MOCK1 Task3

  

Text Box 131, TextboxRectangle 132, Textbox 

Table of Contents 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

INTRODUCTION: 

 

Swift FinTech is a fast-growing financial technology company based in London, and it offers services such as digital payments. They are soon expanding their services into Europe and currently in progress to expand its headquarters to meet the company’s expansion. They are currently facing several difficulties which raise serious concerns about its existing network configuration and security controls. The aim of the project proposal is to outline all current issues within the network infrastructure and how they would affect the company. It will also suggest new hardware and software required to enhance the network infrastructure as well as including costs of implementation. It will also include an explanation of any potential network and system security issues with recommended mitigation.   

 

ISSUE WITHIN THE SYSTEM  

  • There have been unauthorized login attempts  

  • There are outdated encryption protocols  

  • There is inconsistence patching of systems  

  • Unrestricted remote access to company servers  

  • Shared administrative credentials  

  • File server, Client operating systems, and the VPN services are significantly outdated or misconfigured  

  • Weak enforcement of encryption standards on the VPN  

  • User access management is also inadequate  

  • Lack of role-based access controls  

  • Sharing login credentials due to the absence of properly set up user accounts  

  • Ability to install unauthorized software  

  • Logging in from personal devices  

  • Firewall rules are found to be misconfigured  

  • Training videos are found to be outdated   

  • Zero-day exploits are not covered  

 

DETAILED OVERVIEW: 

 

REQUIREMENTS: 

 

  • All desktops/laptops’ computers must use a current and standardised operating system  

  • Administrative privileges must be restricted, eliminating the current practice of multiple users having unnecessary high-levels access 

  • Shared credentials should be eliminated and replaced with individual, securely managed user accounts  

  • All server computer must use a current network operating system 

  • Software should be standardised across all computers with all users using the same productivity software  

  • Hybrid and remote employees must be able to securely access servers from outside the company network  

  • The business must be confident that data protection requirements are met  

  • Systems which hold confidential information must be adequately protected from the network threats 

  • Appropriate solutions to manage devices inside and outside the network must be implemented 

  • Standardised centrally managed endpoint protection should be implemented  

  • Physical security of the building should be appropriate 

  • Users should not be able to install software on their network  

  • Any training or upskilling for staff to use the new systems should be considered 

  • Additional VPN licenses to be purchased to meet increased hybrid and home working  

  • Add regular training with up-to-date training resources should be implemented for staff awareness 

 

ISSUES: 

Due to company’s planned expansion across Europe, they will require more VPN licenses in order to allow employees to access the network and access any resources. This is due to Swift FinTech maintaining there 2 servers in a server room based at its head office in London. In order for the employee to connect to the network they will require a VPN as its vital to minimize the risk of cyber security threat. Furthermore, the company’s servers are both outdated which introduces other predicaments such as communication and connectivity issues. 

The file server is currently running on ‘Windows Server 2012’ which can introduce vulnerabilities to the system as there may not be any patches released by Windows as the Operating System is outdated this leaves the system unprotected from any cyber-attacks and can lead to loss of data which would break legislation such as DPA and GDPR which would lead to financial, legal, reputational damage. The domain controller is currently running on a Windows Server 2022 which means that users may face issues when communicating with the domain controller this can affect the staff work rate as they may face delays. The companies network policies have been in place for a number of years and haven’t been updated to meet the growing size of the company. This could lead to security vulnerabilities and operational issues. They should address this by assessing current policies and identifying security needs, update policies, implementing the changes, and monitor the effectiveness. 

There are many other issues such as users using laptops with Windows 8 as their OS, old financial modelling software with reports on application crashes and slow system performance. This can present significant risks, including security vulnerabilities, compatibility issues, and performance problems, as well as the potential for legal consequences, and performance degradation as old applications tend to consume more resources and run slower than newer versions, this impacts the device performance. There have been also noted that there are unauthorised login attempts on users accounts and noticing frequent failed authentication attempts from unknown IP addresses. If there are any successful login attempts, often indicating a security breach can be caused by various factors, including password leaks, phishing attacks or brute-force attacks. To mitigate these issues, implement strong passwords, enable multi-factor authentication, and regularly monitor for suspicious login activity.  

