ITNE2002 Network and Information Security
In this assignment,you are asked to write a report on a topic of your choice and upload it in Moodle by the due date mentioned in the Teaching and Assessment Plan or as per Lecturer’s instruction.
Report Writing and Presentation
• A one-page description of a topic(choose one from following list provided below) you want to report and present:
The content and depth of your surveys will be considered in the final score
• Topics should focus on selected parts in recent developments in information security,for example,
1) Cloud security or privacy(e.g., cloud storage security and cloud computing security)
2) Social network security or privacy
3) Smart phone security
4) Recent security bug:“Shell Shock”for bash,“heart bleed”for Open SSL
Today, with increased globalization and with advancement made in the field of technology, it is found that the organizations and other individual users are exposed to the challenges of cyber-security in a given working environment. With increased cyber threats, it is noticed that the organizations not only suffer from data loss but heavy financial losses that directly effects on the performance of the organization (Dill, 2018).
It is important to deploy security solutions and other such anti-viruses in the systems of the organization to protect the vital data of the organization. The top-level management of the organization thereby needs to overcome these challenges by first identifying the major loopholes in the current system, analyze the IT security system deployed in the organization, determine the strengths and weaknesses of the installed system, determine the awareness levels of the employees to take action steps during the time of such attacks, and finally, install new security solution suite that will ensure proper protection of the IT systems and the entire IT architecture of a given organization (Dill, 2018).
This report will discuss the loopholes in the Symantec Endpoint Protection (SEP) - a security suite that is installed in the organizations for the purpose of protecting the data. It will first identify the key challenges faced and later will provide recommendations to overcome these challenges in a given working environment.
Symantec Endpoint Protection (SEP) Loophole
Symantec Endpoint Protection (SEP) is a security software suite that is developed by Symantec for the purpose of protecting the IT assets of the organization. The solution comprises of anti-malware package, intrusion prevention system, and features that will ensure protection of the server and other computer systems of the organization.
This software suite is installed on a server that will assist the organization in protecting the data of the organization. The security software package will be constantly analyzing the different threats and will be scanning the computer systems to prevent unapproved programs from running (Span, Mailloux, & Grimaila, 2018).
It will also block the network traffic that will either directly or indirectly intrude in the computer architecture of the organization. It will also block suspicious traffic entering into the computer network of the organization.
It will this make sure of identifying the malicious software, will deploy appropriate approach to first block the intrusion of any such web traffic and will then implement solution steps to protect all the data and other IT assets of the organization. It will also make aware the employees about the attack and will thereby guide them on the next set of practices to be implemented during the time of the attack in the organization.
Issues with Symantec Endpoint Protection (SEP)
It is often noticed that despite implementation of a proper security solution in the organization, the IT assets and other important data of the organization are still hacked by the external hackers or any other users in a given operational environment (Goss, 2017).
There will be certain loopholes associated with the security package that will allow the hackers and other malicious users to get an entry into the IT architecture of the organization and subsequently steal the data of the organization. In a given case of Symantec Endpoint Protection (SEP), it was found that in 2012, the source code for Symantec Endpoint Protection was stolen.
Also, in 2014, Offensive Security found an exploit in Symantec Endpoint Protection during the penetration test. The exploit in the Device Control driver allowed a logged-in user to get the entire system access. There were also cross-site scripting (XSS) flaws detected within this security software suite (Goss, 2017).
Along with that, some of the IT developers also recognized a SQL injection vulnerability that can cost a lot to the organization. The hackers can thereby log into the console to gain higher privileges and thereby not only steal the data but exploit entire IT system of the organization. IT was important to overcome these flaws to not only ensure proper security to the IT system but also make sure of protecting the stealing of vital data of the organization.
Today, with increased challenges of cyber-attacks, it is noticed that the organizations are not only losing data but are also getting affected severely from the financial perspective. The examples of companies like Yahoo, Target, AT&T, Home Depot, JPMorgan Chase, Dairy Queen International, and several other companies around the world demonstrate that the companies have not only lost the data but have also lost the trust of their customers (Troup, 2017).
It directly affects the functioning of the organization in a given working environment. In each of the different cases, the private information of the customers is stolen that is later exploited for different criminal and illegal purposes. Even, in this case, a small loophole in the security will allow the hackers to penetrate into the IT system of the organization.
There is a need to first overcome this challenge and revise the security suite by modifying the software packages in it. It will thereby first prevent the external users to penetrate into the system and later protect the different IT assets of the organization. Also, the new administrative console developed in Symantec Endpoint Protection system will allow the IT department to monitor the different activities of the organization (Manley, 2015).
They can also modify the IT policies and thereby ensure protection of the confidential data of the organization. They will be able to scan important files on a daily basis and thereby make sure of protecting the data of the organization.
While analyzing the Symantec Endpoint Protection (SEP) suite, it was found that there are certain challenges that need to be overcome to protect important data of the organization. As per the researchers, it is recommended to first update the SEP v12.1 and also version RU6 MP4. Second, the IT experts recommend preventing the XSS flaw and the SQL injection flaw so that the hackers cannot exploit into the console of the server of the organization (Libicki, 2016).
It will thereby restrict them from granting privileges and simultaneously will also alert the administrator of the organization. The IT development team of Symantec Endpoint Protection (SEP) needs to overcome each of the vulnerabilities associated with this security software suite (Libicki, 2016).
Only then the organization will be able to install this security suite in their systems and will be risk-free against the different cyber challenges present in the external environment. Also, it is the responsibility of the Human Resources (HR) department to train the employees on the different security practices (Davis, 2016); it will thereby make them remain alert and take emergency steps during the time of any cyber-attack on the organization.
This report discusses the importance of improving the Symantec Endpoint Protection (SEP) suite as there are certain loopholes associated with it. Today, with advancement in the field of technologies, it is found that the hackers are often implementing several strategies to penetrate into the IT system of the organization.
It is thereby important for the IT department to install a proper security solution that will ensure security of the IT assets and prevention of intruders into the system. As per the researches today, the number of cyber-attacks has increased a lot in the environment.
It is for thereby important for the top-level management of the organizations to install a proper cyber security solution that will assist them in - identifying the major security risks, prioritize them and implement a proper solution, detect the security incidents and respond them immediately, secure sensitive data against different forms of malicious attacks, bridge the gaps of security as identified in the case of Symantec Endpoint Protection (SEP), and finally improve internal and external communications to train the employees in this direction (Wolter, 2013). It will thereby ensure implementing a proper security software suite in a given working environment in the organization.