Company's It Security Report

Kingdom of Saudi Arabia

Ministry of Higher Education

Saudi Elictronic University

Company's IT Security Report

Prepared by

Bassam Abdullah Alsenani

Supervised by

Dr. H. Anwar Ahmad

2013-2014

First Semester

Introduction:

Even a small company as ours should consider high security for its data and make sure it's accessed only by the authorized ones. No matter how unimportant you think your data is, it could be targeted and useful to others. You should also know that a lot of hackers do what they do just for the fun of it. For example, Celebrities' Twitter accounts are prime targets for this kind of hackers. Every member of the company using its network should be aware of that because any one of them could be the cause of a system breach.

Securing our system:

To secure our system, We need to build a firewall secure the assets of our system (hardware, software, data and communication lines) considering its confidentiality, integrity, availability, authenticity and accountability. Next, We will briefly discuss these aspects:

1. Confidentiality: we should make sure information is available only to authorized users. One of the things we must consider is that We should minimize the number of employees that we authorize to more important information as we can. The lack of confidentiality could be harmful considering our system's software, data and communication lines.

2. Integrity: The two key components of system integrity are software authenticity and the assurance of user identity. Here, We should make sure the information is correct and not manipulated by unauthorized users. To do this, We can always keep a more secure backup for our data and have a good hack detecting system .The lack of integrity could also be harmful considering our system's software, data and communication lines.

3. availability: meaning we should make sure the service is always available. The IT department should be prepared at any time for system crashes or attacks....