Corporation Tech Essay Example for Free

Corporation Tech EssayCorporation Tech allow face m any aegis risks with their current network. The user domain is the single most vulnerable part of any network and as such poses the most obvious security risk. To apologize risks involving the users is to implement policies and training to educate the user on proper use and security best practices. By educating the user on security practices such as secure passwords, safe web surfing, and securing their workstations, many potential attacks can be avoided. Policies and training are also necessary because they can be used as evidence when taking administrative action a peest a user or intruder in the event the system or information information is compromised. Laptops and workstations draw their own set of security risks associated with them. They are vulnerable to being compromised by malware, spyware, or even hackers that take advantage of certain exploits. Laptops, workstations and mobile devices are open to malicious sof tware attacks, theft or loss. Viruses and malware can affect these devices and are usually acquired through contaminated email attachments and hyperlinks that redirect the user to exploited web sites or are transferred through USB storage devices.Viruses and malware can also be acquired by downloading infected files or programs that are designed by hackers. Because of the need to cheer systems against threats, all workstations and laptops should be secured with antivirus and firewall software and updated and patched on a regular basis to fix vulnerabilities with the software that hackers may exploit. Since the laptops are mobile by record they are at risk of being stolen along with all of the data saved on their hard drives. The best security method for this would be to cypher the hard drives on the laptops and where feasible only store sensitive data on corporate servers and allow authorized userremote access to the data via SSHVPN sessions.Physical security or lack thereof also poses a huge risk if an attacker has physical access to your equipment they do not rattling need your log in credentials to access data. Attackers could boot your systems up on a live CD and compromise your information without leaving any trace in the logs other than a restart. Even if an attacker has a narrow window for physical access to your systems, they can steal the ironware and gain access to the data from it at their convenience. Secure all removable equipment is locked storage locations with security controls such as cameras and biometric access devices.Distributed Denial of Service (DDOS) attacks are a major concern when it comes to the companys servers this is done when a botnet sends an overwhelming amount of requests to the servers until they shut down. The best method to deal with this is to install security hardware or software that can detect these kinds of attacks as they are beginning to take place and filter that traffic out. The hardware is often very hard-hi tting but also can be very expensive which can be a whole different issue but if you have the documentation available I would recommend purchasing the hardware.SQL injections are one of the most common attacks on web based applications, these attacks occur when an attacker inserts a SQL bid that is not authorized through a SQL data channel such as the login screen. This best way to mitigate this risk is to implement string checking for exceptional SQL characters or install software to check the web application for injection vulnerabilities. The software may cost a little money but it will help to prevent unauthorized access to information in your database.