Federated Industry

1) Please list TWO major risks of the above company system.

Firstly, although there is a firewall to protect the company system from outside, internal staff may easily get access to the database with customers’ sensitive information. So there is a potential that internal staff will get access to the data with an illegal, profit-seeking propose. This kind of highly sensitive data should only be accessed by particularly authorized staff.

Secondly, there is a potential of man-in-the-middle attack done by external hackers in spite of the existence of firewall. Hackers may listen to the data transferred by the customers and even manipulate it. So the data received by the company system may be copied in advance or be wrong.

2) What will be the two corresponding controls you will recommend for the two risks you identified in (1)? Also specify the controls are preventive, detective, or corrective.

For the first problem, I recommend physical access controls (preventive), which is to physically secure the place where the customer database is by using high-tech authentication method, e.g. iris identification, voice recognition and so on.

Also, a secure network design is needed (preventive and detective). General staff’s workstations should be in a different network with the database’s one, so that denial of unauthorized access can be prevented by changing the security setting of network device. Also, any suspicious data flow can be detected by network device’s records.

For the second problem, Public key infrastructures (preventive) can be used. It is a mutual authentication that the application validating the user as well as the users devices validates the application - hence distinguishing rogue applications from genuine applications.

Also, latency examination(detective) can be used. If the time for data to reach both parties is longer than normal, this can indicate a third party.