MOCK1 Task2

 Interview questions: 

  1. What is the current budget for Swift FinTech for the cyber security measures for the company’s planned expansion? 
    IT manager doesn’t have access to those information 

  1. When would you like the cyber security measures to be implemented by? 
    Set back by delays 

  1. Which OS do the companies devices currently run on? 
    2 Servers, file server window 2012, domain server 2022 

  1. What type of hardware is currently in use and how old is the hardware?                            75 Employees, PC’s and Laptops, print services, VPN licenses and personal devices. 

  1. Have you faced any connectivity issues in the past? 

Yes 

  1. If so, how have they impacted users? 

Downtime and crashes reported by users affected their work rate. 

  1. Have you faced any communication issues in the past? 

Yes, users have noted that they don’t have access to certain services. 

  1. Is there any type of access control policies in place at the moment? 

Users unable to access certain services and certain software unable to be accessed 

  1. Has there been issues such as users accessing data that they shouldn’t be? 

Yes, users have access admin passwords, resources and able to access to software they shouldn’t be able to  

  1. What type of training are staff provided with relating to cyber security threats and mitigation? 

1 hour of training provided on induction  

  1. How regular are this training provided?  

No, only 2022 material training at induction day. 

  1. Are there any hybrid users? 

Yes, 20 employees issued by the company. 

  1. If so, how do they connect to the network?  

Offer account logins and VPN  

  1. Are there any VPN licenses provided by the company to the staff members? 

20 concurrent users of which have 10 active connections. 

  1. What type of security measures are in place, for example a firewall? 

IPSEC encryption 

  1. Are there any physical security measures to on-site servers? 

No physical security measures nor any other sort of detection and prevention measures. 

  1. Have you faced any cyber threats in the past few months, if so what type of threats did the company face? 

Noticing suspicious login to network and unregistered access, but have prevention methods and not actively monitoring the situations. 

  1. As the company is planning to expand are they able to host other staff members from different location?  

No plans have been made at the moment. 

  1. Is there enough hardware at the moment for the excepted number of staff? 

Devices are replaced if any issues are found  

  1. Are there any other concerns with the overall security management for the company?  
    Yes, no detection system, not tracing unauthorized accesses. Also are aware that different users have the wrong credentials, are able to access resources that are not meant to be. So, we believe we do need to implement measures to improve that.  

 

TECHINCAL EMAIL: 

 

 

FROM: 19SinghH@thomastelfordutc.com 

TO: linemanager@lmccyberconsulting.com 

SUBJECT: Key Finding of the Current Security Measures 

 

Dear Line Manager 

 

After completion of the interview with the IT manager, here are the key findings of the current security measures.  

The interview consisted of 20 questions. However, to make it more convenient I’ll outline the most important questions with response and the possible issues associated with it.  

Question 1- “What is the Operating System on the company’s devices?” 

Response- “We currently have 2 servers. A file server who is currently running on a Windows 2012, and the domain server who is currently running on a Windows 2022.” 

Possible issue- With the range of different operating system in use, usability isn’t standardised which means we require to standardise the use of operating systems. This can lead to multiple issues such as system crashes that have been reported by the users, performance degradation, and security vulnerabilities which can be exploited for malicious activities. 

Question 2- “Is there any type of access control policies in place at the moment? 

Response- “Users unable to access certain services and certain software unable to be accessed 

Possible issue- With access controls in place there are many different issues at the moment such as user unable to access certain services and certain software unable to be accessed. The collective causes for such issues are network issues, DNS misconfigurations, or server downtime. This can lead to users being unable to access their resources to complete their work which means that there work rate and the amount of work completed may be affected. Furthermore, this may raise frustration between staff members.  

Question 3- “Has there been issues such as users accessing data that they shouldn’t be? 

Response- “Yes, users have access admin passwords, resources and able to access to software they shouldn’t be able to”  

Possible issues- With the range of issues such as users having access to admin passwords, resources and able to software unable to be accessed. They may introduce multiple risks such as insider threats as they will be able to access more credential data due to the admin status in the company. Unauthorized access to sensitive information can lead to data breaches, with potential consequences like financial loss, reputational damage, and legal issues. 

Question 4- “What type of training are staff provided with relating to cyber security threats and mitigation? 

Response- “1 hour of training provided on induction using 2022 threats materials” 

Possible issues- If the users are provided with little training it may raise risks such as safety concerns, ineffective communication, lack of engagement, and potentially leading to negative outcomes like decreased morale, safety risks, and a hostile work. If the staff are not kept up-to-date with new threats it may lead to a higher chance of a cyber threat as human error has the highest rate of cyber threats. Untrained employees may not know how to handle hazardous situations or follow safety protocols.  

