Upload
david-bustin
View
762
Download
2
Embed Size (px)
Citation preview
1RUNNING HEAD: GLOBAL FINANCE, INC. RISK ASSESSMENT AND MITIGATION STRATEGY
Quantitative and Qualitative Risk Analysis: Proposal for Mitigating Risk
David Bustin
University of Maryland University College
August 10, 2014
Global Finance, INC Risk Assessment and Mitigation Strategy 2
Executive Summary
Purpose
This report provides an analysis of the technical vulnerabilities of Global Finance, Inc.
Enterprise network. Also, included in the document are associated cost of specific compromises
and strategic alternatives to mitigating those vulnerabilities. This report does not assure the
reader that all implementations and strategies will eliminate attempts to sabotage the network.
The document provides a solution for industries best security safeguards to protecting data.
Methods of Analysis
Historical losses for Global Finance, Inc. exceed the cost of accepting the proposed
recommendations. The potential of losses are much greater given time and negligence of
properly securing the corporate network. The estimated cost of non-compliance is in excess of
the value of all customer accounts plus legal fees and increased business continuity. The
business impact analysis results indicate failure in security could bankrupt the organization.
Findings
Findings indicate an unsecure wireless access, absent DMZ, unencrypted trusted path,
and lack of proper authentication and encryption drastically increases network vulnerability.
Limitations of the Report
This report recognizes limitations in the analysis. The frequency and types of attacks are
undetermined. Subsequently, only estimations based on research provide expected losses.
Additional capabilities, cloud computing and mobile computing, will undergo a trial and error
phase with documentation. To this point, error rates can only be estimated.
Global Finance, INC Risk Assessment and Mitigation Strategy 3
Quantitative and Qualitative Risk Analysis: Proposal for Mitigating Risk
A quantitative and qualitative analysis of computer information systems identifies
technical and administrative deficiencies which enable prioritizing task to be more efficient.
Security is a primary concern in all layers of networks providing a Defense in Depth approach.
Identifying known or potential risks, threats, and vulnerabilities aids in drafting the security
model which reduces adverse occurrences. An emergency response team should be on-call to
resolve problems as soon as possible for limiting damage. Outsourcing IT tasks poses an
imbalance in favor of cost over benefit. These issues will be addressed in this document. Also,
this paper will prioritize asset inventory for Global Finance, Inc., evaluate the current topology
and perimeter protection, evaluate remote access controls and security safeguards, describe
current authentication and propose new technology, list and assess vulnerabilities, recommend
security for mobile computing, introduce safeguards for wireless computing, and design a cloud
computing environment. Though not comprehensive, contained in this paper are the
recommendations for a secure computing environment that delivers solutions to past, present,
and future technological challenges tailored for business operations. Expanding the network to
meet new technological and business demands, a mobile computing environment will be added
for employees to utilize Global Finance’s resources while traveling. Ensuring the secure
connections for these mobile devices is paramount due to the nature of Global Finance’s business
and valuable data they possess. In addition to mobile computing, the IT staff at Global Finance,
Inc. will offer cloud computing for conducting e-commerce. In order for the company to grow as
well as, maintain a competitive presence, products and services must be available globally at all
times. Offering these products and services requires planning for authentication, monitoring
Global Finance, INC Risk Assessment and Mitigation Strategy 4 services, accounting for and prioritizing the new assets. The following section list assets, then
prioritizes them based on quantitative and qualitative values.
Inventory and Prioritization of Mission-Critical Assets
Global Finance, Inc., GFI, has successfully grown approximately 8% for nearly six years.
