Professional Documents
Culture Documents
Higher Nationals
Internal verification of assessment decisions – BTEC (RQF)
Verifier
Unit 05: Security
Unit(s)
EMC Cyber
Assignment title
Roshen Anthony Jude
Student’s name
Is the Pass/Merit/Distinction
grade awarded justified by the Yes.
Y/N
Justified by the assessor’s comments
assessor’s comments on the
student work?
• Agreeing actions?
isuranilupul@gmail.com 18.19.2021
Assessor signature Date
lakinducp@gmail.com 18.09.2021
Internal Verifier signature Date
Programme Leader
signature (if required) Date
Give details:
Internal Verifier
signature Date
Programme Leader
signature (if required) Date
Assignment 1 Assessor
Mr. Isura Kulathilake
Number
Date Received
Submission Date 16.05.2021 1st 16.05.2021
submission
Assessor Feedback:
Resubmission Feedback:
* Please note that grade decisions are provisional. They are only confirmed once
internal and external moderation has taken place and grades deci
General Guidelines
1. A Cover page or title page – You should always attach a title page to your
assignment. Use previous page as your cover sheet and make sure all the details
are accurately filled.
2. Attach this brief as the first section of your assignment.
3. All the assignments should be prepared using a word processing software.
4. All the assignments should be printed on A4 sized papers. Use single side
printing.
5. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each
page.
1. The font size should be 12 point, and should be in the style of Time New
Roman.
2. Use 1.5 line spacing. Left justify all paragraphs.
3. Ensure that all the headings are consistent in terms of the font size and font
style.
4. Use footer function in the word processor to insert Your Name, Subject,
Assignment No, and Page Number on each page. This is useful if individual
sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to
help editing your assignment.
Important Points:
10. If you are proven to be guilty of plagiarism or any academic misconduct, your
grade could be reduced to A REFERRAL or at worst you could be expelled
from the course
Student Declaration
I hereby, declare that I know what plagiarism entails, namely to use another’s work and
to present it as my own without attributing the sources in the correct way. I further
understand what it means to copy another’s work.
roshen.anthony@gmail.com 2021/11/01
16.09.2021
Student’s Signature: Date:
(Provide E-mail ID) (Provide Submission Date)
Assignment Brief
Student Name /ID Number Roshen Anthony
Submission Format:
The submission should be in the form of an individual written report written in a concise, formal business
style using single spacing and font size 12. You are required to make use of headings, paragraphs and
subsections as appropriate, and all work must be supported with research and referenced using Harvard
referencing system. Please provide in- text citation and an end list of references using Harvard
referencing system.
Section 4.2 of the assignment required to do a 15 minutes presentation to illustrate the answers.
Scenario
‘EMC Cyber’ is a reputed cyber security company based in Colombo Sri Lanka that is delivering security
products and services across the entire information technology infrastructure. The company has a
number of clients both in Sri Lanka and abroad, which includes some of the top-level companies of the
world serving in multitude of industries. The company develops cyber security software including
firewalls, anti-virus, intrusion detection and protection, and endpoint security. EMC Cyber is tasked with
protecting companies’ networks, clouds, web applications and emails. They also offer advanced threat
protection, secure unified access, and endpoint security. Further they also play the role of consulting
clients on security threats and how to solve them. Additionally the company follows different risk
management standards depending on the company, with the ISO 31000 being the most prominent.
One of the clients of EMC Cyber, Lockhead Aerospace manufacturing which is a reputed aircraft
manufacturer based in the US, has tasked the company to investigate the security implications of
developing IOT based automation applications in their manufacturing process. The client has requested
EMC to further audit security risks of implementing web based IOT applications in their manufacturing
process and to propose solutions. Further, Lockhead uses ISO standards and has instructed EMC to use
the ISO risk management standards when proposing the solution.
The director of the company understands such a system would be the target for cyber-attacks. As you
are following a BTEC course which includes a unit in security, the director has asked you to investigate
and report on potential cyber security threats to their web site, applications and infrastructure. After the
investigation you need to plan a solution and how to implement it according standard software
engineering principles.
Activity 01
Assuming the role of External Security Analyst, you need to compile a report focusing on following
elements to the board of EMC Cyber’;
1.1 Identify the CIA Triad concept and evaluate why and how the CIA Triad could be utilize to EMC
Cyber in order to improve the organization’s security.
1.2 Identify types of security risks EMC Cyber is subject to its present setup and the impact that they
would make on the business itself. Evaluate at least three physical and virtual security risks identified
and suggest the security measures that can be implemented in order to improve the organization’s
security.
1.3 Develop and describe security procedures for EMC Cyber to minimize the impact of issues
discussed in section (1.1) by assessing and rectifying the risks.
Activity 02
2.1 Identify how EMC Cyber and its clients will be impacted by improper/ incorrect configurations
that are applicable to firewalls and VPN solutions. IT security can include a network monitoring
system. Discuss how EMC cyber can benefit by implementing a network monitoring system with
supporting reasons.
