Strategies of Mitigation

Running Heading: NETWORK SECURITY REPORT

Addressed To: Newly Hired Network Security Technicians

Chaston Carter

Network Security Report for New Technicians

As the network security administrator, I write this report to welcome the newly hired network security technicians and provide you with the instructions on security. As you all know, our tasks as network security technicians is to ensure that our organization is in good condition in terms of security of information and all information asserts are protected from security threats. This entails managing the infrastructure of the network as Jennifer Preffer said about network administrators, “is responsible for keeping an organization’s computer network up to date and running smoothly.” (Preffer, 2016). This would automatically result to a secure network and website of our organization. Apparently, we are also responsible to responding to any incidents of attacks of our network. Therefore, today I would like to discuss on the most prevalent web security threats in our organization, the hazards they present, and how these threats are exploiting holes in current security countermeasures. I would also explain about the actions that should be taken to prevent existing web security countermeasures from being exploited. Finally, I would assess the cons and pros of choosing to implement measures such as firewalls, access control measures, and cryptographic systems.

Current Prevalent Web Security threats

Insecure Cryptographic Storage Vulnerability

This threat involves the poor encryption of sensitive data. This vulnerability “is one of the OWASP Top 10 Most Dangerous Vulnerabilities and has maintained the spot for various years on the go.” (Panesar, & Nagpal, 2015). This can be a prevalent vulnerability since our website involves access to private information from our customers such as credit card details and social security numbers for our employees. The users access these information into the corporate database through the web server interfaced by the website portal. These vulnerabilities are exploiting holes in the present security countermeasures because poorly encrypted data can now be decrypted using current advanced methods. “Poorly designed cryptographic algorithms may include use of inappropriate ciphers, weak encryption method and poor key handling. This flaw can lead to sensitive information disclosure to attackers. This is very dangerous for e-commerce websites.” (Infonsec, 2015).

Broken Session Management and authentication

Sometimes our clients and users may not handle login sessions well. For instance, they may forget to logout or close browser after accessing their profiles over the website which may result to vulnerabilities if the cookies involved are not made invalid for the user automatically. Lack of proper information of the users on managing their sessions makes it easier for the vulnerability to exploit holes in the present countermeasures. (Huluka & Popov, 2012). An attacker can exploit this vulnerability to hijack session and make modification or disclosure to unauthorized information.

Actions to control exploitation

To prevent the security countermeasures from being exploited, we should keep up to date the security policy as per the OWASP standard for verifying web application security. Also, mechanisms should be made to avoid exposure of credentials in logs and URLs. Also, avoiding XSS flaws that could result to session stealing should be avoided in all ways.

Strong algorithm standard for cryptography should be used to encrypt sensitive information and credentials. Its recommended to use the accepted public algorithms like RSA, SHA-256 and AES public keys. Also, the database backups that are offsite should be encrypted in case the web server is compromised. (Mahajan & Sachdeva, 2013).

Pros and Cons of Security measures

Firewall is very good in filtering packets in and out of the private network of the organization through the website by comparing them with standardized policy of information. This ensures that dangerous communication are not allowed. However, some policies may result to limitations and restriction even to safe communications.

Cryptographic systems are important in ensuring communication data integrity and authenticity hence protect sensitive information. However, it result to extra task of encrypting and decrypting which limits processing time and flexibility of data access.

Access control measures like gates and door locks are important in preventing physical access to information infrastructure. However, it does not prevent logical attacks through the network and communication media.

Therefore, I would recommend the new technicians to look security of the network in all dimensions and apply layered security for maximum protection. I am looking forward to work with you to maintain the current security measures that are implemented in our organization.

References

Preffer, J. (2016). “What Does a Network Administrator Do? A Behind-the-Scenes Look”. Retrieved June 4, 2017 from http://www.rasmussen.edu/degrees/technology/blog/what-does-a-network-administrator-do/

Panesar, A., & Nagpal, B. (2015). Insecure Cryptographic Storage Vulnerability: Causes, Prevention and Detection.

Infosec. (2015). “Protect Data by Preventing Insecure Cryptographic Storage.” Retrieved June 4, 2017 from http://resources.infosecinstitute.com/protect-data-by-preventing-insecure-cryptographic-storage/#gref

Mahajan, P., & Sachdeva, A. (2013). A Study of Encryption Algorithms AES, DES and RSA for security. Global Journal of Computer Science and Technology, 13(15).

Huluka, D., & Popov, O. (2012, June). Root cause analysis of session management and broken authentication vulnerabilities. In Internet Security (WorldCIS), 2012 World Congress on (pp. 82-86). IEEE.