portion of those facts may be touchy records, whether that is highbrow
assets, economic statistics, personal data, or other varieties of information for which
unauthorized access or publicity could have terrible effects. Corporations transmit touchy facts
across networks and to other gadgets within the route of doing corporations. Cybersecurity
describes the field committed to protective that statistics and the systems used to the manner or
shop it.
As the quantity and sophistication of cyber assaults develop, businesses and businesses,
specifically the ones, which can be tasked with safeguarding information referring to
countrywide safety, health, or monetary information, need to take steps to guard their touchy
business and personnel statistics. As early as March 2013, the kingdom’s pinnacle intelligence
officers cautioned that cyber assaults and virtual spying are the pinnacle hazard to countrywide
safety, eclipsing even terrorism.
I want to share my critical learning from my experience of this case that vulnerabilities can be
overcome using finding them properly with the help of tools and techniques. IT infrastructure
must be secured to make a good image of the company in the market.
I also learned that education and training are must require the employees to reduce different
types of security consequences in the company. In addition, employees must know about the role
and responsibility of information assets in the company.
Recommendations
There are some recommendations for the company to avoid data breaches and other security
issues. These are the recommendations:
ï‚· Develop a cybersecurity team to secure all the sites under the company
Security of Network 17
ï‚· Establish firewalls and servers to secure all the systems and networks.
ï‚· Implement an IT governance framework to secure all the information assets of the
company
ï‚· Develop a security team to secure all the sites of the company as well as clients
ï‚· Implement network monitor software to monitor and control different types of suspicious
issues
ï‚· Identify vulnerabilities of the whole systems to protect the system from threats, such as
viruses, malware, and others.
ï‚· Develop a response team to mitigate critical issues within a given response time
The company for its growth and success in the future must follow all the recommendations as
well as secure their information assets from cyber-attacks. In addition, the company should
always update their antiviruses and operating systems.
Conclusion
It has concluded that an organization must provide security to their clients in respect of their data
and information. Therefore, the company should identify their vulnerabilities and threats to avoid
risks in the future. There are various types of threats, which make a huge impact on the security
of the company.
The company should adopt a security framework and other necessary things to complete all the
work with a high level of privacy and security. That is a good practice for the company and it
will provide huge growth and success to the company in the future. Network security is an
essential thing in the market for an organization. In addition, the reputation of a company can
damage a data breach. Therefore, it is a common responsibility of the company to secure all the
data of their company as well as their clients using cybersecurity.
In addition, tools and techniques must use by the companies to secure all the data of their clients
from various types of security issues and cyber-attacks.
ï‚· Establish firewalls and servers to secure all the systems and networks.
ï‚· Implement an IT governance framework to secure all the information assets of the
company
ï‚· Develop a security team to secure all the sites of the company as well as clients
ï‚· Implement network monitor software to monitor and control different types of suspicious
issues
ï‚· Identify vulnerabilities of the whole systems to protect the system from threats, such as
viruses, malware, and others.
ï‚· Develop a response team to mitigate critical issues within a given response time
The company for its growth and success in the future must follow all the recommendations as
well as secure their information assets from cyber-attacks. In addition, the company should
always update their antiviruses and operating systems.
Conclusion
It has concluded that an organization must provide security to their clients in respect of their data
and information. Therefore, the company should identify their vulnerabilities and threats to avoid
risks in the future. There are various types of threats, which make a huge impact on the security
of the company.
The company should adopt a security framework and other necessary things to complete all the
work with a high level of privacy and security. That is a good practice for the company and it
will provide huge growth and success to the company in the future. Network security is an
essential thing in the market for an organization. In addition, the reputation of a company can
damage a data breach. Therefore, it is a common responsibility of the company to secure all the
data of their company as well as their clients using cybersecurity.
In addition, tools and techniques must use by the companies to secure all the data of their clients
from various types of security issues and cyber-attacks.
