Gfis Authentication Technology and Network Security Issues Research Paper

Open, View, and/or
Download this Document

Total Length: 5811 words ( 19 double-spaced pages)

Total Sources: 15

Page 1 of 19

GFI Turn-Around IT Strategy

Turn-around Information Technology Strategy for Global Finance, Inc. (GFI)

GFI's Authentication Technology and Network Security Issues

GFI TURN-AROUND IT STRATEGY

Global Finance Inc. offers services in the finance industry. This is a sensitive area of business that requires tight security policies and strategies to be implemented on the network of such an organization. GFI has, however, not given much attention to the IT department, especially, its security and thus the loopholes that exist and have been exploited by black-hat hackers. This is clear from the facts provided that the company's oracle database has been compromised in terms of availability, confidentiality and the integrity of the data stored. Organizations in the finance industry have the integrity, confidentiality and availability of their databases as one of their biggest assets. A simple mistake or gap on such an organization's technology policy and implementation may lead to huge losses that may see the organization going out of business. Any business organization that deals in the finance industry requires a strong IT department that is able to come up with strong policies, carefully implement them, monitor them and control any breaches on the system. To function as required and safeguard the assets of an organization, the strong IT department requires a sufficient budget and dedication from the top management.

A number of gaps in the network security and technology strategy of GFI can be identified from the details provided. Below is a discussion on the gaps and how the gaps expose the organization to various risks.

Authentication Technology and Loopholes at GFI

Authentication is a key aspect as far as the protection of information technology assets of an organization is concerned. various forms of authentication are available for use by organizations to keep unauthorized people from accessing the resources of the organization and probably compromising the confidentiality, availability and integrity of the data held in its databases. Some of the most common forms of authentication mechanisms include the use of suitable standard passwords and usernames for users while logging into the systems of an organization to carry out their roles. Biometric authentication is an effective method utilized by some systems to authenticate users into accessing the resources of an organization. Some organizations combine more than one authentication mechanism to improve the security of their assets (Cole et al., 1978).

GFI does not seem to consider authentication as an important aspect in its information technology strategy. Authentication mechanisms of an organization should trickle down from a policy to implementation by an able IT department. Going by the information provided about GFI, the organization does not have a policy of the most appropriate authentication mechanism in ensuring that only authorized individuals access certain resources of the organization. Thus, there is nothing that the IT department is expected to implement as far as authentication mechanisms are concerned. The GFI IT department should take time and design an authentication and accountability policy (Guichard & Apcar, 2001).

The simplest and effective authentication policy can revolve around the nomenclature of user names of the GFI staff combined with passwords of desirable parameters. Unique staff numbers can be used as user IDs when accessing the organizations systems to ensure accountability. In addition to the user names, passwords meeting the desired standards can be used to authenticate the users. Some of the necessary password parameters should revolve around the minimum length of passwords, complexity aspect of passwords, password expiry aspects, lockout durations when wrong passwords are used to access resources, maximum number of wrong password attempts when logging in and a requirement for users to change their passwords upon first logon. Weak authentication mechanisms are a dangerous aspect that exposes systems to black-hat hackers in compromising the resources of an organization (Mark & Lozano, 2010).

Going by the information provided, black-hat hackers have already accessed the resources of GFI and caused a number of undesirable effects. The IT department is said to have witnessed a sudden huge amount of data flowing into the oracle database. Possibly, this could be a denial of service attack launched by malicious attackers. They might have taken advantage of the poor or lack of an authentication policy and strategy by GFI. Social engineering could be one of the methods through which the hackers realized information about lack of authentication mechanisms by the organization as the huge surge of data into the oracle database was experienced after an article was published about GFI. The hackers might have launched brute force attacks using hacking tools such as Kali Linux and managed to get into the system.

Stuck Writing Your "Gfis Authentication Technology and Network Security Issues" Research Paper?

