Corporation Tech Essay Example for Free

Corporation Tech EssayCorporation Tech will face more security guesss with their current interlock. The drug user domain is the single most vulnerable part of any network and as much(prenominal) poses the most obvious security risk. To mitigate risks involving the users is to implement policies and training to educate the user on proper use and security outmatch practices. By educating the user on security practices such as secure passwords, safe web surfing, and securing their workstations, many potential attacks can be avoided. Policies and training atomic number 18 also necessary because they can be used as evidence when taking administrative carry through against a user or intruder in the crimsont the system or data teaching is compromised. Laptops and workstations have their own set of security risks associated with them. They be vulnerable to being compromised by malware, spyware, or even hackers that take advantage of certain exploits. Laptops, workstations and mobile devices are susceptible to malicious software attacks, theft or loss. Viruses and malware can affect these devices and are usually acquired through contaminated email attachments and hyperlinks that redirect the user to employ web sites or are transferred through USB storage devices.Viruses and malware can also be acquired by downloading infected files or programs that are designed by hackers. Because of the need to protect systems against threats, all workstations and laptops should be secured with antivirus and firewall software and updated and join on a regular basis to fix vulnerabilities with the software that hackers may exploit. Since the laptops are mobile by nature they are at risk of being stolen along with all of the data saved on their hard drives. The best security method for this would be to encrypt the hard drives on the laptops and where feasible lonesome(prenominal) store sensitive data on corporate servers and allow authorized userremote memory access to the data via SSHVPN sessions.Physical security or lack thereof also poses a huge risk if an attacker has physical access to your equipment they do not actually need your log in enfranchisement to access data. Attackers could boot your systems up on a live CD and compromise your information without going away any trace in the logs other than a restart. Even if an attacker has a narrow window for physical access to your systems, they can steal the hardware and gain access to the data from it at their convenience. unafraid all removable equipment is locked storage locations with security controls such as cameras and biometric access devices.Distri moreovered Denial of Service (DDOS) attacks are a major concern when it comes to the companys servers this is done when a botnet sends an overwhelming amount of requests to the servers until they closed(a) down. The best method to deal with this is to install security hardware or software that can watch these kinds of attacks as they ar e beginning to take place and filter that traffic out. The hardware is often very(prenominal) effective but also can be very expensive which can be a whole different issue but if you have the funding available I would recommend purchase the hardware.SQL injections are one of the most common attacks on web based applications, these attacks occur when an attacker inserts a SQL statement that is not authorized through a SQL data channel such as the login screen. This best way to mitigate this risk is to implement string flecking for special SQL characters or install software to check the web application for injection vulnerabilities. The software may cost a little money but it will help to prevent unauthorized access to information in your database.