Security of Network 18
References
Beaver, K., 2013. Top 5 Common Network Security Vulnerabilities that Are Often Overlooked.
[Online]
Available at: https://www.acunetix.com/blog/articles/the-top-5-network-security-vulnerabilities/
Dosal, E., 2018. 5 Common Network Security Problems and Solutions. [Online]
Available at: https://www.compuquip.com/blog/5-common-network-security-problems-and-
solutions
[Accessed 12 March 2019].
Certiology, 2018. Network Devices:. [Online]
Available at: http://www.certiology.com/computing/computer-networking/network-devices.html
[Accessed 29 08 2018].
Coles, C., 2018. 9 Cloud Computing Security Risks Every Company Faces. [Online]
Available at: https://www.skyhighnetworks.com/cloud-security-blog/9-cloud-computing-
security-risks-every-company-faces/
Cowley, J., 2012. Communications and Networking. 2 ed. kingswinford: Springer Science &
Business Media.
Du, X. & Chen, H. H., 2008. Security in wireless sensor networks. IEEE Wireless
Communications, 15(4), p. 1.
Dye, M., McDonald, R. & Rufi, A., 2007. Network Fundamentals, CCNA Exploration
Companion Guide. Indianapolis: Cisco press..
Forouzan, A. B., 2007. Data communications & networking. 8th ed. New Delhi: Tata McGraw-
Hill Education.
Gapiński, A., 2014. Strategies for Computer Networks Security. Kwartalnik Nauk o
Przedsiębiorstwie, Volume 3, pp. 59-65.
References
Beaver, K., 2013. Top 5 Common Network Security Vulnerabilities that Are Often Overlooked.
[Online]
Available at: https://www.acunetix.com/blog/articles/the-top-5-network-security-vulnerabilities/
Dosal, E., 2018. 5 Common Network Security Problems and Solutions. [Online]
Available at: https://www.compuquip.com/blog/5-common-network-security-problems-and-
solutions
[Accessed 12 March 2019].
Certiology, 2018. Network Devices:. [Online]
Available at: http://www.certiology.com/computing/computer-networking/network-devices.html
[Accessed 29 08 2018].
Coles, C., 2018. 9 Cloud Computing Security Risks Every Company Faces. [Online]
Available at: https://www.skyhighnetworks.com/cloud-security-blog/9-cloud-computing-
security-risks-every-company-faces/
Cowley, J., 2012. Communications and Networking. 2 ed. kingswinford: Springer Science &
Business Media.
Du, X. & Chen, H. H., 2008. Security in wireless sensor networks. IEEE Wireless
Communications, 15(4), p. 1.
Dye, M., McDonald, R. & Rufi, A., 2007. Network Fundamentals, CCNA Exploration
Companion Guide. Indianapolis: Cisco press..
Forouzan, A. B., 2007. Data communications & networking. 8th ed. New Delhi: Tata McGraw-
Hill Education.
Gapiński, A., 2014. Strategies for Computer Networks Security. Kwartalnik Nauk o
Przedsiębiorstwie, Volume 3, pp. 59-65.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Security of Network 19
Ghosekar, P., Katkar, G. & Ghorpade, P., 2010. Mobile ad hoc networking: imperatives and
challenges. IJCA Special issue on MANETs, Volume 3, pp. 153-158.
Groot, J. D., 2019. What is the General Data Protection Regulation? Understanding &
Complying with GDPR Requirements in 2019. [Online]
Available at: https://digitalguardian.com/blog/what-gdpr-general-data-protection-regulation-
understanding-and-complying-gdpr-data-protection
[Accessed 15 August 2019].
Hern, A., 2018. What is GDPR and how will it affect you?. [Online]
Available at: https://www.theguardian.com/technology/2018/may/21/what-is-gdpr-and-how-will-
it-affect-you
[Accessed 16 August 2019].
Jain, M. K., 2011. Wireless sensor networks: Security issues and challenges. International
Journal of Computer and Information Technology, 2(1), pp. 62-67.