2.2 Explain how the following technologies would benefit EMC Cyber and its Clients by facilitating a
‘trusted network’. (Support your answer with suitable examples).
i) DMZ
ii) Static IP
iii)NAT
2.3 Identify and evaluate the tools that can be utilized by EMC cyber to improve the network and
security performance without compromising each other. Evaluate at least three virtual and physical
security measures that can be implemented by EMC to uphold the integrity of organization’s IT policy.
Activity 03
3.1 Discuss suitable risk assessment integrated enterprise risk management procedures for EMC Cyber
solutions and the impact an IT security audit will have on safeguarding organization and its clients.
Furthermore, your discussion should include how IT security can be aligned with an organizational IT
policy and how misalignment of such a policy can impact on organization’s security.
(This can include one or more of the following: network change management, audit control, business
continuance/disaster recovery plans, potential loss of data/business, intellectual property, Data
Protection Act; Computer Misuse Act; ISO 31000 standards.)
3.2 Explain the mandatory data protection laws and procedures which will be applied to data storage
solutions provided by EMC Cyber. You should also summarize ISO 31000 risk management
methodology.
Activity 04
4.1 Design an organizational security policy for EMC Cyber to minimize exploitations and misuses
while evaluating the suitability of the tools used in an organizational policy.
4.2 Develop and present a disaster recovery plan for EMC Cyber according to the ISO/IEC
17799:2005 or similar standard which should include the main components of an organizational
disaster recovery plan with justifications. Discuss how critical the roles of the stakeholders in the
organization to successfully implement the security policy and the disaster recovery plan you
recommended as a part of the security audit.
(Students should produce a 15 minutes PowerPoint presentation which illustrates the answer for
this section including justifications and reason for decisions and options used).
Pearson
Higher Nationals in
Computing
Unit 5: Security
Contents
1 Acknowledgement ................................................................................................ 6
2.5 Security procedures for EMC Cyber to minimize the impact of issues ....... 18
3.1 The impact of improper configurations that are applicable to firewall and
VPN solutions to EMC Cyber................................................................................. 21
3.1.2 VPN....................................................................................................... 23
3.2 Implementing a DMZ, static IP and NAT in a network can improve network
security .................................................................................................................... 24
4.2 Data protection process and regulations as applicable to EMC Cyber ........ 35
4.3 Summarizing the ISO 31000 risk management methodology and its
application in IT security ........................................................................................ 39
4.5 The impact of IT security aligns with organizational policy and the safety
consequences of any misalignment ......................................................................... 43
5.1 Designing and implementing a security policy for EMC Cyber .................. 44
List of Tables
Table 1 Security Procedures for EMC cyber to minimize the impact of issues ......... 20
Table 2 Comparison between dynamic IP .................................................................. 26
Table 3 benefits of using different network monitoring tools .................................... 31
Table 4 Risk Assessment for EMC Cyber .................................................................. 34
Table 5 steps for Data protection process for EMC Cyber ......................................... 38
Table 6 Common IT Security audit standards ............................................................ 42
List of figures
Figure 1 Example for DMZ ........................................................................................ 24
Figure 2 Disaster recovery plan slide 1....................................................................... 53
Figure 3 Disaster recovery plan slide 2....................................................................... 53
Figure 4 Disaster recovery plan slide 3....................................................................... 54
Figure 5 Disaster recovery plan slide 4....................................................................... 54
Figure 6 Disaster recovery plan slide 5....................................................................... 55
Figure 7 Disaster recovery plan slide 6....................................................................... 55
Figure 8 Disaster recovery plan slide 7....................................................................... 56
Figure 9 Disaster recovery plan slide 8....................................................................... 56
Figure 10 Disaster recovery plan slide 9..................................................................... 57
Figure 11 Disaster recovery plan slide 10................................................................... 57
Figure 12 Disaster recovery plan slide 11................................................................... 58
Figure 13 Disaster recovery plan slide 12................................................................... 58
Figure 14 Disaster recovery plan slide 13................................................................... 59
Figure 15 Disaster recovery plan slide 14................................................................... 59
Figure 16 Gantt Chart ................................................................................................. 67
1 Acknowledgement
Many people have contributed to the success of this Report. Although a single sentence
hardly suffices, the author would like to thank Almighty God for blessing him with his
grace.
The author is profoundly indebted to his class guide, Mr. Isura Kulathilaka, for
innumerable acts of timely advice; encouragement and the author sincerely express his
gratitude to her. Her guidance made the author to successfully complete the report. The
author extends his sincere and heartfelt thanks to Mr. Isura Kulathilaka, for providing
him the right ambiance for carrying out this work.
The author expresses his immense pleasure and thankfulness to all the teachers and
staff for the cooperation and support. In addition, a huge thank to the google and other
sources that the author have used in this report.
