Question

IT Subject - System Security.

Question 3

Most of the current organizations are relying on IT services to process their daily operational and business processes. However, on the other hand, some of these organizations do not fully enjoy the benefit of these IT services as intended. To a great extent, this is dependent on the availability of the services uninterrupted. The degree of availability defers from company to company. The degree of availability is normally higher and commonly found among MNC companies. On the other hand, SMEs will normally have a lower degree of availability for the users of these IT services.

Based on a particular SME/MNC company provide your answer for the followings:

(a) Elaborate in detail possible factors for 5 different types of service interruption that could occurred due to security breach in your choice of company. [10 Marks]

(b) You should provide possible solution to avoid the security breach of these 5 factors that would overcome the service interruption. [15 Marks]

Answer 1



A security breach means gaining Unauthorized access to computer system of others. Breaches may involve corruption of data, theft of data, etc.These are the types of service interruptions that could occur due to a security breach in an organization are:

1. Change in the system : System provide services to the organisation by use of method call in systemized manner.

System may behave in different way when attackers breach security in organisation.

2. Blocking user's account:- Attacker's may block your personal account from business. Due to this, you can't serve your work to Organisation.

3.Sending anomalies in network traffic : Attacker's may send anomalies in the network to slow down the downloading and uploading process. Uploading and downloading process is very important because sharing of information and storing is integral process of organisation. This service may stop when system is breached by the attackers.

4.Immoderate utilization of memory: Sudden increase in memory of hard disk or server memory indicates that security breach is done. It is possible by the attackers that they can block memory utilization. When memory is blocked no one can upload and download files to the server or to the hard disk.

5.Unusual browsing behavior : Attacker's may redirect you from one page to another page, once your device is breached. In this way they can't let you provide services to the organisation.

The main factors for these types of service interruptions due to security breach are:

1. Revenue Loss:- Loss in revenue is very common after security breach. Loss in data is directly proportional to the revenue of firm. The most important thing in organisation is data.

2. Loss of the design, blueprint and strategies: In some cases, hackers will also target designs, strategies, and blueprints.Losing intellectual property can impact the competitiveness of your business. Some rivals would not hesitate to take advantage of stolen information.

3. Change in the website content:- Once your device is breached. Attacker's may change the content your website. In this way you will serve to the organisation with wrong data.

4. Damage to Brand Reputation:- Once people will know that data breach is done to your organisation then, people will not purchase share stock of your organisation. They will start jump away from your organisation. Your organisation will loose brand reputation.

5. Hidden Costs:-Attacker's might play with your hidden cost information of the firm .

For instance, legal fees may come into play. Also, you may need to spend more on PR and investigations, not to mention insurance premium hikes.

Solution to avoid security breaches for the given factors are:

1. Update software on regular basis.

   Updating the software on regular basis will help you to prevent from security breach. Updating the software provides extra facility and security.

2.Use the cloud:

Use of cloud is safe now days. Sending data over cloud can prevent you from data breach. Cloud servers use various advanced encryption algorithms Which protects your data from attackers.

3. Train your employees:-

Provide extra training to your employees so that they can use organizational data safely.

4. Limit access to your most valuable data:

    Adding administrative privilege to most valuable data will provide extra security to the information. Restrictions are applied to data on the basis of category of employees. A sales department employee cannot access IT department data.

5. Bind employees to use organizational devices:-

Organisation shouldn't allow any other device in their campuses. Organisation knows that using their devices are safe. But it's not possible to safe each employee device. Employee may also breach data from their device.

Don't forget to like.

thanks by heart.