Description of the Software
Advanced Research has been a victim of cyber criminals and plans to install security software to protect its vital information from leaking in the market to its competitors. A software tool Microsoft Baseline Security Analyzer (MBSA) is chosen to protect the data of the company from cyber criminals. The software tool assesses less-secure elements and missing security updates setting in Microsoft Windows to prevent information from being stolen. Internet Explorer and IIS web server are the components of Windows on which the software tool can be easily installed and can work efficiently. The software tool has a Freeware license and works on several operating systems like Windows 2008 Servers, Windows 2003 Servers, Windows XP and 7 Desktops and UNIX Servers .
MBSA is a beneficial software tool is upgraded with built- in checks and helps in identifying administrative vulnerabilities in the Windows. It also determines presence of IIS and SQL administrative vulnerabilities and detects weak passwords used in the Windows. The software can scan several computers through domain or IP address. XML security report of each computer will be created and stored by MBSA. All updates are checked by MBSA with security implications. Security updates, service packs and update rollups are built in the software tool to determine if any update is missing security checks. There are some additional features in MBSA that are helpful for scripting, scanning logins and managing security scans on more than one computer .
We have also tried to test the free sample of the product and have come to a conclusion that MBSA software tool is very effective and is beneficial for the organization as it scan threats. It alerts the users about the weak passwords and other vulnerabilities that are present in the computer. The product is easy to use and can provide protection to many computers. All of the users will be protected and it is assumed that the important data of the organization will remain safe and the cyber criminals will not be able to hack the data and leak information if this software tool is installed. The software tool is used widely by many organizations to prevent data of their organization as the security provided by this software is strong. In addition to it, it forces the users to change their passwords if their passwords are weak .
Cost of the Product
The overall cost of the product with installation charges is provided. The cost also includes 1-week training program. The total cost that the company has to face for the product is $ 39,940, which includes development cost of $ 35,300 and optional cost of $ 4,640. Training seminar fees and 3rd party provider fees varies as per the plan chosen by the company. On site-advanced training is $20 per hour, which is not included in the total cost as it is the additional cost and it depends on the company the number of hours they want to train its employees. It is essential for the company to install a secure server backup, which will cost $ 50 for 100 GB. The cost of server backup is also optional and not mentioned in the total cost as the decision related to its installation is still not confirmed.
Impact of the Software
The software will have a positive impact on the production environment as the security provided by the software is very strong and will prevent the organization from losing the data. The software tests for SQL injections and Password Attacks and protect the organization from these types of attacks. There are no long interruptions because of the implementation and usage of this software tool and this software will not affect the organization’s operational activities. There is a need in the organization from the prevention of such tests as cyber criminals make use of weak password to hack the systems of the organization. MBSA is a strong security analyzer and protect the information of the computers from being leaked therefore it is assumed that this software will prevent possible production outages.
References
EC-Council. (2009). Ethical Hacking and Countermeasures: Attack Phases. Mason: Cengage Learning.
EC-Council. (2009). Ethical Hacking and Countermeasures: Linux, Macintosh and Mobile Systems. Mason: Cengage Learning.
EC-Council. (2009). Ethical Hacking and Countermeasures: Web Applications and Data Servers. Mason: Cengage Learning.
