Identify what you consider to be potential security threats


Assignment

The EOS Project will require the student to write a research paper not to exceed 3000 words. All references must be from authentic, established and reliable sources (sites like Wikipedia will not be accepted). This assignment must contain a minimum of 8 resources. When selecting credible sources to use in your research documentation, peer-reviewed journals, governmental publications and newspapers/magazines tend to be the best places to begin. Submitted document must be in MS Word format (.doc or .docx).

Your paper must address the following scenario:

• You are the newly hired Network Security Administrator for UMESCo, a financial consulting company. This company has seven branch offices around the country, connecting to the primary office over L2TP/IPSEC VPN tunnels. There are one hundred employees at the main office, and an average of 25 at each remote office. All employees have access to FinanceWare, the antiquated and proprietary financial ERP system used by your company, via the SSH-based client installed locally on their Windows 8.1 desktops, running in a server/client environment. The system is maintained by the IT Department, and all IT personnel are located full-time at the main office where the FinanceWare system is housed.

• Recently, several of the senior staff have asked to access FinanceWare from their mobile devices or web browsers when on the road, or meeting with clients. The software is old, and does not have any sort of web or mobile interface whatsoever. The back-end product is a Microsoft SQL database, and the front end client application is unable to be modified. The Chief Information Officer (CIO) has stated that his Network and System Engineers will be making changes to the firewall to publish the FinanceWare system to an external public IP address, allowing any mobile or web-enabled devices with Internet access to log in from anywhere. Due to the age of FinanceWare, a custom interface will need to be created by a 3rd party vendor, as there are no on-staff software engineers at UMESCo and the software version owned does not support a user interface for mobile clients. The vendor has stated that they will need administrative access to the Application server in order to set up Microsoft IIS and configure the web server functionality to work with their newly-created web app that interfaces directly with the SQL database on the local server. The vendor has stated that their software will be Javascript based, heavy with SQL statements and use custom views for the security groups set up in SQL as the means of security. Note that the SQL based access will allow the users to have the same rights in the field that they have in the office based on their user login (read only or read/write).

• The CIO has asked you to prepare a report for him detailing what you consider to be potential security vulnerabilities with his new plan. You must:

o Identify what you consider to be potential security threats in the scenario above.

o Develop a plan that, by using the methods, tools and ideals covered in this course, integrates effective security and protection against the potential threats you have identified.

o Prepare a succinct report to the CIO of UMESCo, Mr. Smith, detailing your identification of the threats, your plan to address them, and the desired results of your plan. Make sure to include an executive summary instead of an abstract since it is a business document.

Format your assignment according to the following formatting requirements:

1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.

2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.

3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.

Solution Preview :

Prepared by a verified Expert
Project Management: Identify what you consider to be potential security threats
Reference No:- TGS02955734

Now Priced at $60 (50% Discount)

Recommended (92%)

Rated (4.4/5)

2015 ©TutorsGlobe All rights reserved. TutorsGlobe Rated 4.8/5 based on 34139 reviews.