View All Our Example Gfis Authentication Technology and Network Security Issues Research Paper

Have A Custom Example Essay Written

To prevent such attacks, there has to be a policy on accountability and authentication, specifying the standards of password parameters as mentioned earlier. The policy should then be implemented by the IT department. With the password policy enforced, it will be difficult for the black-hat hackers to launch brute force attacks as they will be locked out of the system after a given number of wrong password attempts (Evans, 2003).

GFI's Network Security Issues and Recommended Mitigation Measures

GFI has a number of network security issues touching both on its WAN and LAN. To start off, let us focus on the LAN security loop-holes. There is no clear separation between guest broadcast domains and the staff broadcast domains. The information provided points towards the possibility of one being able to connect and access into the organizational network from the Wi-Fi solution implemented by GFI. Malicious individuals can take advantage of this loophole to access the resources of GFI. It is advisable that VLANs be used to establish a clear demarcation between guest networks and staff networks. Probably, the guest network should be set up in a separate VLAN from the staff VLANs. Access rules should then be implemented to prevent traffic from guest networks from flowing into staff VLANs. The range of IPs used in the VLANs should be different from the usual ones. Probably, the only resource that should be accessed by visitors from the organization's LAN via the guest VLAN is the internet. This can be achieved by using the VLAN strategy and access rules strategy mentioned earlier. An access list should be included in the configuration of the router to prevent the guests from accessing staff resources, but allowing them to access the internet. The range of IPs in the guest network should be included in the set of IPs eligible for network address translation (NAT) and a route configured from the guest network to the internet (Furht, 2010).

To access the GFI LAN, one does not require a standard authentication, going by the information provided. This is a LAN weakness as elaborated earlier. Double authentication strategies are usually suggested for organizations to secure their networks from man-in -- the middle attacks and other possible attacks. GFI might be using a WEP password on its wireless local area network or the hotspot might be open. With an open access point, one will be able to easily log into the network and launch possible attacks. With WEP passwords, hackers can crack the passwords using various hack tools and this might lead to access into the whole organization's network. GFI should consider implementing either WPA or WPA2 password standards in their Wi-Fi access points as passwords with these standards are not easily cracked. The Wi-Fi authentication can be combined with a web-based authentication to protect the GFI network even further (In Kremar et al., 2014).

The distances within which the Wi-Fi access points transmit the signal is of essence when tightening the security of an organization's network. At GFI, the wireless local area network is strong enough to cover huge distances hence they can be accessed from places outside the organization. This makes it easy for attackers to launch attacks into the GFI network with ease. One does not need to crawl with antennas within the premises of GFI to tap into the network through the broadcasted Wi-Fi signals. Restricting the Wi-Fi signals within the GFI premises could limit the chances of hackers getting into the organization's network as they could be spotted and stopped on time. However, the ability of the GFI access points to transmit signals over huge distances to premises outside GFI gives the hackers ample time as they can do their hacking comfortably without being spotted. To prevent this, the IT department should configure the access points to broadcast their signals within the premises of GFI. A possible alternative solution could be orienting the antennas to face directions that will prevent signals from leaking to regions outside the GFI premises.

Looking at network security from the WAN section, data flowing through the VPN tunnels established over the internet is not encrypted. If this data is in the form of "http" traffic, it can be trapped used hacking tools such as Cain and Abel. The packets trapped can then be stripped down into both the payload and headers. Some of the packets carry password and username information. This can be obtained once these packets are stripped….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Gfis Authentication Technology And Network Security Issues" (2016, April 17) Retrieved May 6, 2024, from
https://www.aceyourpaper.com/essays/gfis-authentication-technology-network-security-2157621

Latest MLA Format (8th edition)

Copy Reference
"Gfis Authentication Technology And Network Security Issues" 17 April 2016. Web.6 May. 2024. <
https://www.aceyourpaper.com/essays/gfis-authentication-technology-network-security-2157621>

Latest Chicago Format (16th edition)

Copy Reference
"Gfis Authentication Technology And Network Security Issues", 17 April 2016, Accessed.6 May. 2024,
https://www.aceyourpaper.com/essays/gfis-authentication-technology-network-security-2157621
   

Open, View, and/or
Download this Document
order custom essay example