Last but not the least, he thanks all others, and especially his classmates who in one
way or another helped him in the successful completion of this work.
The author hopes contributors will recognize that he has done his best to reflect the
variety of views and the wealth of information, which were so generously provided, to
him. The author takes full and sole responsibility for the content of the report and for
any errors or misrepresentations of fact or opinion it may contain.
Regards,
The Author,
Roshen Anthony
2 Risks in IT Security
Information security refers to the safeguarding of data, particularly as it is being
processed. IT security aims to keep unauthorized third parties from tampering with data
and systems. This means that socio-technical systems within firms / organizations, i.e.,
people and technology, as well as their data, are safeguarded from harm and dangers.
This includes not only data and information, but also physical data centers and cloud
services.
Over the last few years, information has grown increasingly precious. As a result, it is
much more critical to safeguard it. The three IT protection goals of availability,
integrity, and secrecy characterize information security. These three parts are known
as CIA Triad Concept.
2.1.1 Confidentiality
IT Security confidentiality means that data is only available to authorized individuals.
Only a limited number of people, for example, have access to the information it
contains. To put it another way, access control must be defined. This necessitates the
assignment of access rights.
The conveyance of data is another crucial aspect of information secrecy. This should
be encrypted at all times, whether symmetrically or asymmetrically. Unauthorized
individuals will be unable to access the information.
2.1.3 Availability
Having the appropriate information available ensures that data processing within the
systems goes smoothly. The data must be retrievable in a timely and accurate manner.
This necessitates the protection of computer systems against failure. This is why load
testing is used to check the limitations, ensuring that company operations are not
disrupted.
The CIA trio provides a high-level checklist for evaluating your security procedures
and equipment that is both easy and thorough. All three components of an effective
system are met: secrecy, integrity, and availability. It is insufficient to have an
information security system that is lacking in one of the three parts of the CIA trinity.
After a negative occurrence, the CIA security triangle is also useful in determining what
went wrong—and what worked. For example, if availability was harmed as a result of
a ransomware assault, but the mechanisms in place were still able to protect the
confidentiality of sensitive data. This information can be utilized to correct flaws and
replicate effective policies and procedures in EMC Cyber.
When considering the Security Attacks, these can be categorized as Passive and Active.
A passive attack occurs when the attacker does not attempt to modify or affect the target
system's resources. Instead, the attacker is attempting to obtain or learn information
from that system.
Eavesdropping and monitoring of networks and communications are examples of
passive attacks. Listening in on communications and transmissions is referred to as
eavesdropping. For example, we could use a network monitoring tool to examine the
data transmitted by a Wi-Fi router. It would be an example of passive attack if we were
to listen in on and record a phone conversation (and possibly release the recording to
the public).
EMC cyber is reputed and reliable IT security service provider based in the Colombo
Sri lanka. The EMC cyber has both abroad and Sri Lankan clients. So, EMC should
have the best secured data centres but there are some vulnerabilities which are
identified by the author. Those are,
Organizational Risks,
• Reputation risk
• Financial risk
• Operational risk
• Legal risk
• Strategic Risk
• Technology risk
• People/culture risk
• Fraud risk
A backup is a copy of your data that you make for safekeeping. The backup should then
be stored somewhere secure so that it can be safely retrieved if needed.
Some people get the terms backup and archive mixed up. A backup is a duplicate copy
of your data that you keep for safekeeping. An archive is your primary data that you
simply move to another location because you don't need it right now but may need it in
the future.
There are various types of backup methods from which to choose.
Full backup
This is the most basic type and is a full backup of all of your data. The benefit is that
your entire backup is available in one location or medium. The disadvantage is that if
you have a large amount of data to backup, it will take a long time to complete the
backup.
Incremental backup
Here, you first start by taking a full backup. Then, your backup only what has changed
since your last backup. The benefit is that your backup process will take less time and
space, but there is the disadvantage that you have to maintain multiple volumes.
Differential back up
This is very similar to an incremental backup, except that your subsequent backup
includes everything from your last full backup onward.
Audits
As part of an audit, we may verify that all systems are functioning as expected, that
proper backups and precautions are taken, that disaster recovery procedures are in
place, that people are properly trained, and that policies are properly understood and
implemented.
Testing procedures
There are several methods for testing networks. Some of the options available to you
are as follows:
Testing the Network, WAN, Intranet etc.
• Vulnerability Scanning: This is performed using automated software to scan a
system for known vulnerability signatures.
• Security Scanning: This involves identifying network and system flaws and
then providing solutions to mitigate these risks. This scanning can be done both
manually and automatically.
Testing systems
You should double-check that the server room door is securely locked even before you
shut down servers, and even until you first turn them in. Of course, the best lock in the
world won't help you if you don't use it, so policies requiring that those doors be closed
whenever the room is unattended, as well as who has the key or keycode to go in, will
be necessary. The server room is the heart of your network, and it can cause massive
damage if it gets compromised. To prevent this, make sure that everyone has physical
access to all of the devices that are connected to it
Setup surveillance
Getting people to enter and out of the server room is a good start, but it can be
dangerous if someone has unauthorized access. A good way to prevent this is by
implementing an electronic access system or a log book. This method works by creating
a record that identifies each person who enters the room.
Motion Detection Cameras can monitor continuously or they can use technology to
detect when someone is moving around. They can also send e-mails or text message
notifications if they detect motion.
Remember, it's not only the servers about which you have to worry. A hacker can
connect a laptop to a hub and use sniffer software to capture network-wide data. Ensure
you have as many of your network devices as possible in the locked room or in the
locked closet elsewhere in the facility if they have to be in a different area.
Special physical security risks arise from laptops and handheld computers. The entire
computer can be easily robbed from a thief, including any recorded data and passwords
to the network connection. If employees use their desks on laptops, when leaving or
secure a permanent fixture with a cable lock, they should take them with them.
The following rules and procedures are required by the organizational security
program.
Physical security measures are intended to keep buildings safe and secure while also
protecting the equipment inside. In a nutshell, they keep undesired people out while
allowing authorized individuals in. While network and cybersecurity are crucial,
physical security breaches and threats must be avoided in order to keep your technology
and data safe, as well as any staff or faculty members who have access to the facility.
Your workplace or facility will be vulnerable to criminal activity if you don't have
physical security policies in place. Physical security concerns include theft, vandalism,
fraud, and even accidents.
The EMC cloud is based on a single structure with a large number of physical
components. Then there's the issue of physical security. Physical security, like logical
security, is critical. Physical security is a type of security technology that protects
people, hardware, networks, and data from physical threats. Multiple levels of
interdependent systems were utilized for physical security.
The physical security plan should also focus on keeping all employees safe, preventing
unwanted access to the network, and keeping hardware components secure.
functions in one location. This is Sri Lanka's busiest and most commercial city. As a
result, EMC may experience certain physical difficulties. Protesters' attacks, for
example, natural disasters. There are several methods that EMC cyber use in Physical
security. Those are,
Lists of Controlled Access Network traffic filters known as "ACLs" can regulate
incoming and outgoing traffic. ACLs are a set of rules that describe how a packet should
be forwarded or blocked at the router's interface. An ACL is similar to a Stateless
Firewall in that it just restricts, blocks, or allows packets to pass from one source to
another. When you define an ACL for a specific interface on a routing device, all traffic
going through that interface is compared to the ACL statement, which will either block
or allow it. The source, destination, a specific protocol, or other information could be
used to define the ACL rules. ACLs are commonly found in routers and firewalls, but
they can also be configured in any network device, including hosts, network devices,
servers, and so on.
According to investigation that given by the Director of the company, the EMC is
mainly vulnerable in Hardware and Software security. As an investigator the author
suggests below steps to increase the security of EMC cyber.
Hardware Area
• Replace obsolete computers, laptops, and notebooks with newer models.
• Remove the old EMC router from the network.
• Drivers and encryption mechanisms should be updated.
• Use biometric authentication for access
Software Area
• Operating systems that have been patched or updated.
• Updated or patched productivity software, as well as patched web browsers.
2.5 Security procedures for EMC Cyber to minimize the impact of issues
• WIFI security
• Give employees to personal
accounts
Table 1 Security Procedures for EMC cyber to minimize the impact of issues
3 IT Security solutions
3.1 The impact of improper configurations that are applicable to firewall and VPN
solutions to EMC Cyber
3.1.1 Firewall
A firewall is a network security device that analyzes incoming and outgoing network
traffic and determines whether specific traffic should be allowed or blocked based on
a set of security rules.
For more than 25 years, firewalls have served as the first line of defense in network
security. They create a barrier between secure, controlled internal networks that can be
trusted and untrustworthy external networks like the Internet.
• Proxy Firewall
• Stateful inspection firewall
• Unified threat management firewall
• Next-generation firewall
• Threat-focused Next-generation firewall
• Virtual firewall
A firewall serves as a link between two LAN networks; however, it is unable to deal
with the risks listed below.
Malicious employees
Actually, firewalls are terrible at evaluating and analyzing people's perceptions, as well
as locating data packets with "bad intent." If an employee attempts to engage in
malicious behavior or engages in misconduct, the firewall will be unable to stop them.
Modem users
A firewall will not be able to protect connections that do not flow through it. A firewall
cannot prevent individual users with modems from calling into or out of the network,
thus circumventing the firewall.
Polices
The policies governing the usage of passwords are outside the control of the firewall,
resulting in the misuse of individual passwords and user accounts. This has to be
rigorously adhered to.
Previous attacks
Viruses
There are common problems are caused by the Conventional Firewalls. Many
loopholes were discovered and discussed after reading and analyzing the standard
firewall. All four types of firewalls, including packet filters, circuit level gateways,
application-level gateways, and stateful multilayer inspection firewalls, have their own
set of wizards and deceptions. A few of them are listed below as well.
