Corporation Tech will face many security risks with their current network. The user domain is the single most vulnerable part of any network and as such poses the most obvious security risk. To mitigate risks involving the users is to implement policies and training to educate the user on proper use and security best practices. By educating the user on security practices such as secure passwords, safe web surfing, and securing their workstations, many potential attacks can be avoided. Policies and training are also necessary because they can be used as evidence when taking administrative action against a user or intruder in the event the system or data information is compromised.
Laptops and workstations have their own set of security risks associated with them. They are vulnerable to being compromised by malware, spyware, or even hackers that take advantage of certain exploits. Laptops, workstations and mobile devices are susceptible to malicious software attacks, theft or loss. Viruses and malware can affect these devices and are usually acquired through contaminated email attachments and hyperlinks that redirect the user to exploited web sites or are transferred through USB storage devices.
Viruses and malware can also be acquired by downloading infected files or programs that are designed by hackers. Because of the need to protect systems against threats, all workstations and laptops should be secured with antivirus and firewall software and updated and patched on a regular basis to fix vulnerabilities with the software that hackers may exploit. Since the laptops are mobile by nature they are at risk of being stolen along with all of the data saved on their hard drives. The best security method for this would be to encrypt the hard drives on the laptops and where feasible only store sensitive data on corporate servers and allow authorized user remote access to the data via SSHVPN sessions.
Physical security or lack thereof also poses a huge risk; if an attacker has physical access to your equipment they do not actually need your log in credentials to access data. Attackers could boot your systems up on a live CD and compromise your information without leaving any trace in the logs other than a restart. Even if an attacker has a narrow window for physical access to your systems, they can steal the hardware and gain access to the data from it at their convenience. Secure all removable equipment is locked storage locations with security controls such as cameras and biometric access devices.
Distributed Denial of Service (DDOS) attacks are a major concern when it comes to the company’s servers; this is done when a botnet sends an overwhelming amount of requests to the servers until they shut down. The best method to deal with this is to install security hardware or software that can detect these kinds of attacks as they are beginning to take place and filter that traffic out. The hardware is often very effective but also can be very expensive which can be a whole different issue but if you have the funding available I would recommend purchasing the hardware.
SQL injections are one of the most common attacks on web based applications, these attacks occur when an attacker inserts a SQL statement that is not authorized through a SQL data channel such as the login screen. This best way to mitigate this risk is to implement string checking for special SQL characters or install software to check the web application for injection vulnerabilities. The software may cost a little money but it will help to prevent unauthorized access to information in your database.