Question 1
Since the absence of anti-virus was not detected at an earlier time, there is a possibility that some portions of the system were already affected by the virus, especially when the system is engaged into activities which permits entry of foreign objects such as e-mails and online messages (Security Standards Council, 2010). The first thing to do, as compensation, is to limit the entry or the use of data to both local and foreign concerns. This is to prevent anymore spreading of possible virus to areas which are still uninfected by the virus. After that, alerting the people or organization concerned about the problem would be the best thing to do in order to cease any activities under their wings which might spread the virus. Next is to track down the system history in order to pinpoint possible sources of the virus and in order to investigate further on these sources. In this way, not only the virus will be detected, as well as the weak spots of the system which security must be improved immediately. Newer security software or system design might remedy the problems, as these will update the system effectively and protect it against malicious entries and future data breach (Security Standards Council, 2010). While at it, legitimate anti-virus software must now be installed into the system as well as in all other systems connected to it. Also, it is advisable to have uniform anti-virus software so that the security will not find it hard to adjust to other systems when it comes to implementing the needed data security. Also, the software must be kept updated at all times especially on the critical portions of the system with roles that affects most of the systems (Security Standards Council, 2010). Although some have been affected, it is not yet late for the anti-virus to take action. However, negligence to install anti-virus software must not be forgotten in the future, such as when there are new connections to be done.
Question 2
Missing patches are connected to vulnerability and risks to data breaches and malicious entries, so it is important to update the system at regular intervals (Security Standards Council, 2010). However, in cases when missing patches are discovered, it is difficult to pinpoint immediately the reasons as to why such missing patches occurred. During this time, it is important to check rigorously the system’s security and data management control. If an anti-virus is already installed, check its setting and make sure to prioritize its regular updating feature. Next, view the list of missing patches in order to identify the areas affected by the security systems which are not updated for some time. View every part in details, as this will advise the system the recommended things to do with such problems. While the areas concerned were identified, it is also safe to check if there are possible malicious entries and data breaches within these parts, just to make sure. If the current security settings do not work efficiently in resolving the problems brought about by missing data patches, it is recommended to change the security control in order to improve its capacity in the future (Security Standards Council, 2010). When changing the security control, it must be noted that this must be done at gradual pace so that every part of the system will be checked thoroughly. This is to prevent another problem to emerge at this point of reconstruction. Also, it is important to develop necessary guidelines for the personnel, and also to all people concerned with the use and maintenance of the system. Even a single negligence on some portions of the security maybe critical in the future, so it is important that the most critical procedures and processes must be properly done and followed. Missing patches can become critical, especially when some portions of the system need to be quickly repaired and improved (Security Standards Council, 2010), and manual repair cannot become an alternative solution when these problems occurred.
Question 3
For some reasons, an expert in information technology was recently fired from the industry. Since this event is only recently done, the IT expert has the ability to access the system with ease, even if the system is tightly protected, especially when there are no changes in the security happened after the IT expert was fired. As a result, there is a chance that the fired IT expert might modify the system controls and it might become a disaster as a whole. It is unethical to do such things, for it violated the privacy and security standards of a property that is not owned by the violator, the IT expert. However, for some reasons, such acts might happen in the future, so it is important to take necessary actions. The first thing to do is to make changes in the security system, every part of it to be exact. Customize everything into a new system that will make Bob Cat unable to make access to the system again, since he has become an unauthorized person. Also, assign an entirely new personnel who does not have any connection with the previous personnel who worked with the system’s security. This is to make sure that the previous personnel will not become updated with the new security and protocol changes that happened in the system ever since he left. When a new personnel takes up the job, it is important to make him follow the guidelines and make him coordinated with the system’s administration regarding the changes that he or she will be doing with the security. All codes must be reported, and all settings or adjustments must be made known to the system’s administration. Also, the administration must make sure that they have a trusted IT expert on their side to make sure that the newly-hired personnel will not trick them of the system changes and controls. IT procedures are very complicated especially for people who do not have full grasp of the field so this is also a way to protect the system as a whole and to make the necessary improvements of the system as well, for future activities and transactions (Security Standards Council, 2010).
Reference
Security Standards Council. (2010). PCI DSS Quick Reference Guide (Vol. 2). PCI Security Standards Council, LLC.