Application firewalls in a defence-in-depth design

Because of the reliance of organizations on application systems and networking topologies, technological improvements have improved organizational communication networks globally. One of the largest security risks that primarily targets distributed network systems is social engineering. Wide Area Networking, the internet, intranets, email, extranets, and microcomputer-based networks all provide different security exposure risks to business resources. In order to guarantee security solutions plans, this study intends to address the many security exposure threats and the best recommendations that top management, system audit personnel, and technological teams may put into practice. The monitoring of intricate dispersed network systems can be made possible by the implementation of security policies. For the purpose of this paper, composite security plans is defined as the potential vulnerabilities that are associated with email communication medium, physical security, acceptable use and incident response (Oh, 2016)..

Email communications

Email is the most widely communication methods that is used for internal organizational communications and external use. However it is neither the most reliable nor the safest as they are transmitted over untrustworthy networks that also happen to be beyond the organizational security boundaries. Lack of appropriate security plan of securing email communications mean that they are susceptible to being read, copied or even altered. The biggest threat to the security of any computer system is the users of the system. Malicious attackers use different strategies including the embedment of malicious links in emails and luring of the unsuspecting users to click on the malicious mail. The process of protecting the mail communication channels involves two parts. The first part involves the development of an email security approach that depends on the technological administrators and the second part involves the installation of an email security software to be used for detection and protection against unsolicited programs. A good defense strategy is useless without the proper education of the user on the social engineering exploits and how to avoid them. Development of a security policy should include information on;

Warning against the opening of unsolicited emails form suspicious mails.

Avoidance of transacting confidential information via the email no matter how legitimate the reason may seem.

Confidentiality of the users’ login in credentials with the option of regular updating/changing of the passwords.

Distinguishing personal emails from official organizational mail to reduce the risk of email security exploitation.

Physical security

In ensuring the security of all network resources it only seems logical to start with implementing of a physical security plan to limit unauthorized access to sensitive information that is confidential. Amongst the biggest threats to the network resources include burglary, natural calamities, vandalism, artificial fiascoes and a wide range of unintentional harm (increased temperatures, electrical surges or even the spilling of foodstuffs on the machine). The physical security measures do not in any way protect the data framework however its an imperative section of any security plan and all the endeavors associated to it. The absence of a comprehensive physical security plan threatens the other security models. According to Moore’s law, the growth of computing systems is so fast, and the information stored in any system is subject to different technological advancements. This implies that the stored patient records have a long lifespan that may be faced with technological advancements and to avoid the risk of technology becoming obsolete, there should be a continuous update on the database platforms upon which data is stored (Oh, 2016).. There is the probability of support discontinuing support to some old platforms hence presenting a lot of security risks. Patient records lifespan can be as long as the patient’s lifespan patient hence the need to update both the hardware and software systems to preserve the privacy of the patient records stored.

Cyber-crimes that include social engineering, are so difficult to defend against because of nature through which they occur. As a result, the mechanisms to prevent the happenings of such crimes have to be top notch with compromise since it takes the very least of mistakes for the unauthorized access to be successful. The measure of the cyber security should ensure that it does not become limiting in preventing people from performing their duties. The economic value of computer security methodologies should make sure that it contributes to the overall utility in the pleasure of users and their satisfaction. There should be similar considerations of interests between the professional security efforts and the privacy of users.

Employees

Lots of the employee’s employment information was also breached although its effect is not as worse as the violation of patient information. However, this presents a lot of challenges in improving the employer-employee trust issues with private information. These can lead to patients/customers to change their health care providers in fear of their privacy.

The public

The modern society holds privacy in high regard hence medical records confidentiality include the most intimate information surrounding the individual’s life which should be protected at all costs. The long-term impacts include the tarnishing of the public image of the healthcare facility (Oh, 2016).

Stockholders

The first step is informing of all the stakeholders of the breach and the current risk on their end. This is so as to reduce the impact of the leaked information by changing the vulnerable information systems and be able to monitor for any suspicious activity on their end. Long-term impact includes withdrawal of monetary support as the risk associated with it outweighs the benefits.

