You are required to write a report for a business organisation regarding the potential security threats, vulnerabilities and attacks they might be facing based on the given case study. The purpose of this assessment is for you to demonstrate that you understand the kinds of cyberattacks that might arise in your own workplace or professional setting, so that you can identify the potential security vulnerabilities and threats that need to be addressed to develop a security program within the organisation and justify the use of resources and the opportunities to make positive changes.
The targeted Course Learning Outcomes for this assessment are:
Consider that you have been hired as a security consultant by MyFinance, which is a local, medium-size trading firm. Your job is to identify the most relevant security threats for this organisation and provide preventive measures. MyFinance uses a mainframe computer to support its daily processing needs. Its computer centre, which houses the mainframe, is located on the second floor of a commercial building. The computer centre is behind large plate-glass windows so that the state-of-the-art technology can be displayed as a measure of the firm’s success and to attract customer and investor attention. The computer centre is equipped with smoke detectors and automatic water sprinklers. The whole commercial building, including the computer centre, is equipped with air-conditioning. The electrical power to the computer centre (including all the devices inside) comes from the commercial building. Furthermore, all the devices inside the computer centre are directly connected to the power source of the building without any regulatory devices in between. An entrance door equipped with a keypad combination lock prevents unauthorised physical access to the computer centre.
MyFinance has hired several computer operations staff to operate the computer centre. The company offers flexible working arrangements and highly encourages a “BYOD” policy so that the employees can also work from home when needed. The firm has also hired some systems and programming staff for software development and maintenance. Since the number of systems and programming staff is small and the work demand has increased, system documentation is prepared when time is available. Backups occur periodically in this company. The firm maintains two backup copies of its program and data files. One copy is stored in the computer centre and the other is stored at an off-site location.
You need to submit the following in Canvas: