Systems and Controls Assessment

Consider you are the IT manager for a large international organization. You have been tasked to assess the company’s information systems and security controls.

Your report should contain:

Describe identification, authentication, and authorization.

Explore whether or not you would use Windows ACLs and explain your reasoning.

Evaluate best practices for managing Microsoft Windows and application vulnerabilities.

Keep in mind, we are more interested in your ability to describe the steps you would take to review security goals than providing an answer to this scenario. Remember the strategy of Think, Plan, Design, Implement, and Evaluate.

 

Systems and Controls Assessment

Organizational information systems rely on confidentiality, integrity, and availability to ensure employees follow the correct security measures taken at hand. Another aspect that improves and spurs data management is information and security measures to enhance security control and reduce data breaches and malpractice. According to Panayotova et al. (2016), information systems need to be secured and up-to-date to ensure all stakeholder data is secured and information assets, including intellectual property, are protected. Large-scale organizations need to focus on advanced cybersecurity firewalls to curb third-party access to information systems. The paper considers several aspects in data security and information management for a large scope organization and evaluates the best practices in managing Microsoft windows and application susceptibilities.

 Identification, Authentication, and Authorization

            The security of information systems and organizational data rely on the three aspects above to ensure only involved parties and stakeholders have access to organizational data. The initial program that will improve data security in the organization is focusing on access control through user identification in all information systems. The user identification process is logical and involves identifying a recognized user on software and allowing access to the information system or all generic information technology systems.  Fang, Qi & Wang (2020) further adds that user identification has evolved from passwords to access cards and usernames that have a unique identity of the subject and monitors the subject's access and amount of time the subject has been under the system.

            The other program in monitoring information systems security is user authentication, which proves the user has access to utilize the company intranet. According to Fang, Qi & Wang (2020), the user authentication process verifies the identity and ensures that subjects provide appropriate credentials like user names and passwords or access cards verification to prove their identity and get access to the intranet. The authentication process provides proof of identity, and user authentication allows devices to verify and identify people who connect to a network resource. The last aspect in controlling access to organizational information systems and enhance security is user authorization. This process identifies a user and specifies the functions and privileges that a user has on the website. The user authorization process establishes the regulations that a given identity or a subject can perform a given function on a given object (Fang, Qi & Wang, 2020). For example, the organization can allow some users in the IT department authorization to view data and other users to delete data. However, the two users must be valid and authorized to have specified capabilities. The processes of user identification and access control are defined by the access control lists (ACLs).

The Use of Windows ACLs in the Organization Information System

            The organization will begin by creating Access Control Lists (ACLs) that were initially implemented in the corporate information systems for firewall protection. According to Hasegawa et al. (2016), Access Control List (ACL) are the rules that either grant or deny users access to specific information technology platforms. As noted by Liu, Holden & Wu (2017, p. 109), there are two types of ACLs. The initial one is the filesystem ACLs that filters access to files and directs the operating system to tell users what privileges they have access to and control. The second is the networking ACLs that filters user's access to specified networks. The Networking ACLs send information to routers and switches on what type of data traffic users can access. With the above information at hand, the company needs to ensure all its devices use Windows and are connected to the windows access control list to be controlled uniformly and identify cases of suspicious invasion by cyber attackers. The reason for implementing and using Access Control Lists (ACLs) in our organization's systems is to ensure that the information systems aim at absolute control of data access and curbing data breaches.

The organization will need to focus on network traffic control through ACL extension to implement an effective ACL. This attribute distinguishes IP traffic through mainstreaming information flow from the source to the destination flowing the IP address and establishes a unique IP in traffic flow. After the process, the information system in the organization will need to establish restrictions on the network or the intranet for effective control of users programs and enforce effective performance of the networks used in the organization. Being a large-scale international organization most practices might involve outsourcing; thus, more third parties in the organization find access to information systems. The access control lists (ACLs) tend to create limitations to third parties in accessing corporate data. The above phase aims at effective firewalls that would protect the organization's IS. Most organizations need to attain a specific level of security that will ensure profit maximization and prevent uncertainties (Liu, Holden & Wu (2017, p. 106).

