Page 1 of 2

Unit 1 Assignment 1 Application of Risk Management Techniques

Continues for 1 more pages »
Read full document

Unit 1 Assignment 1 Application of Risk Management Techniques

  • By
  • September 26, 2014
  • 388 Words
  • 1 View
  • Course: IS3110 Risk Management
  • School: ITT Technical Institute-Albany, AL
Page 1 of 2
1. Threats and Vulnerabilities
a. Windows Vista
b. Two large production facilities connected to headquarters via external ISP c. Sales connects with VPN thru their own internet
2. Risk management techniques
a. Mitigation – modify the technical environment and train the employees b. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk c. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk 3. Windows Vista is outdated. This company needs to update all their machines to Windows 7 or 8. There aren’t any updates coming for Windows Vista anymore therefore they are putting their company at risk everyday that they keep Vista. Also, it’s stated that the workstations connect via industry standard managed switches. This may not be a high risk but it is still a risk. The remote production facilities are connected to headquarters via routers T-1 (1.54 mbps telecomm circuit) LAN connections provided by an external ISP and share an internet connection through a firewall at headquarters. They do have firewalls in place; however there are still threats in place. Anyone could breach this firewall and use their system since it’s an external ISP. Individual sales personnel connect to the system using a VPN which is great however they have to connect using their own individual internet connection typically in a home office. This puts them and the company at risk because again anyone could breach this internet connection. There needs to be multiple layers of security and firewalls protecting the information. 4. To prevent risk or threats of any kind you must safeguard all information stored on the database server. Employees have private information regarding business and customers stored on the database server and the loss or accidental leak of data could be a major hit to the company. This is why it is so important to use the risk management techniques of avoidance, transfer, and...
1. Threats and Vulnerabilities
a. Windows Vista
b. Two large production facilities connected to headquarters via external ISP
c. Sales connects with VPN thru their own internet
2. Risk management techniques
a. Mitigation – modify the technical environment and train the employees
b. Avoidance – eliminating the source of the risk and eliminating the exposure of
assets to the risk
c. Avoidance – eliminating the source of the risk and eliminating the exposure of
assets to the risk
3. Windows Vista is outdated. This company needs to update all their machines to Windows
7 or 8. There aren’t any updates coming for Windows Vista anymore therefore they are
putting their company at risk everyday that they keep Vista. Also, it’s stated that the
workstations connect via industry standard managed switches. This may not be a high
risk but it is still a risk.
The remote production facilities are connected to headquarters via routers T-1 (1.54 mbps
telecomm circuit) LAN connections provided by an external ISP and share an internet
connection through a firewall at headquarters. They do have firewalls in place; however
there are still threats in place. Anyone could breach this firewall and use their system
since it’s an external ISP.
Individual sales personnel connect to the system using a VPN which is great however
they have to connect using their own individual internet connection typically in a home
office. This puts them and the company at risk because again anyone could breach this
internet connection. There needs to be multiple layers of security and firewalls protecting
the information.
4. To prevent risk or threats of any kind you must safeguard all information stored on the
database server. Employees have private information regarding business and customers
stored on the database server and the loss or accidental leak of data could be a major hit