They currently employ over 1,600 people and service customer accounts in Canada, the United
States, and Mexico. Expanding business across international borders has contributed to the
growth and for GFI to maintain a competitive strategy, computer network operations must also
expand. Currently, the company operates ten subnets for remote facilities, an offsite office
connected through a virtual private network (VPN) to an internal Oracle database located inside
a trusted computing base (TCB) internal network which are all interconnected through 6 virtual
local area network (VLAN) switches. These 6 access layer VLAN switches interconnect to 2
Cisco Catalyst 3750 switches. These 2 switches and a VPN gateway connect to a third Cisco
Catalyst 3750 switch which bridges the connection to the TCB internal network. The TCB
consist of a SUS server for windows updates, Oracle database server for customer account
management, domain naming server (DNS) for resolving domain addresses, exchange server for
e-mail service, file and print server, web server for internet access, and 7 workstations. The
accounting subnet has sixty-three workstations and 7 printers, the loan department subnet has
twenty-five workstations and five printers, the customer service subnet has twelve workstations
and 3 printers, the management subnet has 5 workstations and 3 printers, the credit department
subnet has ten workstations and 3 printers, and the finance subnet has forty-nine workstations
and 5 printers. The wide area network (WAN) also includes a wireless antenna intended for
employee connectivity, a VPN gateway, 2 Cisco 7201 border routers, 2 Cisco 7500 series
Global Finance, INC Risk Assessment and Mitigation Strategy 5 distribution routers, and a remote access server (RAS) linking distribution routers to a private
branch exchange (PBX) for connection to the public switched telephone network (PSTN).
The current enterprise network configuration includes several critical nodes. These nodes
should be prioritized in their value to their purpose and monetary value. The following section
identifies the network assets in order of critical to least damaging in the event of a natural
disaster, security breach, or virus. Prioritizing these assets aids in security decisions, risk
assessments, disaster recovery, and business continuity with least interruption to business.
Asset Prioritization and Mission Objectives
Identifying mission-critical assets and prioritizing them enables planners to allocate
resources for security and network design for optimizing their budget. For Global Finance, Inc.,
their assets are ranked in the below Table 1 from most critical down to least critical.
Table 1. Mission Critical Assets Asset Priority Mission Objective
Oracle DB Server Maintains bulk of data processing. Most critical asset. SUS Server Vital for system updates and patches. File & Print Server Stores customer records, data, and critical company documents. Internal DNS Necessary for sharing resources internally across subnets. Intranet Web Server Enables communications and resource sharing between subnets. Exchange E-mail Server
Provides communications, finding employees, shared calendars task assignments and storing conversations for referencing.
Workstations in TCB Displays an interface to servers on the TCB internal network.
3 Cisco 3750 switches Link between TCB and other subnets, as well as, VPN Gateway for the Offsite Office.
6 Cisco VLAN switches
Each department has an assigned switch for communicating and these switches are a single point of failure for each department.
Workstations for each department
Provides the interface for data.
2 Distribution Routers Aggregates traffic from public for marketing and providing products and services. Also, routes traffic between offsite office and WAN.
Global Finance, INC Risk Assessment and Mitigation Strategy 6 VPN Gateway Provides the secure connection between remote office and TCB internal
network. Remote Access Server Allows employees to connect from outside of the network. Improves
productivity but is not a highly critical asset. Private Branch Allows employees to dial-in to corporate WAN from home, hotels, Exchange airports, etc. 2 Border (Core) Routers
Provides the internet connectivity and routes incoming traffic to internal request.
Wireless Antenna & router
Allows wireless connectivity to the network and internet. Least critical but one of the most vulnerable.
Enterprise Topology Evaluation
Enterprise topologies are designed for large, production networks with many users. They
encompass people, software, and processes to interoperate, integrate, and standardize polices.
Security architecture for enterprise networks are more granular as a result of increased
operational responsibilities and the authentication, software deployments, connections, and other
network processes presenting a complete defense in depth. Enterprise systems must efficiently
manage workload balance to avoid downtime or network lag. Management for authentication
and identification is paramount for controlling the proper level of access to the resources. User
accounts should be managed centrally and administrator privileges should be consistent.
Flexibility in the integration of various network, authentication, and encryption protocols allows
efficient network management and ease of integrating software. In an enterprise topology,
central management of software enables administrators to remotely load software and respond to
user issues. Enterprise topologies are designed with a focus on incorporating business needs. As
Shon Harris states, “Not only do the solutions need to apply to the whole enterprise in a
standardized manner, they need to map to business needs.” An enterprise network has
responsibilities to the business that also include nontechnical considerations that entail industry
regulations and laws related to the nature of a specific organization’s business.