Kenneth C. Mansfield, J. & Antonakos, J. L., 2009. Computer Networking for LANS to WANS:
Hardware, Software and Security. 1 ed. Bostan(MA): Cengage Learning.
Lammle, T., 2011. CCNA Cisco Certified Network Associate Deluxe Study Guide. indiana: John
Wiley & Sons.
Lord, N., 2019. What is Cyber Security? Definition, Best Practices & More. [Online]
Available at: https://digitalguardian.com/blog/what-cyber-security
[Accessed 18 August 2019].
Mahto, D. & Yadav, D. K., 2017. Security improvement of one-time password using crypto-
biometric model. New Delhi, Springer, pp. 347-353.
Masucci, M., 2016. 4 Ways to Ensure Network Physical Security. [Online]
Available at: https://www.belden.com/blog/smart-building/4-ways-to-ensure-network-physical-
security
Mitchell, B., 2018. What Is Computer Networking?. [Online]
Available at: https://www.lifewire.com/what-is-computer-networking-816249
Ghosekar, P., Katkar, G. & Ghorpade, P., 2010. Mobile ad hoc networking: imperatives and
challenges. IJCA Special issue on MANETs, Volume 3, pp. 153-158.
Groot, J. D., 2019. What is the General Data Protection Regulation? Understanding &
Complying with GDPR Requirements in 2019. [Online]
Available at: https://digitalguardian.com/blog/what-gdpr-general-data-protection-regulation-
understanding-and-complying-gdpr-data-protection
[Accessed 15 August 2019].
Hern, A., 2018. What is GDPR and how will it affect you?. [Online]
Available at: https://www.theguardian.com/technology/2018/may/21/what-is-gdpr-and-how-will-
it-affect-you
[Accessed 16 August 2019].
Jain, M. K., 2011. Wireless sensor networks: Security issues and challenges. International
Journal of Computer and Information Technology, 2(1), pp. 62-67.
Kenneth C. Mansfield, J. & Antonakos, J. L., 2009. Computer Networking for LANS to WANS:
Hardware, Software and Security. 1 ed. Bostan(MA): Cengage Learning.
Lammle, T., 2011. CCNA Cisco Certified Network Associate Deluxe Study Guide. indiana: John
Wiley & Sons.
Lord, N., 2019. What is Cyber Security? Definition, Best Practices & More. [Online]
Available at: https://digitalguardian.com/blog/what-cyber-security
[Accessed 18 August 2019].
Mahto, D. & Yadav, D. K., 2017. Security improvement of one-time password using crypto-
biometric model. New Delhi, Springer, pp. 347-353.
Masucci, M., 2016. 4 Ways to Ensure Network Physical Security. [Online]
Available at: https://www.belden.com/blog/smart-building/4-ways-to-ensure-network-physical-
security
Mitchell, B., 2018. What Is Computer Networking?. [Online]
Available at: https://www.lifewire.com/what-is-computer-networking-816249
Security of Network 20
[Accessed 16 January 2019].
Mukherjee, . A., Fakoorian, S. A. A., Huang, J. & Swindlehurst, A. L., 2014. Principles of
physical layer security in multiuser wireless networks: A survey. A survey. IEEE
Communications Surveys & Tutorials, 16(3), pp. 1550-1576.
Nadeau, M., 2019. General Data Protection Regulation (GDPR): What you need to know to stay
compliant. [Online]
Available at: https://www.csoonline.com/article/3202771/general-data-protection-regulation-
gdpr-requirements-deadlines-and-facts.html
[Accessed 15 August 2019].
Palmer, D., 2019. What is GDPR? Everything you need to know about the new general data
protection regulations. [Online]
Available at: https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/
[Accessed 15 August 2019].
Paquet, C., 2013. Network Security Concepts and Policies. [Online]
Available at: http://www.ciscopress.com/articles/article.asp?p=1998559&seqNum=3
[Accessed 4 June 2019].
