Evaluation on IT Security Systems Research Paper - 275 Words

Evaluation on IT Security Systems (Research Paper Sample) Content: Evaluation on IT Security Systems Students NameUniversity Affiliation Evaluation on IT Security SystemsIn any office setting, the security status of the information systems is essential to the safety of the records, the efficiency in running of the system and ultimately the level of tamper- proofing the system has. Although all systems are prone to attack by various overrides and spoofs, the heightened security of a network would reduce the possibility of interference with the systems, and in this way averting situations such as this case scenario. An employee successfully hacked into a records system and was able to create a false state, which allowed him to find his way into the data storage system (McCumber, 2004). In this manner, he overwrote the data on the store data and later on caused consequences to other employees in the business. A case involving hacking into data systems should be considered malicious and treated in the same manner since the hacker is moti vated in the destructive aspect. The IT department was however able to identify the threat and install limiting measures in the same respect. However, this response came rather late, since significant damage had already been done. While considering the aftermath of this case, on should also analyze the importance the data that was accessed by the hacker, as compared to the sensitivity of the detecting apparatus available; in addition to the security status of the whole system (Hu Mao, 2007). The incident can be described in terms of the security override employed, the surpassing of the installed firewall and the actual break-in. The hacker initially engaged spoofing technique, which allowed him to create a listening window. Thus, this hacker was then able to falsify his identity, gaining access to stored data. Since he was able to write the data, it can be rightly presumed that he had already gained standard user access (Ratnam Rajkumar, 2012). Later on, after creating a user prof ile, he was able to exchange emails with the auditor. Through this route, he gained access to other financial records in the same way he accessed the initial records. After modifying significant units of data, this unusual activity led the IT staff to realize that an external party was making the mentioned alterations. In the case of such an event there are some departments that need notification, in an attempt to contain the situation. There were significant financial records modified, so the auditor and the financier need to know. All IT security personnel also should be invited to scrutinize the situation, all the while identifying other possible gateways for hackers. Concerned stakeholders, including the manager of the firm, the security detail, and major decision-makers need to be involved. In the post-event evaluation, the IT department was rather blind to the goings-on, since they only identified the situation when there were other indicators of the attack. In containing the attack, the IT department first needs to shut down all unnecessary networking itineraries in the business, until all possible gateways are manned in preparation for any further attack- this measure would be a semi-permanent solution, while the network is patched up. Afterwards, the financial records should be re-evaluated immediately, with any sort of reconciliation of records being done at this stage (McCumber, 2004). Continuous assessment of the records should be a standard practice since the possibility of one of the staff, including the IT personnel, changing a part of the data in the financial records is possible. Additionally, the installation of an updated security profile would reduce the possibility of attacks from external parties. Several factors contributed heavily to the occurrence, most of these factors being avoidable. IT systems are always under attack from malicious, roaming, and targeting hackers, who aim at gaining access to sensitive data within the network. Thes e hackers target communication between the various departments, with the hope that sensitive messages (such as the emails from the auditor) will be passed through the system. All preparedness to such situations should be done before such situations since the losses from hacker attacks are hardly quantifiable. IN the first place, a factor of under-preparedness for the attack caused the employee to have an easy time accessing the system. Lack of a scanning agent, one that would detect unusual changes in communication and stored data contributed to the losses after the attack. Essentially, this is because the agent would detect the change immediately and alert personnel; directly limiting the hacker (Hu Mao, 2007). Then, the possibility of the changes in sensitive data could have been averted by the password securing of the documents. Most data editing software have two-step security, which requires the users to have an authentication password after accessing the file through the fold er security.In the restoration of the system, several parts will need total overhauling, with others requiring updating to current security settings. In the first place, the documents will need changeover to newer formats with security apparatus setup. As much as the firm can rely on the security if their network installation, this can prove disastrous in the case of a well-structured attack. Additionally, the systems need a real firewall; one with updates for overrides such as fake IPs, Heartbleed supersedes and overuse status adapters (Ratnam Rajkumar, 2012).. Afterwards, the user identity verifiers have to be updated, such that the users presence is limited to the business. Use of such an installation would reduce the possibility of an attack to the inside of the building. When the system refurbishment is complete, the network can be re-launched to apply all changes. Invitation of an external white hat hacker to test the systems is advised since he would be able to identify any other weaknesses the systems have. He would quickly confirm the operability of the new system, and allow for further patching to be done. Although the IT personnel positively identified and described the attack, their reaction was limited to the occurrence alone encouraging the occurrence of another attack. Their reaction was only in response to the initial record-changing occurrence and did not include all other possible attacks. Information systems need constant checking for threats in relativity to the quality of the previous installations. IN the first place, the staff did not response to the possibility of remnants of the attack, in form of signal sending software installed into the system, created backdoors and bugs (holes) left after the attack. Furthermore, they did...