Is this impact financial, reputational/trust, inconvenience?

Financial: despite the fact that Organization might provide the best services, people will be afraid to make payments especially in the electronic manner as this presents the risk of somebody stealing their credit information and money.

Trust: patients should entirely be confident on the accessibility to the confidential information they provide otherwise patients may withhold sensitive information that they may feel could hurt them if it were revealed. This has adverse challenges as the doctor won’t be in the best position to help their patient if they withhold some information from them.

Perimeter testing involves examining of intrusion detection and prevention systems full network scanning, firewall testing and use of the honeypot deployment techniques and testing. To better test your network you should first look at the system in the same way attackers by performing a penetration test. A parameter scan can help determine the operating system and edge devices’ levels, visibility of the devices that are accessible to the outside network. An evaluation of the transport layer and secure sockets layers for security certificate vulnerabilities (Potter, 2013).

The perimeter results presented a lot of hole in the security system. In fact, the security levels of the corporation were next to non-existent. The fact that they didn’t have any a network infrastructure before makes it difficult to analyze the state of security of the networking resources To ensure that we employ in-depth defenses strategies we first need to evaluate and correct all devices within the network and create a multi-layered approach to security. Serious issues that can result in the breach of safety come from inside the network not outside. A city network hence needs to internal perimeter creation and strict data flow control. Defense-in-depth seeks to establish who is on the network and the type of resources they are authorized to use. Integrity is another important aspect of security as it guarantees the availability of resources at all times and ability to identify and mitigate threats (Potter, 2013). Most of all a secure network should ensure that network traffic can’t be accessible to unauthorized users.

The developments in technology have presented lots of ethical issues in the use of computer resources. Lots of resources have been dedicated to ensuring the network resources are protected against misuse. Governmental regulations have also been developed to ensure ethical use of computers to benefit organizations. Human beings have been identified as the biggest threats as they present the greatest threats. Due to this security professional are tasked with the responsibility to enhance the cyber-security of computer resources. Despite their efforts of protecting against misuse and misappropriating resources, the technology professional are faced with the challenge of ensuring that the privacy of users is not violated.

Firewalls

Although a standard perimeter device the city network needs to install a firewall that could protect the system against external probes like viruses, worms, and hackers. Considering that the internal network directly connected to the internet, the firewall can offer protection by monitoring all the network traffic. The firewall if well configured has the capability of identifying and blocking any unwanted traffic.

Installation of both the client and appliance firewalls is critical to the security of the systems. The client firewall exists in the computers itself whereas the appliance firewall lies in between the internet and your computer. While firewalls are a great tool in computer security, an addition of an antivirus will help offer a protective solution to personal files.

Security policies

Security policies are aimed to explain the importance of computer security to employees, justification of why they should obey predefined rules and regulations in the workplace. The people who use the system of equipment present the highest risk to the computer risk as they are responsible for interactions with the system. Drafting of security policies needs the involvement of all the stakeholders from management, a representative of the employees and a legal team that will ensure that in the implementation of policies no legal issues arise i.e. violation of privacy of the employees.

The security policies seek to address issues like physical accessibility to resources to prevent modification of hardware. The communication process for reporting hardware and software problems and understand the reasoning behind it. The network users should be educated on password implementation involving a change of password after some times and a combination of letters (uppercase and lowercase) and symbols to avoid simple password that can be guessed.

The security policies should provide a way of separating your network into private and public zones of information. This is to ensure that the public servers do not compromise the private servers and lead to their exploitation. Private data should not have any accessibility to the internet. The mail server should not act as a public NFuse front end to the internal Citrix server as this makes it vulnerable to exploitation.

Defense-in-Depth

There is the need for securing network operations in the ICT systems. However, as increased reliance on such systems goes on, as entities struggle for higher efficiency through sharing of resources, and new generation of intruders grows in number and increases their technological tools, network security of organizations becomes even more important than ever. Large investments in terms of resources, time, and attention required in maintaining and implementing an active security system have never been more important and challenging.