The above step has eliminated malicious third-party attacks; now, the organization needs to envision curbing insider attacks. Curbing insider malpractices in exposing organizational data and breaching administrative data protocols is essential. Liu, Holden & Wu (2017) points out that there is a need to create specific user authentication protocols that specify user's access to servers and networks by identifying which user can access some privileges and the limitations. The institutionalization of the above process will ensure Access Control Lists (ACLs) have a systematic and granular monitoring and controlling module of the data traffic that exists in the corporate information system. According to Hasegawa et al. (2016), the Access control lists (ACLs) ensure authorization and authentication of users to specified data in the information systems and control users in managing sensitize information services and data from outsiders.

Access control list (ACL) Best Practices

            Once the organization has conceptualized the Access control lists (ACLs) model in the information systems, it will need to configure the process through best practices to curb data breaches and malicious cyber-attacks. The initial process will be ensuring the configuration of the 'ACLs everywhere' principle. According to Liu, Holden & Wu (2017, p. 105), the 'ACLs everywhere' principle ensures the control lists on each interface are enforced in all data security protocols and the routing gear protocols in information management. The process will create the best fit network that will distinguish user's outward-facing interfaces and campus network formation interfaces. The above best-fit networking protocol will ensure all interfaces are similar and inbound to addressing data transfers.

 The second best practice is putting all Access control lists (ACLs) in an orderly and systematic information flow. According to Hasegawa et al. (2016, p. 560), in all cases, the engine enforcing the ACL starts the process at the top and moves down to the bottom of the list. The module will ensure a specific data stream and ensure organizations adopt ACLs and lower computational overhead to surpass state firewalls focus on high network speeds.

The last best practice is documentation of all the process in the networking systems of the organization that will ensure users understands why the ACLS rules are in the system and show the intention of adding ACLs in the networking processes. The above is the last process, and it will facilitate routine management by network developers to eradicate the one comment per rule security policy that has limitations. However, through user authentication, the information systems can actualize the one comment for the entire block policy, which is an intricate explanation of user access to the authorized data or network.

Best Practices for Managing Microsoft Windows and Vulnerabilities in Applications

            To manage and monitor windows operating system ensures information technology experts fix the existing software and fix bugs to regulate data security vulnerabilities. This organization needs to ascertain its financial scope and the faults in the current information system and networks. According to Khatamifard et al. (2019), information systems rely on operating systems like Windows and Linux prone to vulnerabilities and ransomware that give room to cyberattacks to corrupt the system. Our organization needs to create a cyber-resilience program that is routinely updated to match the new cyberattacks modules and actively protect the corporate systems through a warning system and firewalls. The management practice on windows Microsoft is undertaking a comprehensive inventory on software and hardware to have a clear picture of what the organization has and compare it to the vulnerabilities. The above process will necessitate a 360-degree security policy to show real-time visibility on the health of endpoints.

To mitigate risks and vulnerabilities in the Windows operating systems, the company will need to undertake a risk level assessment on the systems and choose the right priorities. The above process will ensure the system administrators monitor the Control Folder Access (CFA) and ensure service accounts with minimum privileges host users instances. According to Jerkovi?, Vraneši? & Dadi? (2016), the operating system will be secured since once a device suffers ExploitGuard CFA File Creator intrusion will be prioritized for authentication and access. In such cases, the program trusted programs will be implemented, thus protecting organizational data. The other best fit will be ensuring each user, group, or department in the organization has a different Microsoft biz talk server. The process will be installed to maximize security boundaries between different hosts and ensure that each department uses a diverse Microsoft Biz Talk server (Khatamifard et al., 2019). The process needs to be regulated to confirm the installation user is removed from the Biz Talk Server administrators group. The last best fit practice that my organization will instill in managing Microsoft Windows and Vulnerabilities in Applications is to focus on regular updates. According to Jerkovi?, Vraneši? & Dadi? (2016), 99 percent of data breaches are caused by active vulnerabilities in corporate environments and pending updates that malicious attackers utilize. The above will caution our organization from irregular updates of applications and ensure system administrators help prevent the risks by regularly undertaking updates.

Conclusion

Information systems in our organization need to be secured and up-to-date to ensure all stakeholder data is secured and facilitate the protection of information assets, including intellectual properties. Large-scale organizations like ours need to focus on advanced cybersecurity firewalls to curb third-party access and malicious attacks. Organizational information systems rely on confidentiality, integrity, and availability to ensure employees follow the correct policies on security measures are taken at hand.