Vulnerability Assessments
There are various vulnerabilities and network security loopholes present within the organization’s network; Peer to Peer network, Netgear MR814 router, the type of cable modem used by the organization (Motorola SB3100), and Microsoft Outlook and web applications. These network security vulnerabilities present different security loopholes that can be exploited by malicious attackers to gain access to the organization's network and cause a series of unwanted effects [2]. The organization employs the use of a network topology that can be easily compromised by malicious attackers. The current peer to peer network configuration of the organization’s system presents a massive security threat to the organization. Peer to peer network configuration enables easy file sharing among connected workstations [1]. As a result, it grants malicious attackers to install malicious codes which could compromise the security of the organization.
Additionally, the organization employs the use of Netgear MR814 router which has several vulnerabilities. Netgear is known to have a vulnerability that can be easily bypassed through Uniform Resource Locator [1]. This technique can be used to gain access to the web interface of the router, thus gain access to the whole network. Furthermore, the organization uses weak applications such as Microsoft outlook and web application. These applications can be easily compromised through unprotected web sessions [2]. The security configuration of Microsoft outlook is weaker as compared to other mail servers. As a result, malicious attackers can easily gain access to private mail.
Network/System Security Recommendations
Application/End-User Security Recommendations
It is significant for the organization to do away with applications that are known to have weak security features. The organization should replace Microsoft Outlook with more secure and reliable mail servers such as Gmail. Gmail has advanced security features which enabled improved security [1]. It has 2-step authentication process that ensures that confidential and private information within the mail remains as such. Additionally, it is crucial for the organization to employ the use of secure browsers such as Google chrome. Regular software updates and employee security awareness creation is also imperative.
Bibliography
[1]M. Ben Mahmoud, N. Larrieu and A. Pirovano, Risk propagation assessment for network security. Hoboken, N.J.: ISTE Ltd/John Wiley and Sons Inc, 2013.
[2]S. Manzuik, A. Gold and C. Gatford, Network security assessment. Rockland, Mass.: Syngress Pub., 2007.