Global Finance, Inc. is an international organization with expansions in many states. In every state, the company has a number of sites and each site has several workers and customers. Offices are interconnected to each other and to the host organization. As an international organization, Global Finance, Inc. requires a robust network that can support its daily operations, a secure network system and efficient network management strategies. Normally, network choices rely on the company budget, network coverage, and internal and external regulations. Effective network security requires constant upgrades and close monitoring to ensure possible loopholes are sealed in time.
...view middle of the document...
The expansion of Global Finance, Inc. has created openings for new threats, risks and vulnerabilities. Some of these network challenges were not envisioned during network structure development. Despite the expansion, Global Finance, Inc. has experienced any incident as per PCI DSS. However as move to maintain network security compliance, this Risk Assessment has been undertaken to limit any future network risk that might have been overlooked during network initiation and over the past risk assessments.
During the Global Finance, Inc. Risk Assessment, a number of potential network threats were found. The company has no measures to contain physical harm to computers and security measures to manage tampering from end users are minimal. Global Finance, Inc. has no continuity plans to manage in the organization, in case, the internet’s go out. Financial intuitions are vulnerable to attacks, owing to the nature of business. As a result, mitigation measures should be in place for any form of incompliance. Priority should be put in the most vulnerable places, which could harm the organization in short term. Security breach in Global Finance, Inc. might result into losses and loss of customers’ confidence. The diagram below illustrates the major risk domains in Global Finance, Inc. (Dana & Arkin, 2010).
Fig 1. Global Finance, Inc. Network Risk Domains
While several organization network system can pose risk to the organization, during this risk assessment priority was put on:
1. Un-Patched Servers.
These are servers used in the organization network. Un-Patched Servers exposed to internal servers and internet without direct connection are vulnerable points. Many companies, including Microsoft have not succeeded in managing their patches, despite their diligence in patch maintenances. Usually, patches leads to internet disruption by warms such as Code Red. The most vulnerable points are the internal servers, which do not directly connect to the internet (Acharya, Lasse, Thomas & Matthew, 2011).
2. Un-patched Client Software
Internet client applications such as Internet Explorer, Outlook and Outlook Express have many security vulnerabilities. The weaknesses can be easily exploited by Viral code or Worms. Usually, they slip through anti-virus and add their signature to anti-virus software making them difficult to identify. The solution to the problems is to update all browsing and emails with available security patch. Today, emails are widely used in work places, while at the same time they offer the greatest security threats. However, Microsoft Office XP and Microsoft Outlook offers automatic blockage to potential email threats.
3. Insecure File Sharing
Daily routines in Global Finance, Inc. include sending files, printing and making file copies with an office. Usually, this happens between or among office computers. This is essential part organization administration; however, maximum security must be taken in managing...