Network Security and Security

Network Security Systems for Accounting Firm

Vulnerabilities Assessment

In the contemporary IT environment, the implementation of the IT tools has become an effective strategy that organizations employ to achieve competitive market advantages. In other words, the IT tools have become an effective strategy that organizations can employ to be ahead of competitors, and be first in the market. One of the crucial features of the information systems is the network connectivity that involves connecting global computer resources, which assist in enhancing effective communication systems. Thus, the network connectivity will improve the communication system for our accounting firm assisting our organization to serve the customer better.

Despite benefits that network connectivity will provide to our organization, the network connectivity is associated with inherent risks and vulnerabilities. Typically, the network systems face different vulnerabilities that include virus attacks, electronic fraud, attacks from malware, Dos attacks and electronic eavesdropping. Since our organization will depend on the network system to transfer sensitive data across the network systems, the attackers can take the advantage of the network connectivity to steal the data creating the problems for our company. Moreover, the attacker can use the malicious software to get access into our system and cause immense damage. Malicious software refers to software inserted to the system to carry out the harmful purpose. A virus is an example of malicious software that can be used to infect the systems and having the ability to modify themselves. A worm is another example of malicious software having ability to perform unwanted functions. (Oliveira, Laranjeiro, & Vieira, 2015).

Our system also faces the risks of the Dos (denial of service) and DDoS (distributed denial of service) attacks with the goal of making the network resources non-available to the legitimate users. (Soryal, & Saadawi, 2014).The attackers will be able to achieve their goals by sending the useless packets to overload the machine thus preventing the users from achieving their legitimate objectives. The malware is one of the strategies that the attackers use to flood the network system with useless packets. After the malware is installed in the system, the attackers will use the malware to scan the system to identify the vulnerabilities before launching the attacks. (Black, Fong, Okun, et al.2007).

The attackers can also gain access to our system if the firewall is misconfigured. The attackers can penetrate into our network systems through this loophole. Additional methods that can cause vulnerabilities in our systems are through:

• Misconfigured software or hardware

• Inherent technology weaknesses

• Poor network design

• End-user carelessness

• Action from disgruntled employees.

We can face different problems if we fail to address these vulnerabilities. For example, we could lose a lot of financial resources if we fail to secure our systems. For example, an attacker can take the advantage of the vulnerabilities to steal sensitive data from our system. An attacker can steal our IT (intellectual property) and sell it on the open market making our company lose a large amount of money put in the investment. A reputation loss is another problem that we can face if we fail to secure our system. This issue can lead to a market loss consequently leading to a loss of competitive market disadvantages. We can also face legal problem from the clients if we fail to secure their data.

Attackers can also modify some of our data making them non-useful to the legitimate users. If we allow our data to be modified because of lack of protection, we will face a risk of making wrong business decisions that can lower our profitability. Another security threat against our system is the natural disaster that includes tornado, fire, flood, earthquake, landslide, volcanic eruption, and other natural disasters. These type of threats cannot be stopped because they are natural occurrences. If we fail to implement a plan to protect our business from natural disasters, our business can stand still due to the loss of data. Given different types of vulnerabilities that our company can face with the network system, it is critical to secure our network systems to prevent our company becoming a victim of attackers. The next section discusses different strategies that can be employed to protect our network systems.

Network System Security Recommendations

The network security is essential to enhance confidentiality, integrity and authenticity of our systems, and the goal of the network security is to protect the asset. Stallings (2013) defines network security as

"the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications)."( Stallings, 2013 9).

Different strategies should be employed to protect our system. The study recommends the installation of the firewall to protect the system from unwanted traffic. The firewall will assist our company to block unwanted traffic from our system. The firewall will be used to prevent the Dos or DDoS attacks that can make our system receiving irrelevant packets. We can configure our firewall to block IP address from the countries that attack companies in the United States. For example, our company needs to install the packet-filtering firewalls to filter unwanted packets from our systems. Moreover, we need to manage our switch to enhance a greater control of the data that travel over the network system. For example, we should use the SNMP (Simple Network Management Protocol) to monitor our network devices. The SNMP will assist our company to determine the health of our network system.

The additional security system is to encrypt all our data from unauthorized access. The encryption is the network security system that converts all the plain texts into the ciphertexts to make them unreadable by an unauthorized individual. Since we will be transmitting data over the network system, we are obliged to protect the data through encryption.

The study also recommends integration of authentication in the network system to assure the authenticity of the communication. We can implement authentication system through the access control that allows the users to supply the username and passwords before allowed to get access to the network system. The study also suggests the installation of the IDS (intrusion detection system) detect unwanted traffics in the system. Moreover, the IPS (intrusion prevention system) will assist in preventing suspicious traffic from the system. The IDS should be installed along the firewall to detect and block malicious activities from our systems.

The network security systems discussed earlier on are against the man-made attacks, however, our company should also provide security against natural disaster. The backup is an effective security system against the damage caused by the natural disasters. The backup system involves copying all our data into separate files and keep them in a remote location. The study suggests storing our non-confidential data in the cloud, and store confidential data in the removable disks and store them in a distance location to assist the company getting access to the data in case of an accidental loss of the data. (Mell, & Grance, 2011).

Application/End-User Security Recommendations

Employees are the end users of the company network system. No matter how secure a system may be, employees need to be trained to make them understanding method to manage the network resources. Thus, we are required to organize an effective training program for our employees so that they will understand our security policy since they are the people who will be in charge of the company hardware and software. Thus, we need to implement the following end users training program for our employees: