Case analysis with references and in-text citations

Security Failures and Preventive Measures

Summary of the Case

The Sequential Label and Supply company is a manufacturer and supplier of labels as well as distributor of other stationary items used along with labels. This company is shown to be growing fast and is becoming highly dependent on IT systems to maintain their high end inventory as well as the functioning of their department.

The case started with the inception of a troubled employee who called up the helpdesk agent to resolve the issue he is facing. Likewise, other employees start calling in to launch similar complaints. Later, the technical support help desk employee, while checking her daily emails, accidentally opened an untrusted source file sent from a known work colleague. This led to a number of immediate problems in her network computer which led to her being not able to access the information over the network and the call management software that she used to work upon stopped functioning. It was then found out the other day that their office systems were hit by a worm and they had to end up restoring their entire systems for their timely retrieval.

The CEO of the company called in a meeting to discuss this issue with their CIO -- Chief Information Officer in order to brainstorm and ensure that such attacks by worms and viruses are not repeated. The CIO offered a long-term solution which included the involvement of information security in this process. Charles, the person who was called in by the CIO to discuss the avenue of information security, told the CEO that he studied the business function of his company and realized the fact that any failure in the computer systems led to a huge manufacturing and business loss. Charles suggested that the solution to this issue is not pertaining to computer security only but is rather more related to the information security process, for which an entire risk management program needs to be executed. Charlie brought in an entire proposal plan to the CEO which was approved by their audit meeting. This led to a successful installation of information security software as well as Charlie's promotion as a Chief Information Security Officer.

Problems faced:

The SLS Company, during the attack from the worm, faced the following problems:

The breach in the information system

The Trojan and Worms had invaded the systems that were making the existing data insure

The Computers in the network started to respond slowly

Workstations' internal resources were being occupied by the worms that led to more problems

The call attendants were not able to service their clients properly

Not all calls were attended properly due to the slowness of the system

Customer Relationship Management policy through which Amy had to say the name of the caller was not being followed due to the slowness of the system

3. Statement of the Problem

The Trojans and worms that entered into the company's network were disturbing the internal processes of the entire system. The software systems that were important nodes of the business processes were badly affected due to which business policies were violated and timely service to clients was not possible. Employees were not able to perform to their complete potential because of the slowness of the system and they had to wait for a long time in order for the system to process the requests and make the name appear on the screen. Important Information such as customer database and employee database was at stake because of the invasion of the viruses and worms.

4. Proposing a Solution

Apart from installation and using the latest anti-virus software it is very important for every organization to keep a close check on the security measures and standards of the company.

There should be regular information security audits within the companies so that if any worm, virus or Trojan exists in the system it can be identified and dealt properly. It is usually the case with the viruses that they only execute when they are clicked by the user. Hence, in order to prevent this measure an updated antivirus program would not allow these viruses to execute (McAdams, 2004). There are high probabilities that the Trojan and worms that entered into network were due to the mail that was clicked by Amy during her working hours. So, in order to prevent such worms to affect the system and spread into the network good malware software along with an antivruses which is updated should be installed (Chapin, 2005).

Apart from this, when the information of the company is very confidential such that it contains customer important data, it is very important that the company should install Unified Threat Management (UTMs) into the network. These devices work on the network layer that monitors the activity of the network. During any affects of viruses usually there are high packet generation into the network which these devices identify and block the traffic abruptly (Baker, 2007)).