Furthermore, there have been discovered misconfigured firewalls rule allowing unrestricted remote desktops connection. Firewalls and other networks settings can be a potential security vulnerability if they are not configured correctly. This usually occurs when there are open ports which are allowing unauthorized external connections to the network. This can be vulnerable to the network as hackers can intercept data throughout the network which can disrupt the way the users access data. Regularly auditing and optimizing firewall rules is crucial for maintaining a secure network. Moreover, there have been identified outdated TLS protocols which are still being used in payment processing systems. This poses significant security risks, including vulnerabilities to attacks like downgrade attacks and the use of weak cipher suites, making them deprecated by security standards and regulatory bodies. If failed to upgrade to newer TLS versions, it can lead to fines and penalties for non-compliance with industry standards. Furthermore, outdated TLS can expose businesses to data breaches, as sensitive information transmitted over these protocols can be intercepted and stolen which can lead to reputational damage, financial costs, and loss of business as stakeholders will pull back from the company. 

Some company data will be stored on a public cloud environment which can present both benefits and risks, including security concerns like data breaches, weak authentication, and lack of encryption. However, it also offers scalability and cost effectiveness. Storing sensitive data or regulated data in the cloud raises concerns about complying with industry and regional regulations which can damage the company legally and financially and reputationally. Furthermore, as the data stored on the public cloud it can mean that anyone can access and edit the data which increase insider threat and perhaps give competitors an advantage as they would be able to access the data.  

Finally, several staff have access to admin passwords and have used it to install unauthorized software. Some employees are sharing login credentials because their individual accounts have not been created in the system. As stated above weak passwords and credentials can lead to unauthorised access, data breaches, and financial losses, emphasizing the need for strong passwords policies and security measures. To minimize these vulnerabilities, the company can make sure that each employee changes their passwords from there default. To create a strong a password they can implement combination of characters, numbers, and special characters. They could implement authentication methods such as: 
 

  • Two-Factor authentication: This is a common method to verify the user, as it requires a user to provide two methods of authentication to verify their identity 

  • Biometric authentication: This method uses physical characteristics of a user such as a fingerprint or facial recognition to confirm the user’s identity 

  • API keys: This is a code used to identify and authenticate the user. API keys are available through platforms, such as a white-labelled internal marketplace. They also act as a unique identifier and provide a secret token for authentication purposes. 

EQUIPMENT AND NETWORK COMPONENTS REQUIRED: 

 

In order to enhance Swift FinTech network infrastructure it will require the company investing on several hardware and software as follows: 

HARDWARE: 

  • New Up-to-date servers  

  • New Up-to-date desktops and laptop computers  

  • Physical security for on-site servers 

  • WAP (Wireless Access Point) 

SOFTWARE: 

  • VPN licenses 

  • Firewall 

  • Role-based access control  

  • Anti-malware  

  • Managed user accounts 

  • New training resources 

  • User restrictions  

 

 

CHANGE FROM CURRENT SET-UP: 

 

Swift FinTech should consider a number of implementation techniques such as; parallel, phased, pilot, direct. 

DIRECT: 

This involves a complete and immediate switch from the old system to the new one on a specific date. This can be fast and relatively inexpensive but comes with the high risk of disruption if the new system fails or has issues.  

PILOT: 

This approach involves rolling out the new system to a small, representative group of users or a specific department to test out the system before it is implemented. This allows for testing and refinement of the new system with minimal impact on the overall organization. However, it can be time consuming and may not fully represent the entire user base. 

PARELLEL: 

This method involves running both systems concurrently for a period of time, allowing data comparison and user training before fully switching over. This has the least risks, as users can continue using the old system while transitioning. However, this is also the most expensive and resource-intensive, as it requires maintaining 2 systems simultaneously. 

 PHASED: 

This approach involves introducing the new system in stages, with different modules or functionality gradually being rolled out. This allows more controlled and less disruptive transition, with the ability to address issues as they arise. 

The company should consider the best method to implement the system by evaluating the benefits and drawbacks. Personally, they should implement a pilot implementation technique as it will test out all the components and modules of the system without interfering with the current system. They should pick out a day where no staff is working when transitioning to the new system to reduce the likelihood of any risks. 

 

 

 

 

 

Comments

Popular posts from this blog

OS A3 Task 1

OS A3 Task 2