Friday, 23 March 2012


Egos a catalogue sales company has asked me to evaluate a network for security threats and provide solutions

No log on to the network


 If a company are a business has no log in anyone can access the information on the company employees and the companies costumers and this is apart of the data protection act 1998 the act was taken in to protect people personal information on there bank details and address and any other information the company has o the costumers.
 

 
 Internet (unrestricted access)
If there is unrestricted access to the internet for the employees could get viruses on the computer and hackers could then access the costumer’s information as then employees have been on website with viruses and download files that could corrupt the computed and cause a lot of problems. Also the employees could get easily distracted by other websites.

Staff is allowed to install and remove software

The staff could remove very important software from the company computers and add harmful software to the computers if the employees were to remove software they could be deleting some of the costumers’ information that is saved on the computer software. Also if they were to add new software it could be a cheap on with a lot of virus.

Data is backed up once a month. 

The problem with only backing up the data once a month is that if you where to lose three weeks on work is would be a big lose and could really damage the company. But if you wear to back up the data every night are every to days it wouldn’t be a big of a loss.

Data tapes are kept secure in a locked plastic box on top of the server


Te problem with keeping the data on top on the server is that if the sever was to over heat the plastic box could melt and destroy all of the data. Also the point of having back up data id because if there was a fire and flood the back up would be destroyed. The backup data should be kept in a fire proof box and in a different location

The company keeps records in a database on customers. This information includes:


If the company is going to be holding costumers information on there purchases, account numbers, bank details, and names and address etc there must be a log in so that not everyone can access the user information the and the information should not be available  to all of the companies staff members. Discuss costumer’s details it is meant to be confidentiality I have also heard staff members talking on the phone and giving costumers details over the phone which you should not be doing because you don’t know who the person is on the other side of the phone.