Securing Information Systems

Management Decision Problems

1. K2 Network operates online game sites used by about 16 million people in over 100 countries. Players are allowed to enter a game for free but must buy digital “assets” from K2, such as swords to fight dragons if they want to be deeply involved. The games can accommodate millions of players at once and are played simultaneously by people all over the world. Prepare a security analysis for this Internet-based business. What kinds of threats should it anticipate? What would be their impact on the business? What steps can it take to prevent damage to its websites and continuing operations?

--> The idea of online gaming can cause many security vulnerabilities within a network. K2 network, which provides services to around 16 million people globally, may be at risk for such threats.

The threats that should be anticipated are as follows:

Hackers are motivated by profit or just for the challenge it is always to be expected hackers will attempt for one reason or another.
As K2 is a big network, it can be infected by malicious software.
Another threat is a denial-of-service (DoS) attack, which would mean that the computer’s network server is hacked, ultimately resulting in a network crash.
Hackers or intruders can also access the network and obtain consumer information when transactions are made.
Similarly, some middle networks can add an unnecessary advertisement that will annoy the user.

The impact that would be on the business because of the above threats are as follows:

It can potentially put them out of business.
Hackers can do illegal activities by deleting data or performing unauthorized actions, this could discourage customers to join the K2 network.
There might be slow performing of the site because of malicious software and can increase unnecessary maintenance time and cost.
They must hire the best technical member. So, they can counterattack hackers.

The steps that it can take to prevent damage to its websites and continuing operations are as follows:

The organization's employees are insiders and are the first line of defense training and educating employees about phishing emails, proper disposal of trash, changing passwords, pharming, keeping software up to date, and doing everything they can to prevent and resist the anticipated threats.
They can use advanced technology or software that uses an advanced algorithm to inform a company before hacking is going to start.
They can incorporate authentication and authorization measures in place for their employees via passwords, smartcard or tokens, and fingerprints and signatures authentication before gaining access.

Since security and privacy issue is much important to protect the company’s intellectual property. They must adopt a strong network and software to protect against unethical activities in their company.

2. A survey of your firm’s information technology infrastructure has produced the following security analysis statistics:

SECURITY VULNERABILITIES BY TYPE OF COMPUTING PLATFORM

High-risk vulnerabilities include non-authorized users accessing applications, guessable passwords, and user names matching the password, active user accounts with missing passwords, and the existence of unauthorized programs in application systems.

Medium-risk vulnerabilities include the ability of users to shut down the system without being logged on, passwords, and screen saver settings that were not established for PCs, and outdated versions of software still being stored on hard drives.

Low-risk vulnerabilities include the inability of users to change their passwords, user passwords that have not been changed periodically, and passwords that were smaller than the minimum size specified by the company.

A) Calculate the total number of vulnerabilities for each platform. What is the potential impact of the security problems for each computing platform on the organization?

--> The chart represents the total vulnerabilities for each platform in the firm’s IT infrastructure:

The potential impact of the security problems for each computing platform on the organization are as follows:

Windows Server (corporate applications): Could allow for local privilege seriousness due to failing to properly handle memory objects. Microsoft will no longer release bug fixes and new vulnerabilities won’t be addressed.
Windows 7 Enterprise (high-level administrators): A common vulnerability is a potential for remote code execution when a user opens or previews a maliciously prepared file or visits a website containing content that exploits the vulnerability.
Linux (e-mail and printing services): The wake of a disaster or drive failure may encounter along. Authorized passwords may be cracked.
Sun Solaris (Unix) (e-commerce and web servers): This is going to have an impact on confidentiality and integrity. This affects the function of the component Network File System (NFS).
Windows 7 Enterprise: A virus may infect computers through the internet. Hackers may steal important documents from social profiling.

B) If you only have one information system specialist in charge of security, which platforms should you address first in trying to eliminate these vulnerabilities? Second? Third? Last? Why?

--> If I only have one information systems specialist in charge of security, I should address first in trying to eliminate these vulnerabilities in Windows Server.

Because of the following reasons:

They are advanced and technical programs and are used to control other clients through network communication.
If these computers are not in proper condition, then we can’t use other small computers.
The down of the server will result in the collapse of the whole IT system.
Also, servers are more powerful than others, so we must give first priority to it as it will help to check the vulnerability on other software and laptops.

C) Identify the types of control problems illustrated by these vulnerabilities and explain the measures that should be taken to solve them.

--> The types of control problems illustrated by these vulnerabilities are as follows:

Authorization violation: Access by an entity that lacks the proper access rights.
Bypassing controls: Exploitation of system laws or weaknesses by an authorized user to acquire unauthorized privileges.
Illegitimate use: knowingly or unknowingly intruding on system resources.
Indiscretion: Indiscriminate the opening of information files and so on.
Information leakage: Unintentional provision of information to a disguised third party.
Integrity violation: Messages and the computer infrastructure are subjected to unauthorized modification or destruction.
Replay: Use of information previously captured without necessarily knowing what it means.

The measures that should be taken to solve the above vulnerabilities are as follows:

The Fire Brigade Strategy (Incident Response): Treat vulnerabilities as incidents and respond to them individually, remediating quickly under pressure.
Building Blocks Strategy (Asset Focused): Identify the highest risk assets and fix them first, regardless of specific vulnerability conditions.
Vulcan Logic Strategy (Vulnerability Focused): Prioritize the vulnerabilities, fix the highest priorities first.
The Hive Strategy (Central Analysis, Distributed Work): Information security performs analysis of the vulnerability scanning results and provides much-directed remediation instructions to the larger organization.
Board of Directors Strategy (Distributed Analysis and Work Centralized Tracking): Identify metrics for tracking progress overall, then allow each group within the organization the freedom to reduce vulnerability risk as they see fit.
Process Optimizer Strategy (Reduce Attack Surface): Forget about vulnerabilities and focus on reducing the overall attack surface through aggressive implementation of least privilege and elimination of unnecessary services and systems.