Egos have asked me to evaluate a network for security threats and provide solutions.
The egos catalogue sales have 50 users with no log onto the network therefore all 50 users are using the same unrestricted internet access that can be a big problem because you will not be able to have any privacy on the network, e.g. bank details, any emails because if you save anything all the 50 users will be able to access to it.
All staff would be allowed to download and install and remove software so if you downloaded something you need and another user went and deleted thinking it wasn’t going to be needed it could cause consequences.
The data is backed up once a month, there are advantages and disadvantages on that, the advantages are that they will back the data that means if anything goes wrong with the computer or network they would have your work saved but the disadvantages are that it takes too long for them to back up, it should be backed up at least once every two days.
The data tapes are kept secured in a locked plastic box on top of the server that’s not a good thing at all, the back up data disks are supposed to be well secured when no one will be able to get to it only the person that owns it therefore people could just go and mess around with it and end up breaking the backup disk so that’s not good because if anything goes wrong with the computer they wont be able to put the files back onto the computer so if anyone had anything important saved they would lose it all.
The company keeps all the records in a database on customers, they save the purchases record, the account details, customer names and addresses, purchase history, it’s a good thing they keep everything saved on a database but the only problem is that all the staff has access to them database information therefore they could take others account details, know where they live etc, sometimes the manager of the companies hear staff discussing account details with other suppliers so there’s a big problem there because if you know anyone’s bank details you could do anything to their account, you could take all the money out cancel the account. He has also heard staff providing address information to others over the telephone, therefore people could be giving information away that their not supposed to and to people they weren’t supposed to give to.
Emails are available to all that can be an advantage and disadvantage because once you log in it might save your email and password therefore people might be able to access to it, advantages are that everyone gets email because they would probably need it.
IP address log is not kept of sites visited that is a disadvantage because if someone gets on a website their not suppose to be on or download something illegal they wouldn’t be able to find out who it was.
No firewall is in place can be a very bad thing, because hackers could easily get accessed to your computer if you don’t have a firewall because there’s nothing stopping them from getting access and you’ll be getting virus after virus because there’s no firewall stopping it. There’s also no restriction on the internet access again that’s a big disadvantage because its important for you to be restricted to the internet that’s means all 50 users would be able to access any website at all included incriminating websites.
The downloads are not monitored is a disadvantage is because they can download what ever they want and they would be ruining the software on the computer and the memory, and it would not be posted on the desktop it would be hidden somewhere in the software, the entrance doors are not protected by a keypad so anyone would be able to get in.
This company could do with a really big improvement by having the computer misuse act and data protection act.
This company could do with a really big improvement by having the computer misuse act and data protection act.