In ensuring an effective and enduring network security capability, organizations should consider;

• considering the effectiveness of data protection required, this is based on the value of the information to the running of the organization and the impact that loss of the data would have on the organization. Security decisions should be reached through risk analysis in relation to the organization’s objectives.

• Establishing a program of educating, training, and creating awareness.

• Using available off-the-shelf commercial products and at the same time relying on in-house development for items that require customization.

• Planning and executing a continuous migration approach to evolving technological needs

• Adherence to principles of standardization, commonality, procedures, interoperability and policy statements.

• Use of emerging technologies in balancing enhanced capabilities with an increased risk.

• Using different means of threat mitigation, in so doing, failure of a single component does not affect the overall performance of the information infrastructure.

• Monitoring threats and fixing of errors hence ensuring that the security mechanisms that are interoperable, keep constant analysis on the security network and devices, upgrading tools and techniques, and efficiently dealing with issues.

• Using established procedures in reporting of incident provided by intrusion detection systems to authorities and response centers.

Ideally, the risk is technical since it has an adverse impact on technological aspects of the suppliers’ software system. The result will be on the functionality of the software and that adversely hurt key instance of the premise. It is evident that the proposed risk might conquest due to the availability of risk mitigation approaches. Therefore, the existence of different methods in the process will play a fundamental role in mitigating key instances of the risk and providing the best approach that will ensure the ultimate success of the implementation process.

It is evident that organization lacks the most sophisticated approach that will enable it to handle the number of security concerns that are likely to result in the failure of key departments within the premise. There is need to have these processes in place to protect their information. That is key since it will prevent any malicious activity that might hurt the success of key departments within the industry. The ability of less sophisticated system is a leeway for the attackers who are likely to sabotage the existing network resources. Cyber security is sensitive, and companies must employ both the logical as well as physical protective methods to ensure the confidentiality as well as the integrity of most of their information. The company lacks the integration of key approaches such as antivirus, firewalls among other logical measures that will ensure the success of the entire process. Again, the company does not have a suitable asset tracking as well as a management system and that makes it difficult to have control on the primary instances within the premise.

The companies should together develop a comprehensive strategy for evaluating and testing procedures by use of a complete catalog. After the testing, the security should be implemented on end devices. Instead of fighting change, companies and individuals should be adaptive in skill and knowledge acquiring with emphasis of refining skills in line with the changing technological trends. The companies have a responsibility of ensuring that the employee’s future is secured through training and skill enhancement to ensure better preparations strategies that involve incorporating people and automated machines to achieve higher efficiency rather than replacing the human workforce.

Cyber-crimes have continued to adapt to development cyber security measures. Given that most of the cybercrimes happen without the knowledge of the users, it is essential that the government and business owners educate their people on ways cyber-crimes can occur as well as the right measures to use to curb the happenings. New methods of cyber security should as well be shared in all public forums so as to make the job of the malicious cyber criminals significantly tougher which will discourage upcoming cyber criminals from the act.

References

Byrne, P. (2012). Application firewalls in a defence-in-depth design. Network Security, 2006(9), 9-11.

Chaudhury, A., & Kuilboer, J. P. (2011). E-business and E-commerce Infrastructure: Technologies Supporting the E-business Initiative. McGraw-Hill Higher Education.

Delone, W. H., & Mclean, E. R. (2014). Measuring e-commerce success: Applying the DeLone & McLean information systems success model. International Journal o

Ghosh, A. K. (2008). E-commerce security: weak links, best defenses. Wiley.

Laudon, K. C., & Laudon, J. P. (2004). Management information systems: Managing the digital firm. New Jersey, 8.

Laudon, K. C., & Traver, C. (2016). E-Commerce 2016: Business, Technology, Society. Pearson Higher Ed.

Potter, B. (2013). Software & network security. Network Security, 2004(10), 4-5.