Question 5- “Are there any physical security measures to on-site servers?” 

Response-Not at the moment” 

Possible issues- To protect hardware, infrastructure, and data from physical threats like theft, sabotage, and natural disasters. Insider threats and Malicious employees are the ones that would have an advantage into gaining access to physical locations due to there role in the company. Unmonitored or poorly secured entry points, such as windows and doors, can be exploited by intruders. 

Question 6- “Are there any other concerns with the overall security management for the company? 

Response- “Yes, no detection system, not tracing unauthorized accesses. Also are aware that different users have the wrong credentials, are able to access resources that are not meant to be. So, we believe we do need to implement measures to improve that.”  

Possible issues- To enhance overall security management for the company it is important to resolve concerns mentioned by the IT manager. If there isn’t any detection system it will make it harder for us to identify any threat in the system. If the threats are left unresolved for a long period of time it could lead to a more dangerous threat to the system. This could damage the business in legal, financial, reputational aspect which could affect the overall companies’ sales and profit  

To conclude, my findings from the interview with the IT manager have made aware of the main concerns such as: 

1. Outdated OS for the servers which have been leading to usability, connectivity, and communication issues 

2.Users have access to admin passwords, resources and able to access to software they shouldn’t be able to which can lead to malicious activity 

3.Operating systems aren’t being standardised 

4.Misconfigured access control policies 

5.Lack of user training which would require more regular training to make the users aware of new threats and mitigation 

6.No physical security which would make it more vulnerable to insider threat 

7.No measures implemented to enhance overall security management 

Thanks for your time and I hope this email reaches you well. Hope this will help you make and recognize appropriate changes required to enhance security in the company 

Thank you  

 

Your sincerely,  

Hardeep Singh 

 

 

 

NON-TECHNICAL EMAIL: 

 

FROM: 19SinghH@thomastelfordutc.com  

TO: HRdirector@lmccyberconsulting.com  

SUBJECT: Overview of issues identified for SwiftFinTech 

 

Dear HR Director, 

Following the interview with the IT Manager, I present to you an overview of the key issues identified at SwiftFinTech. I will provide you with key issues, and reasons for changes as well.  

One of the key issues was that the servers Operating system is out-dated which means that they users may face issues such as connectivity and communication issues. This could affect the staffs work rate and influence project deadlines as they will be restricted access to resources. It also makes costumer data more vulnerable as older Operating Systems have higher likelihood to be attacked by hackers this can make the clients/costumer lose trust in the company holding their personal data. This can lead to further consequences such as bad reputation and lead to financial and legal consequences if there was a cyber-attack, it would intend that the company has failed legislations which may well lead to fines and lawsuits. This could mean that plans on expanding may be delayed due to lack of resources and stakeholders pulling back due to bad reputation. 

Another key issue is that the data is stored on-site is kept unsafe, as there are no physical measures which would prevent unauthorized access to the servers and physical copies of data. Again, costumer information is important and must be kept secure at all times, so if the costumer data is lost it can lead to similar consequences as mentioned before.  

Moreover, regarding security is that there isn’t any hierarchy in place on the user access. With no hierarchy in place, any users at any time can download whatever they please onto to the computers. This means that they can be installing software which could affect the company as they may be harmful and could affect the computer system and lead to other threats to the company. Furthermore, due to staff members having access to admin’s passwords it can mean that malicious employees have access to all resources and can carry out malicious activities and affect the overall costumer data and damage the business.  

Overall, it is important for the company to implement measures to enhance overall security management. Without suitable security management measures, businesses face significant risks. Including financial losses, reputational damage, legal liabilities, and loss of costumer trust, which takes time to build, can be shattered in an instant if disruptions are mishandled, potentially impacting long-term growth and viability.  

Lastly, following previous points data is key to a business and it must keep secure at all times. 90% of cyber threats are due to human error, that is why it is important for the company to provide regular appropriate training to staff to minimize the likelihood of threats. It is noted that on induction the company provides 5 hours of training with out-dated training materials which provide insights on 2022 threats. As technology is developing, so it’s the methods of hacking. Therefore, it is vital to keep up-to-date with training resources which would strengthen the employee knowledge on threats.  

I hope you acknowledged the following vulnerabilities in the company that could concern the business in the legal, financial, reputational aspect. This will help you construct and recognize appropriate changes required to enhance security in the company. 

Thank you  

 

Your sincerely, 

Hardeep Singh 

Comments

Popular posts from this blog

OS A3 Task 1

OS A3 Task 2