The informational technology and cloud computing-based electronic commerce platform that Global Finance Incorporated (GFI) is currently using may already be good as it is. However, for a company that employs more than a thousand people and one that is continuously growing year on year, certain improvements have to be made, especially on the security end. One quick reference that may be used to assess how linear and secure the connections that any one end user of GFI’s network would be, once initiated, is their network diagram. There, various vulnerabilities and loopholes can be identified. In terms of authentication technology, for example, nothing specific was mentioned, although each computer workstation in the company’s various departments may already utilize a unique form of authentication technology. This would be on top of the personal authentication and password protection schemes available on the internet and intranet-capable devices that each end user would most likely be using. This, in itself, can already present as a risk or security vulnerability because there is no unified and integrated form of authentication. One possible security authentication for GFI would be encryption. This is one of the most common and it is not so for no reason. Encryption is one of the most effective and straightforward ways to secure a network or connection—that is, to make sure that any established connection between the network and an end user, or a group of it, is secured and not tampered with. There are many types of encryption. In this case, the one that is recommended for GFI would be hashing. Hashing is highly pervasive on the internet and a lot of large companies that is dependent on electronic commerce are already using it. Hashing, from a purely technical point of view, is in fact a form of cryptography. It is only contextually being referred to as encryption on the internet because of the way how it protects passwords and other connections . Through hashing, the passwords and other authentication-related information are verified only for brief moments; this means that they only get exposed on a based on a needs-based scheme, limiting their exposure to malicious entities.
Aside from the recommendation on the use of hashing as a form of authentication tool or system, another recommendation for GFI would be modernization of their cloud computing system. Basically, it would make a lot of sense to migrate from a completely internal server-based system (one where they manage the servers and guard them on their own) to one that is based on the cloud (i.e. remote servers managed and guarded by a cloud service provider company). One of the reasons is the fact that cloud servicer providing companies know what they are doing—because their existence is dependent on how good they would be able to provide this kind of service to their clients. Another reason is that GFI would be able to cut down their expenses on information technology significantly because they would not have to manually store their servers and workstations, all that they have to have access to would be the different cloud-capable devices for each employee and the cloud computing company they would be in partner with would take care of the security and connection-related processes. Everything would go wireless basically. Below is a diagram that would summarize the recommended cloud computing system for GFI
As for the list of possible access points, this may be internal or external. External access points would be from any remote end user and off-site office end user—both of which would make use of the internet to access the company’s network. They may be anyone from clients or company employees working to access their files from within the organization’s servers. Internal access points would be any person using the company’s various departments’ computers and workstations (e.g. Accounting, Management, Credit Department, and etc.). With the current cloud computing proposal, however, these access points can be limited to any end-user and internal stakeholder who must have access to the company’s data via the cloud. They would essentially be accessing the same type of data only that it would be stored in remote locations and accessed via the cloud. This cloud computing-based strategy already directly addresses the CEO’s concern over the mobility security and the design of a secure mobile computing platform. Basically, any person who has access to an internet-capable device such as a smartphone or a notebook computer would be able to make use of GFI’s service—this addresses the mobility component. Secondly, cloud computing companies make use of the most sophisticated data security and authentication strategies because this is one of their selling points—convenience and security. Cloud companies are often required to pass tests and comply with various data protection regulations (e.g. European Union Data Protection Regulation) to ensure the security of private information passing through them especially for enterprise-based clients like GFI. Some of the advanced encryption systems are being used by cloud companies as well; some examples would be the Attribute-based Encryption Algorithms like Cipher Text Policy ABE, Key Policy ABE, and the Fully Homo-morphic Encryption methods (FHE). These are just some of the main examples but they do a good job in improving the level of convenience of storing huge amounts of data and securing them.
References
Behrens, M. (2014). Understanding the 3 Main Types of Encryption. Atomic Object, Retrieved from https://spin.atomicobject.com/2014/11/20/encryption-symmetric-asymmetric-hashing/.
Ramos, M. (2016). Cloud Computing. Retrieved from http://lh5.ggpht.com/-RIVq1ND6GCg/VSszFbu4A3I/AAAAAAAADmc/hcyk28qvJQI/cloud3.png?imgmax=800.