Rouse, M., 2015. VPN (virtual private network). [Online]
Available at: https://searchnetworking.techtarget.com/definition/virtual-private-network
[Accessed 22 May 2019].
Rouse, M., 2019. cybersecurity. [Online]
Available at: https://searchsecurity.techtarget.com/definition/cybersecurity
[Accessed 15 August 2019].
Security-trails, 2018. Top 10 Common Network Security Threats Explained. [Online]
Available at: https://securitytrails.com/blog/top-10-common-network-security-threats-explained
So, K., 2011. Cloud computing security issues and challenges.. International Journal of
Computer Networks, 3(5), pp. 247-255.
[Accessed 16 January 2019].
Mukherjee, . A., Fakoorian, S. A. A., Huang, J. & Swindlehurst, A. L., 2014. Principles of
physical layer security in multiuser wireless networks: A survey. A survey. IEEE
Communications Surveys & Tutorials, 16(3), pp. 1550-1576.
Nadeau, M., 2019. General Data Protection Regulation (GDPR): What you need to know to stay
compliant. [Online]
Available at: https://www.csoonline.com/article/3202771/general-data-protection-regulation-
gdpr-requirements-deadlines-and-facts.html
[Accessed 15 August 2019].
Palmer, D., 2019. What is GDPR? Everything you need to know about the new general data
protection regulations. [Online]
Available at: https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/
[Accessed 15 August 2019].
Paquet, C., 2013. Network Security Concepts and Policies. [Online]
Available at: http://www.ciscopress.com/articles/article.asp?p=1998559&seqNum=3
[Accessed 4 June 2019].
Rouse, M., 2015. VPN (virtual private network). [Online]
Available at: https://searchnetworking.techtarget.com/definition/virtual-private-network
[Accessed 22 May 2019].
Rouse, M., 2019. cybersecurity. [Online]
Available at: https://searchsecurity.techtarget.com/definition/cybersecurity
[Accessed 15 August 2019].
Security-trails, 2018. Top 10 Common Network Security Threats Explained. [Online]
Available at: https://securitytrails.com/blog/top-10-common-network-security-threats-explained
So, K., 2011. Cloud computing security issues and challenges.. International Journal of
Computer Networks, 3(5), pp. 247-255.
Security of Network 21
Subashini, S. & Kavitha, V., 2011. A survey on security issues in service delivery models of
cloud computing.. Journal of network and computer applications, 34(1), pp. 1-11.
Sunshine, C. A., 2013. Computer network architectures and protocols. New Jersy: Springer
Science & Business Media.
Tanenbaum, A. S., 2014. Computer networks. Harlow, Essex: Pearson.
Techdonut, 2018. Network management tasks. [Online]
Available at: https://www.techdonut.co.uk/buy-and-manage-it/regular-it-maintenance/network-
management-tasks
[Accessed 29 08 2018].
Yadav, A., 2018. Network Design: Firewall, IDS/IPS. [Online]
Available at: https://resources.infosecinstitute.com/network-design-firewall-idsips/
[Accessed 14 March 2019].
Subashini, S. & Kavitha, V., 2011. A survey on security issues in service delivery models of
cloud computing.. Journal of network and computer applications, 34(1), pp. 1-11.
Sunshine, C. A., 2013. Computer network architectures and protocols. New Jersy: Springer
Science & Business Media.
Tanenbaum, A. S., 2014. Computer networks. Harlow, Essex: Pearson.
Techdonut, 2018. Network management tasks. [Online]
Available at: https://www.techdonut.co.uk/buy-and-manage-it/regular-it-maintenance/network-
management-tasks
[Accessed 29 08 2018].
Yadav, A., 2018. Network Design: Firewall, IDS/IPS. [Online]
Available at: https://resources.infosecinstitute.com/network-design-firewall-idsips/
[Accessed 14 March 2019].
1 out of 22
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.