Introduction
Huffman Trucking Company has requested a new Election Benefits System which will be used to manage the benefit packages of its employees. The current system that is used by the company includes vision, dental, and medical plans for employees. In the benefits election system, the package that the employee will choose will be stored and managed by the system which has database capability to help in the retrieval, updating, and storage procedures of the system. The records that are stored in the database are either hardcopy or electronic. Whoever method that the records are stored; there is a need to have security of the data of staff. There are risks that come with the system because of the information assets that the system comes with.
One of the risks that are associated with the Huffman Trucking Company’s Benefits Election System is alteration of the database for the benefit of increased benefits from the system. Since the data is contained in the database, the database can be accessed for intentional changes and damages. There is a need to have the database protected in the network. One of the ways in which this can be achieved is by use of firewall. A firewall should be set on the network so that the intruders to the company network will be avoided and kept at bay. Firewalls will protect the internal environment of the company from outside damage (Haimes, 2011).
Another risk that Huffman Company will face with their implementation of Benefits Election System is that of theft of data. The attackers could get access to the database and steal this important information from the database. This can be prevented by ensuring that the network is secured with security protocol. One of the security protocols that the network should be protected with is the Secure Socker Layer (SSL) protocol. It will protect the access of the database from the theft.
Another risk of the Benefits Election System that the company will face is illegal access of information. With this risk, the people who are not allowed to access information will access the data that they are not allowed to access. An example is that normal and junior members of staff could access backend system that is used for control and administrative functions. This is reserved for technicians and administrators. One way of preventing this is to have access levels and privileges in the system. This will allow users to access the system according to their privileges that they have been assigned by the assigning authorities. With this mechanism, the users will be assigned with s and passwords. There could be more than one mechanism of accessing the system.
Another risk of the system is that the Benefits Election System could be attacked by computer viruses and the data damaged. With the internet and cyber attacks, it is now common that data is destroyed by computer viruses which enter into corporate networks. Most of the malware are designed in order to steal important information from computer systems. This can be mitigated by ensuring that there is an anti-virus system installed in all computers that are used in the company. The antivirus tools should be installed in one of the servers and updates available to all the host computers. With the anti-viruses updated daily, it will prevent the computers and the system from the latest attacks (Chuvieco et al., 2010).
Another risk that can be faced by the company is hijacking the data as they are transmitted on the company network. This is possible because with the company developing their corporate networks so that they have corporate intranets that span wide geographical networks. As the users access data from the headquarters, the data can be hijacked as it is being transmitted between the locations. This can be avoided by ensuring that the data are encrypted as they are transmitted to the various locations. This will ensure that the data will remain the same even if they are accessed.
Another risk that can be faced by the Benefits Election System is denial of service to the system by the users. This is a common risk that is faced by systems when accessed over a network. This happens when the network is hijacked so that they process a lot of information instead of processing requests from the users. This can be avoided by ensuring that the network is protected from external attacks. The intranet should be protected by ensuring that the internal network is protected and separated from the external network. This is easily achieved by having a firewall which will ensure that the connections are secured. This is an important process that should be implemented when setting the network (Sage, & Rouse, 2011).
Another risk that the Benefits Election System has is losing value with time. This is common with many systems as time goes because with time, there will be new changes to the business processes that they serve. This can be avoided by having changes and updating the system with time.
References
Chuvieco, E., Aguado, I., Yebra, M., Nieto, H., Salas, J., Martín, M. P., & Zamora, R. (2010). Development of a framework for fire risk assessment using remote sensing and geographic information system technologies. Ecological Modelling, 221(1), 46-58.
Haimes, Y. Y. (2011). Risk modeling, assessment, and management. John Wiley & Sons.
Sage, A. P., & Rouse, W. B. (2011). Handbook of systems engineering and management. Wiley. com.