Global Finance, INC Risk Assessment and Mitigation Strategy 7 Perimeter Protection Measures and Mission Objectives
To secure the corporate wide area networks from external threats, implementing a
demilitarized zone (DMZ) is recommended. Within the DMZ, the border and distribution
routers, PBX, and RAS will be located. A dual firewall should be installed between the
distribution routers and the remote access server to provide filtered traffic from the internet to the
DMZ and from the DMZ to the business network. The firewall will be configured to deny all
services not permitted and will be monitored regularly. Another firewall configuration should
include firewall session tracking to ensure TCP sessions do not last an unusually long time. This
is potentially a covert channel attempting to extract internal data through the firewall. Collocated
with the firewall in the DMZ, a reverse proxy should be integrated to relieve the workload on
associated webserver. The routers should have DMZ host installed on them. Also, end to end
point security such as Symantec should be included on the routers, in addition to, intrusion
detection system (IDS) sensors and intrusion prevention system. The routers should also have
the ability to perform egress and ingress filtering. The DMZ should also include packet sniffers
for HTTP traffic attempting to bypass the proxy server, as well as, SMTP, FTP, and other traffic.
The IT staff should periodically conduct penetration testing and vulnerability scanning to test
configurations and discover weaknesses. The wireless connection providing access to the
internal network and internet should have a secure station serial identification (SSID), and
password. The SSID should not be broadcast and 802.1i or WPA2 encryption and authentication
must be configured.
Perimeter protection is a mission critical area for maintaining the confidentiality,
integrity, and availability of information and information systems. This segment of the network
provides the most vulnerability to vital assets and if compromised by lack of attention, the
Global Finance, INC Risk Assessment and Mitigation Strategy 8 business will experience losses. Through frequent training, employees will understand various
social engineering techniques and they will be able to respond appropriately. Securing the
perimeter is vital, however, ensuring internal and external access points for the network align
with a defense in depth strategy. The next section will list GFI’s access points.
Internal and External Access Points List
Global Finance’s wide area network contains multiple external and internal access points.
Their external access points are two routers on the border, connecting an off-site office with a
VPN tunnel. Outbound traffic also routes through these two border routers. The network
configuration also consist of a private branch exchange system for dial-in users to connect from
home, hotels, or other remote places they can connect through. Another external access point is
the wireless antenna, which provides the most vulnerability by wirelessly connecting directly to
the internal switches and sequentially the subnets of each department. Inside the perimeter of the
network, there are two distribution routers, a remote access server, and 6 access layer VLAN
switches that segment the WAN with subnets for each department. The remote access provides
additional vulnerabilities due to increased exposure and mobility. An evaluation of the protocols
will identify the needed security. These are discussed in the following section.
Remote Access Protocols Evaluation
Specific protocols are specifically designed to enable remote user connection to network
resources and grant them access. Users dial-in to the remote access server which serves as a
gateway to the internal network. The following text evaluates some dial-up authentication
protocols. Extensible Authentication Protocol is a mutual authentication by the remote access
client and authenticator such as a RADIUS server. The authenticator request authentication from
the remote access client through a name or personal identification number. The query receives a
Global Finance, INC Risk Assessment and Mitigation Strategy 9 response from the remote client and grants access. EAP offers a subtype identified as EAP-TLS.
This is a strong protocol which compromised passwords are not enough to bypass the RADIUS
server. This protocol would require a hacker with the password that has been compromised to
also possess the client-side certificate. This is a great protocol. For the dial-up users, point-
topoint protocols is a good choice for server and client encryption. This protocol supports
TCP/IP, IPX/SPX, AppleTalk, and many other LAN protocols. Serial Line Internet Protocol is
older technology used as a client in Windows NT or 2000 and fails to support dynamic host
configuration protocol. This is not a good selection. Password Authentication Protocol (PAP) is
only utilized when servers require plaintext passwords and no encryption when passed. This is
not a good selection. The encryption for Shiva Password Authentication Protocol is weak and
fails to meet the needs of GFI. Challenge Handshake Authentication Protocol reverses encrypted
passwords and stores them in plaintext on the remote access server. Also, this is not a good
choice. MS-CHAP v2 revised CHAP by storing passwords in encrypted formats. It also requires
authentication between authenticator and remote access client by using different encryption keys.
