Aircraft Solutions: Security Assessment and Recommendations
Essay by juvinchima • November 24, 2012 • Case Study • 2,565 Words (11 Pages) • 2,931 Views
Essay Preview: Aircraft Solutions: Security Assessment and Recommendations
Aircraft Solutions
Aircraft Solutions: Security Assessment and Recommendations
Phase I and Phase II
Table of Contents
Executive Summary 3
Company Overview 3
Security Vulnerabilities 4
A Software Data Loss/Data Leak 4
A Hardware Firewall 5
Recommended Solutions 7
A Software Example Solution 7
A Hardware Example Solution 8
Impact on Business Processes 9
Summary 10
Appendix 11
References 17
Executive Summary
Aircraft Solutions is aircraft Design Company that allows internal and external users to access its system. As a result of this, the company has made itself vulnerability to certain threats.
This paper identifies two vulnerabilities. One is the threat of data loss or data leak. The other is intrusion by way of the internet firewall. Based on the known vulnerabilities, it was recommended that the Check Point Software Blade application is used to prevent the data loss and the Check Point Power-1 appliance be used to address the firewall vulnerability.
Company Overview
Aircraft Solutions (AS) design and fabricate component products and services for companies in the electronics, commercial defense, and aerospace industry. The mission of AS is to provide the customer success through machined products and related services, and to meet cost, quality, and scheduled requirements.
Aircraft Solution uses Business Process Management (BPM) to handle end to end processes that span multiple systems and organizations. BPM system is designed to connect customers, vendors, and suppliers to share information and maintain timely business dialogue. The system is capable of handling multiple projects simultaneously across every department of the company. It is set up to manage all aspects of business operations, including accounting, human resources, sales and marketing and compliance activities concurrently.
The system administrators are responsible for selecting and installing hardware, software and related upgrades, implementing information security measures, and maintaining support to ensure the manufacturing execution system is working properly. The users at AS are employees, suppliers, and contractors who need to access the company network. System access by users at different levels of the network is set strictly on need to know basis.
The current security controls include independent anti-virus software on every workstation and server; host-based intrusion detection systems on the servers in the corporate office. Security policy requires that all firewalls and router rule sets are evaluated every two years and that all servers are backed up to network attached storage devices maintained at the server location.
Company's Assets
The assets for AS are the Business Process Management, BPM, system and the servers used to store customer data such as project information, computer aided design and development models, and intellectual properties.
Security Vulnerability
Software
The software vulnerabilities at Aircraft Solutions range from the risk of industrial espionage to malicious hacking and other external threats. Because internal and external users have access to the system, ssecurity can be compromised by hardware and software malpractice, human error, and faulty operating environments. The consequences of a successful deliberate or inadvertent misuse of a computer system in the aviation industry range from loss of confidentiality to loss of system integrity, which may lead to more serious concerns such as data theft or loss, and network outages.
Although several vulnerabilities exist within Aircraft Solutions, this paper will focus on the software vulnerability such as data theft or loss from software corruption and viruses. Software corruption, which might include damage, caused by a software diagnostic program, accounts for 13 percent of data loss incidents. Computer viruses including boot sector and file infecting viruses account for 6 percent of data loss episodes. An episode of severe data loss will result in one of two outcomes: either the data are recoverable with the assistance of a technical support person, or the data are permanently lost and must be rekeyed. A calculation of the average cost of each data loss incident must take into account both possibilities. The ability to recover data depends on the cause of the data loss episode (Smith, 2003).
Because Aircraft Solutions has valuable intellectual property, the cost of data loss can be astronomical. In fact, 17 percent of data loss incidents cannot be retrieved. It is worth noting that the value of the lost data varies widely depending on the incident and, most critically, on the amount of data lost. Should AS experience a data loss, it may take hundreds of man-hours over several weeks to recover and reconstruct. Such prolonged effort could cost a company thousands, even potentially millions, of dollars. Although it is difficult to precisely measure the intrinsic value of data, and the value of different types of data varies, several sources in the computer literature suggest that the value of 100 megabytes of data is valued at approximately $1 million, translating to $10,000 for each MB of lost data (Smith, 2003). The National Archives and Records report that 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. 50% of businesses that found themselves without data management for this same time period filed for bankruptcy immediately (Global, 2011).
Hardware
The second vulnerability that exists within the Aircraft Solutions infrastructure is firewall or routers. One such vulnerability is social engineering. Social engineering is when someone tries to gain access through social means by pretending to be a legitimate system user or administrator; thereby, tricking people into revealing secrets (Wikipedia, 2011). Industry analysts have estimated that over 90% of all computers connected to the Internet are infected with spyware. Knowing this information, the firewall within AS environment should provide the highest possible level of service while remaining cost-effective. However; failure
...
...