Security Failures and Preventive Measures
Summary of the Case
The Sequential Label and Supply company is a manufacturer and supplier of labels as well as distributor of other stationary items used along with labels. This company is shown to be growing fast and is becoming highly dependent on IT systems to maintain their high end inventory as well as the functioning of their department.
The case started with the inception of a troubled employee who called up the helpdesk agent to resolve the issue he is facing. Likewise, other employees start calling in to launch similar complaints. Later, the technical support help desk employee, while checking her daily emails, accidentally opened an untrusted source file sent from a known work colleague. This led to a number of immediate problems in her network computer which led to her being not able to access the information over the network and the call management software that she used to work upon stopped functioning. It was then found out the other day that their office systems were hit by a worm and they had to end up restoring their entire systems for their timely retrieval.
The CEO of the company called in a meeting to discuss this issue with their CIO -- Chief Information Officer in order to brainstorm and ensure that such attacks by worms and viruses are not repeated. The CIO offered a long-term solution which included the involvement of information security in this process. Charles, the person who was called in by the CIO to discuss the avenue of information security, told the CEO that he studied the business function of his company and realized the fact that any failure in the computer systems led to a huge...
Charles suggested that the solution to this issue is not pertaining to computer security only but is rather more related to the information security process, for which an entire risk management program needs to be executed. Charlie brought in an entire proposal plan to the CEO which was approved by their audit meeting. This led to a successful installation of information security software as well as Charlie's promotion as a Chief Information Security Officer.
Problems faced:
The SLS Company, during the attack from the worm, faced the following problems:
The breach in the information system
The Trojan and Worms had invaded the systems that were making the existing data insure
The Computers in the network started to respond slowly
Workstations' internal resources were being occupied by the worms that led to more problems
The call attendants were not able to service their clients properly
Not all calls were attended properly due to the slowness of the system
Customer Relationship Management policy through which Amy had to say the name of the caller was not being followed due to the slowness of the system
3. Statement of the Problem
The Trojans and worms that entered into the company's network were disturbing the internal processes of the entire system. The software systems that were important nodes of the business processes were badly affected due to which business policies were violated and timely service to clients was not possible. Employees were not able to perform to their complete potential because of the slowness of…
