Computer Security Term Paper

Total Length: 1378 words ( 5 double-spaced pages)

Total Sources: 3

Page 1 of 5

Security Assessment and Recommendations

My Name

My Teacher

SE571 Principles of Information Security and Privacy

TOC o "1-3" h z u

AS Company Overview

Two Security Vulnerabilities

Software Vulnerability

Recommended Solutions

Telecommunications Closet Security Recommendation

Impact on Business Processes

Budget

Aircraft Solutions (AS) is a globally recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Their manufacturing plants are located in San Diego, California and a second, in Santa Ana, California. At present these plants' manufacturing systems are linked entirely over the public Internet, with firewalls protecting the headquarters systems in San Diego that have IT, Finance and Sales & marketing. Production in Chula Vista, California and Santa Ana, California are located behind the same firewall that protects headquarters. This configuration presents a myriad of security challenges for the company, with the most significant being exposure of their manufacturing planning data in their manufacturing resource planning (MRP) and enterprise resource planning (ERP) systems. SA has a second weakness of having no proxy server protection from incoming data across the public Internet. If a competitor or even a foreign nation was able to gain access to just one server, they could feasibly hack into the core MRP and ERP systems, penetrating both the AS Company Overview

The software and hardware aspects of the company's security strategies are highly ineffective today for protecting the assets critical for running a project-based business in the industries they compete in. All A&D manufacturers who compete in project-based manufacturing programs as does have MRP and ERP systems that seek to optimize materials, production instructions and costs. Today these systems are vulnerable to outside hacks and intrusion over the public Internet (just a firewall separates the core information AS is running their business on from the outside world). In addition, there is no fail-over firewall strategy in place at the hardware level, with the most elementary being proxy servers (Leong, Yu, Lee, 2003).
Two Security Vulnerabilities

MRP and ERP System Vulnerability

The most strategic systems that AS relies on to run its business are the most vulnerable given its current enterprise-wide network and telecommunications configuration of the company today. Aircraft Solutions primarily relies on project-based manufacturing, with the DCNC (Direct Computer Numerical Control) machine data essential for completing individual projects. Without this data, the company will not be able to finish projects on time and get customers to pay them. The DCNC and project-based manufacturing data in their MRP and ERP systems are the life blood of their business. The vulnerability is having projects completely stop if the data is corrupted, the threat is that of competitors stealing the data and undercutting them to their own customers, and the risk and consequences are a potential rapid drop in revenue and eventually the company going out of business. The assets involved in this DCNC (Direct Computer Numerical Control) data and machines, BPM system and as it can be clearly seen in the case, their MRP and ERP systems as well.

The second vulnerability are the lack of proxy servers and sufficient fail-over firewall protection. Today anyone skilled enough to quickly break through the single firewall with have access to all data in headquarters, and throughout the DD and CD divisions. Further, their network infrastructure is protected initially by just a router. This is incredibly insufficient for the confidentiality of the data the company is dealing with on a daily basis. If Department of Defense (DoD) customers knew this was the configuration of their network infrastructure, they would be shut down and have a security audit performed. The threat of not having proxy servers and protecting their network with just a router include having their ability to produce and fulfill orders immediately disrupted. The vulnerability is their most critical enterprise-level information could be quickly compromised and used by competitors or even foreign governments to understand….....

Need Help Writing Your Essay?