Agenda
The identification of the vulnerabilities and risks within the scope of computer and network systems can be performed through a comprehensive audit in order to identify various recommendations that should be instituted for the network system (Pittman et al. 2022). The access control system in a network is instituted to prevent network intruders from interfering with the networking system. As a result, they serve as a fundamental element of data security within the organization (Ali et al. 2019). The agenda of the current proposal is to recommend key policies and procedures that should be adopted based on the findings obtained from the top-to-bottom computer and network security audit that will be performed for the Company.
Summary
Speaker Notes
Techno health Incorporation is a multinational business that deals with the manufacturing of health care equipment such as CAT Scan machines, X-Ray equipment, MRI among other categories of laboratory apparatus. The business has expanded its operations in multiple regions of the United States, such as San Fransisco, New York City, Seattle and Chicago, among other regions. Due to the extensive operations, the Company has opted to create specific regions on which the diverse operations will be localized. The information audit of the Company will be performed at the New York office since it specializes in the handling of data and information operations of the business.
Staff certifications
- Computer Support Specialists – Certified Information Technology Professional (CITP).
- Web Developers – Adobe Certified Expert Certification (ACE).
- Database Administrators – Certified Information Technology Professional (CITP).
- Information Security analysts – CompTIA Security+
As a certified business, we have served more than 1,345 computer and network security clients from multiple locations of the world. As part of the auditing team within the Company, I have offered auditing services to various industries such as food, healthcare, real estate and technology industries.
Computer and Network Security can be defined by breaking down the entire term to computer security and network security. Computer security entails the process of safeguarding the computer’s devices from attack, unauthorized access, harm and theft. The key objective of instituting computer security is to prevent the occurrence of any risks that may cause financial damage to the business. On the other end, network security is the process of safeguarding the underlying infrastructure of a computer network from unauthorized access and theft. Within the scope of the healthcare setting, network security is a vital component of the business since it enables the organizational data center to maintain their data safe from untrustworthy parties.
Network Security
Explanation
Given that the key objective of the current audit is to evaluate the functionality of Techno health networking security systems, the assessment will analyze the existence of any risk vulnerabilities that may impact the functionality of the network. Network security integrates several segments of protection within the scope of the network. The network security layers will implement various policies and controls through the current analysis. The report will eventually suggest ways in which authorized users to access the network infrastructure while at the same time blocking unauthorized parties. Such a process will be supported by the institution of firewalls across the network system of healthcare.
Risks
Within the scope of computer and network security systems, the internal threats and risks are caused by the employees who have access to the organizational devices, computers and servers. Their day-to-day interaction with these systems may end up causing risks that can harm the data, information and devices of the business. Such harm can exist in the form of computer viruses and malware. Computer viruses and malware can render Company’s resources such as devices and computer systems, useless once they are infected.
Audit Points and Recommendations
Within the scope of network security, the key elements that will be audited include the password Policy, Internal Network Security and the security of the Firewall in order to determine whether the Company’s important data and information is protected from unauthorized users. In alignment with the audit results, there are various key recommendations that will be recommended for the organization’s security infrastructure to be effective and comprehensive in providing protection. Such recommendations include instituting strong and secret passwords supported by step two authentication., monitoring the internal performance through firewalls and configuring the access control lists of users.
Mobile devices
As part of maintaining the security of mobile devices within the Company, the key mobile devices that are used by the employees include; laptops, personal mobile devices, robotic control instruments and portable e-readers.
Risks
Mobile devices can be exposed to different risks within the organization, such as Mobile Ransomware, phishing devices and malicious websites and applications. The existence of such malicious websites and Ransomware may expose the Company’s data and networking systems to risks that may impact the software and hardware components.
References
Singh, J., & Behal, S. (2020). Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions. Computer Science Review, 37, 100279.
Shinan, K., Alsubhi, K., Alzahrani, A., & Ashraf, M. U. (2021). Machine learning-based botnet detection in the software-defined network: a systematic review. Symmetry, 13(5), 866.
Pittman, J., Wang, L., & Wu, D. (2022). Network analysis of audit partner rotation. Contemporary Accounting Research, 39(2), 1085-1119.
Ali, I., Sabir, S., & Ullah, Z. (2019). Internet of things security, device authentication and access control: a review. arXiv preprint arXiv:1901.07309.