• A packet filtering firewall that solely works at the network level of the OSI
model does not support complex rule-based frameworks.
• Circuit level gateways operate at the OSI model's session layer, storing
information about protected networks but not straining individual messages.
• Application-level gateways, sometimes known as proxies, are essentially
similar to circuit level gateways, with the exception that they are application
specific. They also advertise a high level of security, but they have a significant
impact on network performance.
3.1.2 VPN
A virtual private network, or VPN, is an encrypted link between a device and a network
via the Internet. The encrypted connection aids in the secure transmission of sensitive
data. It protects against illegal eavesdropping on traffic and allows the user to work
remotely. In corporate settings, VPN technology is commonly used.
A virtual private network (VPN) connects a corporate network to the Internet via
encrypted connections. Traffic remains private as it travels because it is encrypted
between the device and the network. An employee can work from home and still
connect to the company network safely. A VPN can be used to connect even
smartphones and tablets.
There are many security risks that cause by the VPN s. such as,
• VPN hijacking
• Data leaks
• Malware infections
• Cannot create an enforce policies that protects credentials
• No third-party accountability
• No proper encryption methods
• Keep track of user’s data without permission of user
Since the EMC cyber is providing both local and international services Third-party
VPN are not suitable for the security and the growth of the company. As an investigator
the author suggests not to use third party VPNs.
3.2 Implementing a DMZ, static IP and NAT in a network can improve network
security
3.2.1 DMZ
DMZ is stands for Demilitarized Zone which is in computer networks is a physical or
logical subnet that divide a LAN (local area network) from untrusted networks. Such
as public internet. Perimeter networks or screened subnetworks are also known as
DMZs.
Internal corporate networks are protected by DMZs, which provide a level of network
separation. These sub-networks limit remote access to internal and resource servers,
making access to the internal network difficult for attackers. This strategy is useful for
individual uses as well as large companies.
Web servers, FTP servers, email servers, DNS servers, and VoIP servers are among the
equipment accessible to internet traffic in the Demilitarized Zone. Incoming traffic
from the external network is routed through the DMZ filer.
The above figure represents a part of EMC cyber network. According to the DMZ
security method isolated network can be provided for public facing servers. Such as
Web servers and mail servers.
• Static IP address
• Dynamic IP address
Dynamic IP
Dynamic IP addresses are those that change on a regular basis. ISPs buy a large range
of Ip addresses and automatically assign them to their customers. They re-assign them
on a regular basis, and the older IP addresses are returned to the pool for use by other
clients. The goal of this method is for the ISP to save money. They don't have to go
through any special procedures to re-establish a customer's IP address if they move
residence, for example, because IP addresses are routinely transferred. There are also
security benefits, since criminals will find it more difficult to obtain access to your
network interface if clients IP address changes.
Static IP
Unlike dynamic IP addresses, static IP addresses do not change. The network assigns
an IP address, which does not change. A static IP address isn't essential for most
individuals and enterprises, but it is for those who want to run their own server. This is
because a static IP address ensures that the websites and email addresses linked with it
have a consistent IP address, which is necessary if you want other devices to be able to
find them regularly on the internet.
Static IP Dynamic IP
The Network Administrator assigned it Assigned automatically by the DHCP
manually. server
More hackable More secure
The host in a network is given a In a network, a temporary IP address is
permanent numeric address. assigned to a host.
Used for dedicated servers such as mail Connects a huge network to the internet
servers, FTP servers, and VPN servers. and allows for communication.
Connects a huge network to the internet
and allows for communication.
After it is allocated to the computer, it If the connection is reset or the DHCP
does not alter automatically. leases expire, the value changes
automatically.
Table 2 Comparison between dynamic IP
As part of this feature, NAT can be configured to only advertise one address for the
entire network to the outside world. By effectively disguising the entire internal
network behind that address, the system's security is enhanced. Because it enables both
security and address conservation, NAT is often employed in remote-access scenarios.
When accessing resources outside of the network, such as the internet, these machines
must have a public address.
When users connect to an outside network, such as the internet, they are all assigned
the same public address. As a result, a single public IP address can be utilized by
hundreds, if not thousands, of people. As a result, EMC's cyber service provider saves
money thanks to NAT. EMC saves money by not having to purchase a public IP address
for each computer. Furthermore, there are a number of advantages to using NAT.
Thanks to the NAT process, the EMC's security has increased. In addition, NAT is an
important part of firewall security.
There are several benefits when DMZ and NAT. The following table shows the
benefits.
Network monitoring systems include software and hardware tools which can track
different aspects, such as traffic, bandwidth use and uptime, of a network and its
operation. These systems detect devices and other network elements and provide status
updates.
Network administrators rely on network surveillance tools to assist them spot failures
or problems like traffic bottlenecks that impede data flow fast. These systems can send
email or text alerts to administrators and generate reports using network analytics.
