Security assessment
The company that the group will assess for the project is Dalton, Walton, & Carlton, Inc. This is company is located in Kansas City, in Mo house. The business that this company does is that of architecture. It has approximately 250 employees who are distributed in four cities which are found in the region. The main office in Kansas houses approximately 100 employees. This main office is housed in the main suburb of a neighborhood where security is not regarded as a main concern. The group will therefore assess the security needs that need to be undertaken and worked on in order to have a secure organization where information assets are safe.
IT infrastructure
The IT infrastructure of Dalton, Walton, & Carlton, Inc. make use of Microsoft servers and PCs. They also have Mac computers which are used to undertake design work. They make use of an active directory in their server requests. They also have a web server that is used to manage their web site. There are also various servers that are used for various applications and processes. They have four file servers that are used for managing files, four MySQL database servers that are used to manage the database requests and processes from the various units. There are also four servers that host the applications that are used in design work. For email exchange services, they have Microsoft Exchange servers, two in number that are used in managing email requests.
There are also 20 servers which are located in the main office running Windows 2008 server. Out of the 20 servers, 12 are made to run virtually on three physical servers. The updates to the various products and operating systems are run from the main office. The Microsoft updates are set to run once a month. Some applications miss updates. The third-party applications like Adobe Acrobat are never updated. Each satellite office has been set to have our servers which are used to store files and run local application. The local offices also have decentralized wireless networks that connect to the production networks. Each employee has desktop computers that have been installed with Windows 7 operating system. The human resource personnel also have laptops that are used for undertaking interviews.
The company also third party companies who have been outsourced with email filter applications. The human resource applications have also been outsourced to third-party companies. The network has been set so that it is behind a gateway router and firewall. There is antivirus software which has been installed to be in use but they are not updated automatically across the organizations. Most employees work from remote locations most of the time and only use their password and to gain access to corporate systems that are used by the organization. There is also IT director who has five staff working full time. Out of the five full time employees, one of whom works on security tasks part time.
Issues to be considered
In the recent past, there has been physical theft of computers where computers were stolen from the office. Data security through file security has not been taken seriously. Files and intellectual property rights have been reported to have lost. Two employees have been reported to have left the company to work for the organization’s biggest competitors. Vendors are allowed to access the premises of the company without any authority. The resetting of the passwords is undertaken by using a generic password, Chiefs2011.
References
Bosworth, S. (2009). Computer security handbook (5 ed., Vol. 2). New Jersey: John Wiley and Sons.
Goodrich, M., & TamassiaRachel. (2011). Introduction to computer security. New Jersey: Keberos.
