The video game industry forms a significant part of the leading companies worldwide currently. The huge diffusion of the internet and associated information technologies over the recent years has raised the need of increased security. Advancement in technology consequently leads to the advancement of video games as well as associated security risks. Some of the common threats and vulnerabilities involving this industry include: misuse by human, hacking, fraud, virus attacks, among others. Such factors can facilitate adversities such as information loss and alteration, and unauthorized access. This paper identifies and assesses potential threats, malicious attacks, and vulnerabilities expected by the organization. It also gives the control procedures to mitigate the mentioned risks and vulnerabilities.
The Threats and Vulnerabilities
There are a number of dominant security threats involving technology and information that affect the organization. Such threats poise a serious disruption to the business continuity planning (BCP) cycle of the video game organization. These threats include system failure, network failure, virus attack, fraud, hacking, fabrication, and theft.
Enterprise Systems Security Weaknesses
The biggest enterprise weakness presents itself through acquisition processes. Acquisitions are a vital step in expanding a company's size, particularly, the video game company. Progressive involvement in acquisitions by the company can and does pave way for potential security weaknesses (Rahman and Morh 2011). The actual acquisition process involves the integration of many different systems, a process that could create possible, inherent security risks. There is the risk of providing too much access, blocking of valid network traffic or mistrust towards the domains might evolve. This process also could have the organization integrate with systems with unknown risks. The video game industry constitutes of programs with potential security risk s. As leverage to this factor is by use of common programs (e.g. Microsoft Office, Adobe Reader, and Quick Time). These programs act as a vector for infecting computers with internet access; hackers acquire information by using such infection vectors. Another security risk comes with the coding language that the video game organization uses to generate its products. All programming languages contain threats and vulnerabilities; the mode of writing the language influences such threats and vulnerabilities.
Potential Risks and Vulnerabilities on the Network
The video game organization runs a wide variety of networking devices manufactured from different sources. The networks usually comprise of the Local Area Network and the Wide Area Network used to interconnect the company's facilities. These interconnections create security risks whether properly or poorly done. Connection of the organization's WAN to the internet compromises the information that traverses the network prior to ignoring proper security procedures. The absence of safeguards e.g. firewalls, proper configurations and the intrusion detection system increase cases of unauthorized access. The organization should use proper configurations to prevent unauthorized access. Firewalls and other intrusion detection systems should also be employed.
System Software Risks
The video game company employs a wide variety of software and hardware components in running its operations. The use of common operating systems and server systems by the organization poses a serious security risk. Programming languages used in the video game creation process have security risks that they consequently integrate to some of the generated programs. Utilization of these programs creates risks within the enterprise. The organization throughout uses websites over the internet; web sites provide hackers with a weak access point to the organization's information. The hackers access the website to acquire personal information and credit card information that might be used to alter or destroy the databases. In order to prevent hacking, the organization should ensure the installation of security software called firewall, which blocks unauthorized entries. Storing backup information is also a vital strategy in case the attackers alter or destroy the data. Virus attack is another software threat, which involves the use of malicious software that compromise account information (account name and passwords) in the organization's network. This leads to fraudulent activities putting the electronically controlled businesses process at high risk. The organization can avert virus attacks is by employing the use of trusted antivirus software to block virus software. It is necessary to train the employees (programmers) on how to use the programming languages. This will reduce the creation of risks by the programs developed by…