Submitted by: Submitted by joecoolinaz
Views: 930
Words: 1483
Pages: 6
Category: Science and Technology
Date Submitted: 10/30/2011 08:22 PM
Aircraft Solutions Security Vulnerabilities
Submitted to: Professor XXXX
SE571 Principles of Information Security and Privacy
Keller Graduate School of Management
August 16, 2010
Table of Contents
Executive Summary 1
Company Overview 1
Security Vulnerabilities 2
Software – No Instrusion Detection System 2
Policy – No audits & Need-to-know-controls 2
Recommended Solutions 3
Solution for Software Weakness 3
Solution for Policy Weaknesses 4-6
Impact on Business Processes 6
Summary 7
References 8
Executive Summary
The purpose of this report is to identify possible security vulnerabilities of Aircraft
Solutions. Aircraft Solutions provides low-cost design and computer-aided modeling packages to customers to reduce their development expenses. A software vulnerability that was identified is the lack of an intrusion detection system (IDS). An IDS would alert the systems administrators to possible perpetrators attempting to access the network.
There were two vulnerabilities identified that relate to the security policy. The first is the need for an IT Audit policy. The second vulnerability is the use of a need-to-know network access policy.
Company Overview
Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace. Located in Southern California, their mission is to provide customer success through machined products and related services and to meet cost, quality, and schedule requirements. AS offers low-cost design and computer-aided modeling packages to customers to reduce their development expenses.
Security Vulnerabilities
Software Vulnerability
Aircraft Solutions remains vulnerable because it does not employ an Intrusion Detection System (IDS) to protect their network. An IDS is kind of like a burglar alarm for computers, they sound alarms when an intruder or abuser is detected. An...