This is a good selection. For dial-up encryption protocols, Microsoft Point-toPoint Encryption
requires the dial-up authentication protocol to be EAP-TLS or MS-CHAP version 1 or 2. This is
not a bad selection but is limited to Microsoft only protocols for authentication. Selecting the
most secure protocols for remote authentication and encryption which are compatible provides
an external layer of security. Separate protocols are used for the VPN. IPsec, L2TP, and EAP-
TLS used together provides the needed security for private and secure communications. There
are more security safeguards discussed in the following section to harden the network defense.
Network Security Safeguards Evaluated
Managing the security for a large network entails many safeguards. Symantec Endpoint
Global Finance, INC Risk Assessment and Mitigation Strategy 10 Protection provides many security features needed for the GFI WAN. The Symantec product is
scalable and grows along with the network. Symantec Endpoint Protection offers 5 layers of
protection that include network, file, reputation, behavior, and repair. It provides protection from
malware by an intrusion protection system and includes browser protection for each node. On
files, endpoint scans and eliminates malware, viruses, worms, bots, and root kits. This
comprehensive protection is excellent for business. It is flexible by providing scalability and
enforces policy. Symantec endpoint protection also reduces operating cost and system
downtime, improves productivity through scan performance and displays all features through a
central dashboard. Another unique feature for this product is location awareness. Automated
detection of the location a system attempting to connect including hotspots, VPNs, or wireless
networks. Endpoint protection includes the intrusion prevention system. An intrusion detection
system would need to be installed on each workstation and server in the network in the event an
intrusion is not prevented.
Global Finance Security Issues
Global Finance, Inc. has a history of security incidents. Increased traffic flow from
external sources drastically increased following an article in Fortune magazine mentioning
Global Finance, Inc. Data filtering at the border is too lenient. There is also network lag causing
some applications to time out for some employees. Purging the Oracle database, scanning for
duplicate copies of files, and large files that are not needed or used is a first step. Also, unneeded
processes running on the database should be stopped. The company has also been the victim of
multiple cyber-attacks including targeting the Oracle database and malicious virus infected the
network. The wireless connection directly into the internal network is failing to prevent
unauthorized user access. Neighboring residents are able to connect with ease. Additionally, the
Global Finance, INC Risk Assessment and Mitigation Strategy 11 trusted path leading directly from the switch to the trusted computing base internal network is
unencrypted. Data from the TCB is shared across all of the other subnets. A successful breach
of the perimeter enables a hacker to easily steal or manipulate data at will.
Asset Vulnerabilities Assessment and Compromise
Listing only the nodes of a network is not sufficient for assessing vulnerabilities.
Knowing the software and associated network components are equally important because they
also present vulnerabilities. Configuration on devices should apply to simplistic principles in
order to reduce cost of change management. Third party applications are another risk.
Conducting a qualitative and quantitative assessment provides the organization enough insight
for decision making. The qualitative assessment is the prioritization of mission critical assets
which is itemized in Table 1 above. The quantitative assessment entails value of assets, threat
exposure, and financial loss if compromised. The Oracle database Enterprise Edition cost
$10,450 for license update, software, and support. The high end computer price is $6,000. Since
the bulk of customer accounts for loans, investments, and financial management are processed on
the Oracle database, a compromise of the system could bankrupt Global Finance, Inc. as a result
of lawsuits, as well as, customers closing accounts. An estimation of financial loss is in excess
of $100 million. Providing identity protection services for affected customers, regaining trust,
court cost, potential Federal fines, and many other expenses exceed implementing strong
technical security measures upfront. Currently, the TCB shares information across all subnets
unencrypted. This is a big vulnerability for sensitive data transmitting over the trusted path. An
effective solution for authentication is public key infrastructure and Advanced Encryption
Standard 256 bit full disk and file data encryption. The WSUS will replace current software on
the SUS server and is free. A WSUS server often fails to patch third party software from vendors
Global Finance, INC Risk Assessment and Mitigation Strategy 12 such as Adobe or Java. Java is known to result in nearly half of exploits. The operating system
for the WSUS server is Windows Server 2012. The internal DNS server is Ubuntu 12.04 LTS
running ISC BIND version 9 software for $4,500. The Ubuntu software mistakenly modifies
certain response fields when enabling a shadow copy. This enables a remote attacker to
potentially access sensitive data. The attacker could also use improperly handled fields to
overwhelm the system with inbound DNS messages causing denial of services. Patches have
been deployed but configuration management and applying them is vital. A crash of the internal
DNS would cause data flow to stop and business operations to experience downtime. Microsoft
Exchange Server with exchange 2012 cost $4,000. The web server is Microsoft Internet
Information Services with software version 8.5 in Windows Server 2012 R2 Datacenter SKU
priced at $6,155. Also in the TCB internal network are 7 Dell New Inspiron Desktop computers
with Windows 8.1 with monitor bundle for $3,500 total. The 6 other domains also have a total of
one hundred and sixty-four computers totally $82,000 at $500 each. There are twenty-six
printers at $1,000 each for a total of $26,000. There are 3 Cisco 3750 switches with 10/100
LAN, 4 1 gigabyte SFP slots at $6,995 each for a total of $21,000. The six Cisco VLAN
switches, 2960 Series 10/100 with LAN Lite Software, cost $725 each for a total of $4,350.
