Abstract
In this paper, the author identifies at least three security-related threats and various recommendations how they can be addressed. So far, there were three man security threats that were identified. The first one was the outdated-ness of GFI’s front end system. The recommendation for this was for GFI to invest more in the creation of a team that would develop a dynamic, high quality, and more secure front end system, one that is suited to today’s speed and design standards. The second risk was the presumed use of a common cryptographic passphrase for all of its departments. The recommendation for which was the creation of a unique cryptographic system for each department—i.e. decentralization of security protocols. And lastly, the third risk was the lack of another gateway for the internal network. The recommendation for this was to create another VPN gateway solely dedicated for securing the Trusted Computing Base Internal Network.
Description of the Company Network, Interconnection, and Communication Environment
The subject of this technology risk assessment was Global Finance Incorporated’s (GFI) internal network, based on the presented Trusted Computing Base (TCB) Network Diagram. The objective is to identify at least three vulnerabilities in the implementation of security and integrity measures for its mission critical systems. The 21st century has opened a lot of opportunities for companies to diversify. One of the opportunities for diversification that this new age of doing business has opened was the use of new technologies such as integrated inter and intra networks that enable companies to communicate better with their stakeholders such as partner businesses and clients. Of course, this does not come at no expense as the opening of this new age of doing business has also created new threats that companies like GFI now have to deal with. One of the threats of this new type of business is the need to deter cyber threats. Unfortunately, falling victim to the negative consequences of cyber threats can easily wipe out the gains offered by the more efficient means of doing business using these new technologies. In the end, it can be said that a company’s ability to take advantage of these new technology-dependent business trends would depend highly on its ability to fend off security threats. Focusing on GFI’s case, it is currently dependent on the Oracle Database and Electronic Mailing System. As a company operating in the financial industry, communication is with its clients and other partner firms are important. Customers want to get an almost constant frequency of updates regarding how their assets are being handled and partner businesses want to have a stable form of communication so that they could have a highly integrated process—a key to gaining customer confidence and pulling out higher levels of efficiency.
Importance of Mission Critical Systems
Traditionally, most of GFI’s clients access their accounts using dial up connections. However, much of this has changed already as faster and more reliable internet connectivity options are already available such as broadband, fiber optics, and mobile-based data connectivity services. The bottom line is that the end user has to be able to access the internet in order to keep in touch with GFI’s services. It is important to note that an off-site office (e.g. GFI offices located in offshore locations) operates the same way an end user does and that is via an internet. For employees, the case remains the same. They both have to access the internet. There is an alternative, however. For example, certain users may access the company’s network using a Publicly Switched Telephone Network (PSTN). This is a network that enables companies that rely on a voice-related means of communication (e.g. calls) to make secured connections. It is worth noting that there are public government agencies that make use of the same model of networks in their operations. GFI’s PSTN is connected to a private branch exchange that then allows the user (this may either be an employee accessing GFI data remotely or a client accessing his account) to connect to the connection of routers within the organization. These routers are connected to a Virtual Private Network (VPN) Gateway that is in turn located to the different departments’ databases. The remote user (e.g. customer or employee) then becomes able to access the information he wishes to access, depending of course on the different levels of authorization provided by the company. The company has different departments, each of which has its own set of workstations, printers, and other interconnected devices. They are interconnected to the company’s intra-network which is in turn created using routers and virtual local area network switches. The typical speed by which these networks could connect to each other is 10 Gigabits per second except for the Management Department which has only 100 Megabits of bandwidth. Either way, these speeds are considered to be fast enough for typical data-related operations. The different departments within GFI’s network are Accounting, Loans Department, Customer Services, Finance, Credit Department, and the Management Department.
This intra-organizational network is secluded from the public users through the VPN gateway. This is arguably one of the most important security components of GFI as it prevents users from the front end from accessing the possibly confidential information that the company stores in its servers. Within the company’s intra-network would be its Trusted Computing Base Internal Network which is composed of the SUS Server, Oracle 9i Server, Internal Domain Name System (DNS), Exchange 2000 Email, File and Print Server, Intranet Web Server, and the seven work stations that manage the TCB Internal Network. This is where all the internal files of the company, including those that it obtained from its clients (e.g. personal information) are stored. If there is one thing that the company must protect from cyber-attacks, it should be the information stored within the servers inside this network. Practically, the company has two divisions on top of its Trusted Computing Base Internal Network. A remote user, regardless whether he is affiliated with the organization or not, has to access these two divisions before being able to reach the TCB internal network; this is apart from the various forms of authentication needed to access certain information. This is something that is intra-organizationally-specific and unfortunately, GFI has not provided any information as to what type of authentication procedures they require for a user to access certain information from one of their departments. It would be safe to assume, however, that given how outdated GFI’s network security system is (considering that it still is based on a dialup-based networking system); it only has a one or a common authentication procedure across all of its departments.
Risk Assessment
The number one risk that GFI faces is the fact that it uses an outdated system. Based on the diagram that was presented earlier, the company still makes use of a dialup-based system. A number of inferences can be made based on this fact. There are two general parts of an internet-based network or system and they are the front and the back end. The front end is what the remote users who want to use the company’s systems actually sees and interact with.
The back end is where all the authentication and actual data-accessing processes happen. Considering that based on the technical diagram the intended remote users would still be based on dial-up connections, it can be inferred that the front end features that the company uses are fairly outdated and that its overall quality is not good as well. Dialup connections are extremely slow especially when compared to today’s standards. Because of the slow connection, web pages back in the day had to compensate. They could not contain a lot of multimedia content because otherwise the users would not be able to load them. Images were rarely included in most webpages; purely text-based front end pages were more common. This can be a risk because remote users making use of a faster network connection would be able to discover a workaround for the established security measures. Another reason why this may be considered a security risk and or threat is the fact that outdated-ness will always be considered as such .
Organizations that rely on wireless systems and networks in order to integrate their processes have to be constantly updated because every day, new workarounds are being developed by hackers and other malicious entities in the internet. In time, they would be able to fully master how to breach older network security frameworks. This perfectly applies to GFI’s case. A perfect example of a security threat that GFI may encounter would be Cross Site Scripting (XSS). This risk only threatens the front end part of organizations (e.g. websites). According to Tim (2014), a cross-site scripting vulnerability happens when dynamic data is sent to a user without being validated for malicious content” . Certain executable codes such as JavaScript codes may be able to penetrate into the system and cause product and system outages as a result. This, just like Denial of Service attacks, is what GFI is trying to prevent because they lead to significant opportunity costs, not to mention the fact that they lead to an erosion of consumer trust and confidence.
Another network security threat that applies to GFI’s case would be its use of a common passphrase for all of its departments . This has been a common practice among organizations that make use of this kind of interconnecting framework in the past. It is also worth noting that this is an assumption based on the fact that GFI still relies on dialup-based front end service. The main vulnerability of this kind of process (where there is only one passphrase for all departments) is that all remote users, provide that they know what they are doing, would already be able to access various information from other departments even though what they only really need is a set of information coming from one department. A remote user who has to access information originating from the Customer Services Department would, for example, have the opportunity to access information from the Finance Department as well. This practically opens a lot of possibilities for the network to be breached.
The third risk that the author of this paper was able to identify is the lack of a gateway for Trusted Computing Base Internal Network. Notice that there is a VPN Gateway between the internetwork and the intra-network. This may be considered as one layer of protection that only allows authorized remote users to access GFI’s intra-network. However, it can easily be observed that the heart of the system, the internal network, is not protected by a unique gateway. This means that anyone who has access to the intranet may have access to the information that each server from the internal network provides. This also effectively puts the VPN Gateway separating the internet users from authorized remote users of GFI’s intranet as the only means of protecting private and confidential information that the company stores and handles.
Recommendations
In this section, the author addresses each of the three identified risks so that their materialization could be avoided. For the risk of outdated-ness, GFI should simply invest more in its web designing department so that they could hire a competent team who would take care of the goal of creating a dynamic and secured system that its end users can make use of. Today, large multinational financial organizations typically have specialized domains intended to be access by both their clients and employees. This way, the information that can be accessed by the employees and authorized personnel could easily be sorted and segregated; it would also be easier to keep information away from the clients in an effort to protect data privacy and confidentiality. Unfortunately, this would require some time and a sizeable investment from GFI because of the sheer outdated-ness of its system. The new front end system would also have to be integrated to the rest of the system for it to actually work. For example, the VPN Gateway would have to be able to recognize the way how processes are being handled at the front end. Otherwise, this may turn out to be another security threat that GFI would have to address in the future.
For the second risk which is the use of a common cryptographic passphrase for all departments, the recommendation is obvious. GFI’s network security team should implement a unique cryptographic system for each department so that access can be limited on a per-department level. For example, people who have been given authorization to access only the Customer Service Department would not be able to access a set of information that is meant for another department.
And lastly, for the third risk which is the lack of another level of protection for the TCB Internal Network, the only sensible recommendation would be to create another VPN gateway for it. This would effectively create another layer of protection, only this time; it would not be for the intra-network but for the servers. The servers are the most important because they are the components where all sorts of information that the GFI handles are stored. Leakage of information at this level can be very alarming and this is the last thing that they would want to happen. This is why the creation of another gateway is only reasonable. This means that even people who have access to the intra-network would still be unable to access the various servers, unless of course they are authorized. This makes the people who can control the TCB Internal Network Work Stations the only ones who can access the internal network.
Risk Assessment Methodology
The risk assessment methodology that was done in this paper was mainly qualitative. This is because the information available in GFI’s case was mostly qualitative and so the author of this paper had to utilize this information to conduct an evaluation and present appropriate recommendations based on the results of that evaluation. Had the information provided been quantitative, a quantitative risk assessment methodology would have been the appropriate choice. In the end, it all depends on the available data for assessment. It just happened the available information in the case of GFI was mainly qualitative.
Based on the diagram below, the original techical diagram of GFI remains largely unchanged. The only real changes would be the fact that all remote users, including employees and clients, should be based on the HTML5 web browsers already. This is because nobody uses dialup connections at this point in time already, apart from the obvious securiuty threats that using this old system brings.
Another addition would be the VPN for the TCB Internal Network. This essentially adds another layer of protection for the company’s databases and servers, something which was absent in the original diagram. Additionally, the numer of workstations manning the TCB IN was increased to 20 in order to accommodate for the increase in size of the diagram and the ever-growing volume of data the company has to secure.
References
Burbank, J. (2008). Security in cognitive radio networks: The required evolution in approaches to wireless network security. Cognitive Radio Oriented Wireless Networks and Communications.
Symantec Norton. (2016). Most Common Computer Security Threats. Symantec Norton, http://www.symantec-norton.com/11-most-common-computer-security-threats_k13.aspx.
Tim, E. (2014). Front End Security is a Thing and you shoudl be Concerned about it. Web Design Weekly, https://web-design-weekly.com/2014/07/09/front-end-security-thing-concerned/.
