With the current lax setup of the computers of ABC company, it is really prone to unauthorized access by several users. The company must implement two types of security, that is physical security and software security.
The company can provide computer locks to their units or laptops to prevent unauthorized person from booting the computer when the authorized user is out. BIOS Security, which is a low level type of security, where the computer asks for a password before you can boot or reboot a computer is another physical security that ABC company could use for all of its computers. (tldp.org, 2013)
Network access to the network must be controlled. Before entering the network, user authentication must be provided and the network should apply mechanisms where only data and files needed and relevant to the person who is gaining access will be available to him. Security through the use of passwords for user authentication must be provided in every level of access. For additional security, the network administrator should require the change of passwords from time to time just in case someone had stolen these passwords. Since, there are specific folders that where each department can access, only departments needing specific data must be given access to such folders. For example, data for the personnel department must be accessed only by specific persons in that department. Even if an employee belongs to the department but does his job does not require the use of such data then he should not be given access. The company needs to conduct a job analysis and determine which specific folders or data are required by each employee to be able to apply this mechanism correctly.
The IT office of the company must be given the sole responsibility of updating the operating systems installed on the computers. This is not only for the purpose of installation and adding of fixes, but also to control software that could be installed to the each of the computers. Aside from an authorized person from the IT office, employees must not be allowed to install programs to the computers. This way, software that can be installed for the purpose of stealing information can be avoided.
References:
Tldp.org (2013). How to Physically Secure Linux. Retrieved from http://www.tldp.org/HOWTO/Security-HOWTO/physical-security.html
Byrt, Frank (2013). Encryption Seen as Best Security Measure to Safeguard Laptops. Retrieved from http://www.accountingweb.com/article/encryption-seen-best-security-measure-safeguard-laptops/221175
Securing data at rest: developing an Database Encryption Strategy. Retrieved from http://www.rsa.com/products/bsafe/whitepapers/DDES_WP_0702.pdf
