Principles of Information Security and Privacy
Phase II Course Project
Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base: design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. The company strategy is to offer low-cost design and computer-aided modeling packages to customers to reduce their development expenses. AS will help the customer through all phases of new product deployment, from initial prototypes through final large-volume production and assembly. By involving itself in all phases of customer product development, AS hopes to establish long-term relationships and secure repeated follow-on business with its customers. In addition, AS continues to invest heavily in workforce education and training, so as to improve capability to serve its customers. Security Vulnerabilities
Overall the network has solid hardware firewall protection at every public network connection but one. The Commercial Division(CD) in Chula Vista, CA does not have a hardware firewall protection, it is connected directly to the public internet. The CD is directly connected to the headquarters in San Diego which contains the IT, Finance and S&M servers. These servers are vulnerable to attack since there is not a firewall in place to prevent an intrusion.
A perpetrator could infiltrate these servers and gain access to vital company information without much effort. A worst case scenario would be all of the clients information could be accessed by an outside entity. The information could be sold to competing companies and give them an advantage over Aircraft Solutions.
According to definition from Encyclopedia Britannica Academic Edition, "a firewall type of system used to monitor connections between computer networks. One of the earliest responses to malicious activity perpetrated through the Internet, firewalls became a standard part of corporate, governmental, and personal networks." The most common use of a firewall is to protect a private network from a public network such as the internet. Seemingly insignificant paths to and from the internet can provide unprotected paths into vital systems. Firewalls are a vital protection piece for any computer network. Top choice reviews states, "If you plan to access the internet without a firewall, it is like putting your hand in a beehive. The risk of you being stung are high, and it is the same risk for your computer to be hacked. Without a firewall your ports will be opened, and make it vulnerable for hackers."
Firewalls can also be used to separate a sensitive area of private network from less-sensitive areas. Firewalls can also offer other functions as well, such as a Network Address Translator(NAT). Without NAT, any host on the internal network that needs to send or receive data through the firewall need a registered IP address. Although such environments exist, most people have to settle for using a private address range on the internal network. Therefore they rely on the firewall system to translate the outgoing request into an applicable public network address.
Another security vulnerability is the interval at which firewalls and router rule sets are evaluated. Currently the interval is two years which is too long of an interval to evaluate rule sets. The computer world...