IT and HR Department Case Study and Analysis

Based on my observation security at Cenartech is high risk. I base this off of the security practices that are in place. What companies fail to realize is you can protect your network technically but you also have to protect the network physical. There are firewalls in place to protect the network from the outside but no policy to protect the network from the inside. “A security policy is a document that defines the scope of security needed by the organization and discusses the assets that need protection and the extent to which security solution should go to provide the necessary protection.”

Although the company IT structure is solid, most of it was created by out consultants and the IT department did not have any leadership that was IT smart. The IT department was ran by the Director of Finance. Cenartech has already been establish for a few years before Brian the IT manager came on board. There was no Standard Operating Procedures. “Procedures are the final element of the formalized security policy structure.

” (Stewart and Chapple and Gibson, 2012, p221) Within a year of being at the company he wrote a draft outlining duties and responsibilities for each staff member. Since his IT department was small he gave each staff member some security responsibilities. His staff members did not have any experience looking at security logs. Any time he had the chance he would train them. He knew the importance of looking at the logs regularly and maintaining Audit Trails. Audit trails are a set of records or events that record activity on a system.

As Brian was viewing the logs he found that there were repeated failed log-in attempts on a few different accounts, but not enough to cause a lockout. But there were too many to failed log-in attempts to just ignore. He also found out someone was attempting to access the accounts from other location within the engineering department. According to policy he had to report this to leadership in Human Recourses. The leadership was not technical and did not understand the issue and how server the problem was. Given what the case has presented the attacker wanted to gain access to the network.

After the presenting his case to HR leadership he decided to work on an IT project at the top of the list. He setup virtual private networks (VPN) for the sale staff to have remote access. A VPN is a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an untrusted network. (Stewart and Chapple and Gibson, 2012, p221) He setup the VPN on the financial network. Once the software was loaded on employee’s systems he started to monitor the security logs. He found more incoming connection then what he installed.

“When he followed up on a few of the originating IP addresses in the security log, He found that a number of the connections originated from a local cable Internet Service Provider (ISP)” (Whitman and Mattord, 2011, p. 27). The attacker was using shared accounts from employee in the company. When someone would leave they would pass the account down. Accounts were not being deleted or disable. Removing or disabling accounts should be a standard best practice for any system. Accounts need to be deleted as soon someone leaves.

(Stewart and Chapple and Gibson, 2012, p231) Some of the things he could have done differently was to review his IT security policies from day one. The events that took place were events that were easy to miss. HR should have had a policy on how to handle terminated employees. There should be a lock out policy since the engineering employee was able to try many attempts on the account before it was locked out. The good lockout policy is three attempts then the user has to go through their IT department to get the account unlocked. A password policy should be implemented as well.

At least 8 characters with a combination of lower case, upper case, one number, and one special character, this is DOD standard. If these were in place the attacker would not have been able to attack the network. The IT department needs to be trained to Monitor Security logs once a week. He would face a big challenge trying to recommend these changes to the Leadership. He try to explain this to the HR Director. “His explanation required substantial effort as Jim had minimal IT experience. ” It took another incident for the HR Director to take him serious.

Writing Quality

Grammar mistakes

F (41%)

Synonyms

A (100%)

Redundant words

C (76%)

Originality

100%

Readability

F (57%)

Total mark

C

Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyStudyWriters
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Human Resources Management (HRM)
excellent, great job
Customer 452773, June 19th, 2023
Business and administrative studies
Thanks
Customer 452773, March 3rd, 2023
Nursing
Impressive writing
Customer 452547, February 6th, 2021
Criminal Justice
This has been the greatest help while I am recovering from an illness. Thank your team so much.
Customer 452671, May 2nd, 2021
Business and administrative studies
perfect
Customer 452773, February 23rd, 2023
Business Studies
Thank you very much for a good job done and a quick turn around time.
Customer 452615, March 31st, 2021
Humanities
Thank youuuu
Customer 452729, May 30th, 2021
Nursing
thank you so much
Customer 452749, June 10th, 2021
business
Great job
Customer 452773, February 13th, 2023
Managerial Accounting & Legal Aspects of Business ACC/543
excellent work
Customer 452773, February 7th, 2024
Business and administrative studies
excellent, got a 100
Customer 452773, May 17th, 2023
Business and administrative studies
Excellent work ,always done early
Customer 452773, February 21st, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Live ChatWhatsApp