According to the researches there will be 25 billion parts of hardware will categorize
under Inter of things. This means smarter analytics, automated systems, and more will
be grow.
Therefore, EMC cyber will need advance monitoring solutions to keep up to speed. The
increasing demand for the network increases the complexity of the network. It's natural
to believe that relying solely on manual management will result in human error.
However, this is not always the case, so let's look at the numbers.
45% of the downtime is human error. EMC Cyber have clear arguments for automating
the company monitoring together with network problems. Teaching advanced
networking will help EMC Cyber to keep pace with evolving demands. This could
essentially result in easier, better growth that enables you to compete in an ever-
changing world.
Enhance security
The security of the network is an enormous affair. You may be at risk for malicious
attacks and hacking attempts without a network monitoring service.
Smart network monitoring can provide instant attention to potential threats. The need
to detect and remedy faults by human efforts no longer exists. It saves time and removes
trouble. Weak links could be broken and detected by network monitoring tools. It could
also identify areas for enhancements
Moreover, uptime and security failures reports will give EMC Cyber additional impetus
for upgrading. Sometimes it can be difficult to justify upgrading the network.
Monitoring can provide EMC Cyber with the essential outlet for your revenue and
growth.
There are several steps that can be identified in the risk assessment procedure.
Risk level
solution increase
security
Operational The possible Maintain Develop Management
Risk losses because good a solid
of uncertain records. plan
circumstances.
Includes Keep low
reputational, dept
legal and accounts.
regulatory
Casualty
purchase Low
insurance.
Infrastructure Potential Create Make a Management,
Risk structural and awareness proper Network
basic training for plan Administrator
structural businesses.
failures. Create a
system for
managing
Medium
human
resources.
Strategy Risk The EMC Review the Obtain an Management
could be current insurance
exposed to the internal
risk of failure control
of EMC system.
business Review
decision. Always
Medium
practice
security
High
data.
Data Quality Good centralized Precise Network
information management collection administrator,
reduces the and data of data Database
risk and modeling of needs. Administrator,
makes data assets Quality assure
decision that are
making more frequently
confident. examined
High
and audited
Natural Risk An Keep Keep all Network
unexpected backups and necessary Administrator,
event that store data in databases Database
happens off-side separately administrator
beyond location
High
control
Table 4 Risk Assessment for EMC Cyber
Data protection is the process of protecting vital data against corruption, compromise
or loss and enabling them to restore the data to a functioning condition if something
makes the data inaccessible and unusable.
There are 8 fundamental principles of DPA 1998 specified that data must,
Steps Procedure
Develop a Culture of • Check EMC Cyber privacy approach and how you
“Privacy by Design” manage data protection.
• Conduct impact assessments for data protection
and establish risk mitigation measures found in
the evaluation.
• Make sure that the Company data that process are
adequately technological safeguarded. Technical
protections should include automatic identification
and classification methods for personal data,
pseudonymization and data encryption, and
technical security measures.
Appoint a data • A DPO is necessary if your company regularly
protection officer and systematically monitors large-scale people, or
if you process any of the sensitive data categories
on a wide scale.
• In all situations, a DPO is advised to guarantee
that a person with adequate expertise, institutional
backing and power is responsible for the security
of data.
Educate Your personal • Make sure that all decision-makers and key
individuals who process or direct data use are
aware of their obligations.
• Continuous data protection training.
Document Your • Make an inventory of data. Take all gathered and
information collection used information into account in all your
and usage practices organization areas.
• Develop a documented internal policy on your
organization's actions to safeguard and enforce
personal data. Develop a documented internal
policy on your organization's actions to safeguard
and enforce personal data.
Confirm your lawful • GDPR requires you to have a legally binding basis
basis for collecting and for personal data processing. The legally
processing personal acceptable grounds for business undertakings
Data • Document the appropriate legal bases for each
type of personal data gathered, make sure that the
data can only be useful and retain records for the
specified purposes.
Update Consent • If company agree to the processing of their
practices personal data on a legitimate basis, such
permission must be freely granted, explicit,
informed and clear.
• If they do not satisfy GDPR standards, existing
consents will have to be renewed.
Review and Update • Make sure that the data collection and usage
your Privacy notes methods assessed and defined in Steps 4 through 7
are correctly described in your data protection
information.
• Company data protection notifications must
explicitly provide a legally-lawful basis for the
treatment, data retention and people' ability to
lodge complaints with the data protection
authorities of Member States.
Review third party • If company process, store or otherwise manage
Contracts data on your behalf from third party sources,
company is liable for their GDPR compliance as
far as your data are concerned.
• Review contracts and agreements with business
partners, cloud service providers and other third
parties to ensure that organizational and
technological information security safeguards are
in place for third parties.
Prepare for data • Confirm if internal processes are sufficient to
breaches quickly discover and report violations in the
correct control chain.
• Implement investigation and mitigation processes
for infringements of data.
Table 5 steps for Data protection process for EMC Cyber
4.3 Summarizing the ISO 31000 risk management methodology and its application
in IT security
The following key provisions are the ISO 31000 risk management
• Principles
• Framework
• Process
• Detective
• Prevention
• Corrective
During the planning stage of an engagement, audit objectives are developed that are
clearly aligned with the business objectives of the area or process under review. The
majority of engagements are centered on ensuring that controls are in place to
effectively reduce risks that could prohibit the region or process from meeting its
business objectives. Auditors additionally make sure that engagement goals are in line
with the organization's goals in terms of:
4.5 The impact of IT security aligns with organizational policy and the safety
consequences of any misalignment
The IT Security Policy defines rules and processes for everyone who accesses and uses
the IT resources and assets of a company. Effective IT security policy is a model of the
culture of the firm, which uses rules and procedures from the information and working
approach of its personnel. Therefore, for every organization, a good IT security policy
is a unique document, based on the views of its people on risk tolerance, how their
information is seen and appreciated and on their consequent availability.
There are Information security policies that can be used for EMC Cyber,
Privacy rules - Government imposed regulations such as the General End User Data
Protection Regulations. The company then needs to secure its users. If you don't secure
users' privacy, the organization risks losing its power and fines.
Personal and mobile devices - the company has moved into the cloud today. EMC
Cyber, for example. The organization offers access for any location to corporate
software assets. There is then a possibility that personal gadgets like laptop, cell phones
would introduce vulnerabilities. The corporation then needs to establish a policy to
safeguard its personal appliances properly, which can help prevent threats through its
assets.
Scope
That policy encompasses all of EMC Cyber Company’s duties and must be compliant
with it.
Purpose
To ensure that client information is kept secure, accessible, and that EMC Cyber stores,
processes, or transfers, exploits, or misuses are kept to a minimum.
Overview
password with
anyone.
• All modifications
must be recorded.
• Operating systems
and application
software must be
kept in good
working order.
• The user refuses to
authorize the
installation of
network
components.
Wireless Access Policy The policy's goal is to • Unauthorized
provide wireless Internet device access is
connection to just not permitted.
customers and sales • Set up the logging
people on the first floor. passwords.
• Use a MAC
address that may
be traced and
registered.
• All access must be
granted via a
secure access
point.
Mobile security Policy To secure data in transit • A strong password
and corporate data on must be set on all
mobile devices devices.
On the EMC Cyber, • All stolen or lost
protect critical data from devices must be
5.2 The main components of an organisational disaster recovery plan, justifying the
reasons for inclusion.
A disaster recovery plan (DRP) is a documented, systematic technique that explains
how a company can quickly restart operations following an unanticipated event. A
disaster recovery plan (DRP) is an important component of a business continuity plan
(BCP). It's used to describe the components of an organization that rely on a working
IT infrastructure. A data recovery plan (DRP) tries to assist an organization in resolving
data loss and restoring system functioning so that it can continue to operate in the
aftermath of an incident, even if at a reduced level.
• Restoration times are drastically reduced, and RTO and RPO are significantly
reduced.
• Limit the amount of money you lose as a result of revenue reductions or other
expenses.
• Reduce the risk of Critical Processes being disrupted and protect corporate
operations.
• Avoid jeopardizing the company's reputation.
• Define simplified action plans to deal with unexpected occurrences and plan
for a controlled return to operations.
• Clustering
• Backup
• Cloud computing
• Disaster recovery site
Component
Priority Level
Purpose Procedure Justification
intelligence servers in
the cluster. This
•Improving emergency
management by
delivering real-time
information
Breakdown of •Establish and •Recover and re-
Disaster recovery site
• Internal stakeholder
• External stakeholder
Internal stakeholder
According to Nilson (2006: p170), internal stakeholders are those in the management,
marketing experts, designers, purchasing, manufacturing, assembly and sales, while
external stakeholders are the users/customers, distributors, governments, suppliers,
communities, laws and regulations. (Karim, et al., 2007, pp.8).
Investors
Investors raise or decrease their holdings in a firm based on its financial performance.
Project manager
The project manager is in charge of ensuring that the project team finishes the project.
The project manager creates the project plan and oversees the team's execution of
project operations.
Directors
Shareholder
• The company's stock is held by the company's shareholder. Highlight the roles
of the shareholders in the EMC as follows.
Provide a source of funding for the EMC.
• Using their voting privileges, they can comment on and approve the EMC's
security policy.
Employees
External Stakeholders
External stakeholders are those who have no direct relationship with the company.
They are not staff members and have no direct financial interest in the company's profit
or loss. They are interested instead in how the business affects the community or a
segment of the community. External stakeholders include governmental entities in the
area in which the company operates, including municipal councils, local schools, other
companies and local inhabitants.