VLAN switches present a vulnerability known as mac spoofing and VLAN hopping. Ensure
ports are not set to negotiate trunks. A misconfiguration could allow an attacker access to
internal traffic. There are 2 Cisco 7505 distribution routers with a total cost of $15,800 and 2
Cisco 7201 border routers that cost a total of $22,500. The VPN gateway includes a Cisco 3030
that cost $5,930. The remote access server is a Dell Power Edge R320 with a value of $1,109.
Improper configuration for the RAS allows access for intruders. One vulnerability found in
Remote Desktop Protocol (RDP) allows an attacker to take complete control of the system or
Global Finance, INC Risk Assessment and Mitigation Strategy 13 cause a Denial of Service. Telework would not possible. The PBX server is located on-site and
is an IP PBX with call center software. The wireless connectivity is established through a
Linksys LRT 214 router that cost $159. The level of security for wireless access is much lower
than wired connections. The most robust wireless security, WPA2/TLS, is not difficult. An
attacker can simply view tutorials online and download tools for free by querying a search
engine. Global Finance, Inc. currently is experiencing neighbor residents accessing the wireless
router. This access point is directly connected to the internal switches allowing war-drivers
access.
Known Vulnerabilities and New Design.
Global Finance, Inc. has a history of network attacks as a result of vulnerabilities. Their
wireless network is unsecure and open for the public access. Relocating the wireless router
outside of range from the perimeter and using mac filtering along with not broadcasting the SSID
will reduce the opportunity for unauthorized access. There is also an unencrypted trusted path to
the TCB from the switches. Configuring an encryption protocol, SSL/TLS, provides increased
difficulty for capturing intelligible data. These protocols apply to all transmitted data on the
WAN. These protocols apply to the VPN as well. Filtering traffic at the access points will
alleviate congestion of the internal bandwidth and cease applications from stalling. Routine
maintenance on workstations, servers, switches, and routers increase performance.
Evaluation of Authentication Protocols and Methodologies with Supporting Data
There are many authentication protocols but choosing the most reliable and strongest benefits
the organization. Extensible Authentication Protocol is a framework of authentication protocols.
EAP-TLS is a secure subset protocol for wireless transport and supported among many vendors.
Global Finance, INC Risk Assessment and Mitigation Strategy 14 Client-side certificates are required and not favored but is the reason they are the de facto for
wireless transport authentication protocols. Host Identity Protocol (HIP) is a host identification
protocol for IP networks and supplies a host identity name space for the public key security
infrastructure complimentary to PKI. Expanding the WAN to include mobile computing, HIP is
a very useful protocol. MS-CHAPv2 works well with the VPN and on the RADIUS server.
Mutual authentication is required between each end by sending a peer challenge on a Response
packet and authenticator response on a success packet. Remote Authentication Dial In User
Service (RADIUS) offers centralized management for
authentication, authorization, and accounting for remote users to connect to the internal network
from outside. A RADIUS client is installed on the remote access server.
Secure Mobile Computing Design Proposal and CEO Concerns on Mobile Security
Today’s high computing business world requires near real time access to network
resources for providing customer service while traveling. The Cisco Next-Generation WAN
Architecture (NGWAN) provides the necessary security for authentication and data protection.
There are five core modules listed as follows: Regional WAN: Provides connectivity between
distant sites with remote locations. Metro: Connects remote offices with data centers, WAN
core: Interconnects regional networks and data centers within a country or globally, Enterprise
Edge: Connects the enterprise network to external networks and services, Enterprise
interconnect: Connects all WAN, campus, and data center network modules together. NGWAN
also connects to the cloud and collaborative services for distant support on projects by
coworkers. NGWAN uses TrustSec architecture for authentication, access control, and user
policies for a secure environment. For Bring Your Own Device (BYOD), employee mobile
Global Finance, INC Risk Assessment and Mitigation Strategy 15 devices, partitioning corporate data from personal data will be conducted by GFI IT staff.
Mobile Device Management software allows securing, monitoring, management, and support for
deployed devices.
Wireless Vulnerabilities
Wireless vulnerabilities contain all of the same vulnerabilities as the wired networks they
are connected to and possess a few more. Wireless connections using Bluetooth technology
include many types of Bluetooth attacks. Bluesnarfing attacks easily gain access to retrieve
information, bluebugging involves eavesdropping on calls and sending out text or calls from the
victim number, and bluejacking enables an intruder to send electronic business cards with
offensive material on the victim’s device. For wireless connectivity to a wireless router,
eavesdropping and corporate espionage are vulnerabilities which an adversary can simply
monitor communications and steal corporate secrets and information. Wardriving is another
threat to wireless network connectivity, whereas, an attacker can attack a global positioning
system to a mobile device that has a program such as netstumbler to map access points for
intruding into wireless access. Configuration in wireless networks is a priority. Broadcasting a
SSID is the same as advertising the network name. Administrators should not broadcast the
SSID, name the connection different than the WAN, and change the manufactures default
password. Rogue access points are vulnerabilities that are easily exploited. These can be
accidental as a result of an employee plugging a laptop into the wireless router. MAC filtering
should be configured to only allow specified devices. The following section summarizes
security safeguards, authentication technologies, and network security.
Recommended Wireless Safeguards, Authentication Technologies, & Network Security
The current network configuration places the wireless access point inside the border directly
Global Finance, INC Risk Assessment and Mitigation Strategy 16 bypassing security in perimeter protection. Relocating the wireless router in the DMZ would
require access to the internal network to pass through the series of security checks identical to
remote access connections. Configuring the wireless router to not broadcast SSID, disable the
SSID Guest, name the SSID different than the WAN, applying a secure password, selecting
WPA2/AES for encryption and authentication, MAC filtering, enabling the wireless firewall, and
monitoring traffic provides a sufficient level of security for incorporating a wireless connection.
The access point should be configured to pass HTTPS vice HTTP for protecting username,
passwords, and avoid passing plaintext. Wireless standard 802.11ac is the newest technology
allowing dual-band connections of 2.4 Gigahertz and 5 Gigahertz. Wireless connections possess
additional vulnerabilities but with proper configuration settings and monitoring, those
vulnerabilities can be deterred. Expanding the network to meet evolving business needs is not
limited to various connectivity methods. As a result of expanding business internationally,
newer methods of data storage have emerged. Cloud computing offers data storage by third
parties. There are risk and benefits discussed in the following section.
Cloud Computing Environment Design
Cloud computing provides advantages and disadvantages over traditional storage
methods. There are different options for cloud computing to include internal or external private
storage, public storage by third parties, and hybrid. A recent design is virtual private cloud
(VPC). This method works by a third party allocating a specific storage space, ip based, on a
public cloud. The design for VPC was developed to resolve concerns about security and control
over proprietary data. For GFI to institute VPC, a virtualization environment should be
configured on TCB servers. This option, cloud computing, saves the company on expensive
server hardware and software upgrades with associated maintenance cost. GFI will also have
Global Finance, INC Risk Assessment and Mitigation Strategy 17 access to processing use, storage, memory, and software over the internet resulting in lower
management oversight, in addition to, administrative cost. Rapid scalability is nearly automated
within cloud computing. Environmental factors including natural disasters or fire and flooding
become non factors with advanced offsite storage. Virtualization in a private cloud offers a self-
service portal to access resources. Additionally, private cloud management by third parties
handle privacy and protection regulations. VMware applications are loaded on desktops and
servers. For GFI IT staff to manage the virtualization, IT Service Management (ITSM), is
included in the management layer.
Risk Assessment Probability and Impact Discovered on Assets
Banking and financial institutions are by nature targets for attacks. They possess money,
credit, and personal information on a large scale. The risk of exposure increases the opportunity
and potential for attacks. Given, the increase in more powerful, easy to use, and availability of
tools to hack information systems, the risk rises. The vast majority of attempted attacks can be
deterred or mitigated with a thorough security policy that is practiced. Incorporating a
DefenseIn-Depth layered security approach will enable the IT staff to identify an intruder and
defend against the attack before it is successful or spreads throughout the network. The
probability of attack is high and the potential of a successful attack is low when integrating the
strategy outlined in this document. A compromise on the TCB internal network would violate
the integrity, confidentiality, and availability of customer data as it is stored, shared, and
processed there. The cost are critically high in the event of a breach in the TCB. Loss of
customers, lawsuits, regulatory fines, and change management are expected. A compromise of
network switches has the potential to stop traffic flow from one or all of the subnets. Personal
Global Finance, INC Risk Assessment and Mitigation Strategy 18 and corporate data could be manipulated or retrieved and damages are less than attacks on the
TCB. With access to the switches, an intruder could map their attack to a specific target such as
the finance department to steal financial data. Router attacks could provide an attacker the
ability to flood the network with erroneous traffic or deploy a denial of service and affect online
business. A hack of the RAS would potentially disrupt remote services for employee’s
connectivity from home or hotels. An attack on the PBX could cost GFI an unpredictable
amount of money as a result of fraudulent use in calling cost. The wireless router is the least
expensive node but provides the easiest path for access if it is not properly configured,
monitored, and located on the network. Once this access point has been connected to by an
intruder, they will have access to network switches and the internet within the same connection.
From there, they can download malicious content or hacking tools for systems discovered in the
reconnaissance phase of the attack.
Recommended Risk Mitigation Procedures and Mission Objectives
The first recommendation is to move the wireless connection to the DMZ in order to prevent
direct access to the internal network and subnets. The next step in mitigating threats is to
implement the PKI for authentication and associated encryption protocols. All traffic traversing
internally should be encrypted. The third step is to design and implement the DMZ
recommended earlier in this document. The DMZ will provide the needed buffer from the path
with the highest exposure to the internet. The VPN should contain the SSL/TLS protocols and
close monitoring and prompt reporting of suspicious activity decreases the opportunity for a
successful attack.
Global Finance, INC Risk Assessment and Mitigation Strategy 19
Conclusion
Increasing availability of more powerful hacking tools with increased exposure to the
internet and mobile computing adds risks. Budgeting and reaction time to attacks are vital to the
success of a corporate network and ultimately the existence of a business. Outsourcing involves
cost not recognized by retaining IT staff. Scheduling appointments for consultation, unclear
duties and responsibilities requiring rework, and uncertainty of knowledge level are contributing
factors to higher cost for outsourcing. Many types of attacks can be mitigated successfully when
caught and responded to in time. Outsourcing requires appointments and their staff getting
familiar with the organizations network. Retaining IT staff can often prevent attacks by daily
monitoring and adjustments to the network. Maintaining control of corporate data and avoiding
liabilities are recognized through employing an IT staff. Outsourcing carries a risk of valuable
data being extracted either accidentally or purposefully and taken out of the company’s
possession.
Global Finance, INC Risk Assessment and Mitigation Strategy 20
References
Harris, S., & Kumar, P. V. (2013). CISSP all-in-one exam guide, sixth edition (6th ed.). New York: McGraw-Hill.
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/NGWANArchOver.pdf
Global Finance, INC Risk Assessment and Mitigation Strategy 21