Government organizations
The author made a list of roles for the EMC Cyber during a disaster.
Biometric security
Researchers have asserted to be an ear, to be able to sit and walk, to be unique in bodily
excretions, in one's hand veins and even face contortions are other unique indicators.
This defines biometrics further.
Fingerprint
Fingerprint used for identification of the individual because of the unique fingerprints.
Fingerprint scanners measure the finger's loop, whorl and arc patterns. The easy
implementation and cost-effectiveness of fingerprint scanners. In terms of access
control, fingerprint recognition is used in the industry.
Facial recognition
Theft prevention
Monitoring is one of the cornerstones of success. The company owner simply can't
know what works and does not work without tracking. The inefficiencies are also hard
to see, and how they can be enhanced.
In order to meet company requirements, the company should use a physical lock if it is
using a laptop and mobile devices. Today, Kensington supports locks which can
prevent user steps from beginning.
nded?
Physical security
CCTV • Monitor High Low CCTV systems are able Yes
camaras activities to trac and monitor with
• Keep video the EMC premises and
records outside the premises and
• Crime also used monitor
prevention activities of the
employees
Fire exits • For safety Medium Low These must establish Yes
and alarms of the because it is necessary to
employees. check the safety of the
• To control employees and also alarm
the fire system is use to give
information for
employees
Key card • Reduce Medium Low When the door control Yes
entry unauthorize system in the EMC is
system access. implemented, the rules
• Reduce the for access for employees
risk of to certain areas are
hardware. precisely defined.
Avoid • Reduce Low Low When double-glazed or Yes
windows unauthorize crash resistant windows
access. are used, the risk of
• Increase unwanted access to
security valuable information is
reduced and the security
of office areas increases
Permeant •Assistance Low High Security guards will Yes
security in deterring respond immediately
staff crimes at the with EMC's corporate
premises of approval to any situation.
the EMC. However, the costs are
•Enhance the more than other
perception of approaches of physical
security. safety. The author
Enhance advises the following
client areas as a Security Expert
service. to provide this service.
•Efficient Customer consent and
handling of sales.
security
problems.
Biometric security
Fingerprint •To compute Low Low The greatest approach to Yes
recognition staff hours authenticate one's
automaticall identification is the
y.
Gantt Chart
References
• Ahola, M. (n.d.). Top 5 Physical Security Risks - And How to Protect Your
Business. [online] blog.usecure.io. Available at:
https://blog.usecure.io/physical-security-risks.
• Johansen, A.G. (2020). What is a firewall and do you need one? [online]
us.norton.com. Available at: https://us.norton.com/internetsecurity-emerging-
threats-what-is-firewall.html.
• Fortinet (2021). What Is a DMZ and Why Would You Use It? [online]
Fortinet. Available at:
https://www.fortinet.com/resources/cyberglossary/what-is-dmz.
• help.apnic.net. (n.d.). KnowledgeBase. [online] Available at:
https://help.apnic.net/s/article/What-is-an-IP-address.
• CactusVPN. (2019). The Top 8 VPN Security Risks (What to Look Out for).
[online] Available at: https://www.cactusvpn.com/vpn/vpn-security-risks/.
Grading Rubric
P1 Identify types of security risks to organisations. Achieved Identified different risks which will be faced by the organization according to CIA triad
P2 Describe organizational security procedures. Achieved Described security procedures to the each risks
M1 Propose a method to assess and treat IT security risks. Proposed a methods to assess and treat IT security risks triad
Achieved
P3 Identify the potential impact to IT security of incorrect Identified the harmful impact due to incorrect configurations of firewalls and third party
configuration of firewall policies and thirparty VPNs. Achieved VPNs
P4 Show, using an example for each, how implementing a DMZ, Explained about DMZ. Static IP and NAT with how importance them to enhance the
Achieved network security
static IP and NAT in a network can improve Network Security.
M2 Discuss three benefits to implement network monitoring systems
Achieved Explain three major benefits of implement a network monitoring tool
with supporting reasons.
D1 Evaluate a minimum of three of physical and virtual security Never investigated how a ‘trusted network’ may be part of an IT security
Not achieved
measures that can be employed to ensure the integrity of
organisational IT security.
P5 Discuss risk assessment procedures. Risk assessment procedures explained by a table with high medium low risk
Achieved
measurements
P6 Explain data protection processes and regulations as applicable to Different data projection acts and principals are explained
Achieved
an organisation.
M3 Summarise the ISO 31000 risk management methodology and its
Achieved ISO 31000 summarized
application in IT security.
M4 Discuss possible impacts to organizational security resulting Discussed about the potential impact of a IT security audit
Achieved
from an IT security audit.
D2 Consider how IT security can be aligned with organisational Explained that how IT security can be aligned with organizational policy.
Achieved
policy, detailing the security impact of any misalignment.
LO4 Manage organizational security
P7 Design and implement a security policy for an organisation. Achieved Design a proper security policy with a table