Free Essay

Aircraft Solutions

In: Business and Management

Submitted By 1403up
Words 2065
Pages 9
Aircraft Solutions Security Assessment
Phase 2

Table of Contents

Executive Summary ……………………………………………………………………..1
Company Overview ……………………………………………………………………..1
Assessment ……………………………………………………………………………….2
Security Vulnerabilities …………………………………………………………............2
A Hardware Firewall Vulnerability …………………………………………………....2
A Software Policy Vulnerability ………………………………………………………..3
Recommended Solutions ………………………………………………………………..5
A Hardware Firewall Solution …………………………………………………...........5
A Software Policy Solution …………………………………………………………….6 Impact on Business Processes …………………………………………………………6
Budget …………………………………………………………………………………....7
Summary ………………………………………………………………………………....9
References ………………………………………………………………………………10

Aircraft Solutions

Executive Summary

Aircraft Solutions (AS) desired a security assessment to highlight the company’s vulnerabilities. AS is a highly esteemed leader in the design and component manufacturing enterprise those solutions can be used within the business applicability of the electronics, commercial, defense and aerospace industries. There were discovered hardware and software vulnerability of non-firewall at the commercial division and software policy updates. The solutions that will be presented are to purchase a firewall system and update the policy update timeframe within the standards that will be introduced from the company that will be recommended to purchase the firewall system from.
Company Overview

AS is a highly esteemed leader in the design and component manufacturing enterprise those solutions can be used within the business applicability of the electronics, commercial, defense and aerospace industries. AS has a wide range of employees who are highly trained and equipped to accomplish the desired customer outcome and complete the specifications on time and within the desired customer requirements. AS desires to assist the customer through all phases of the development process with low-cost designs and central processing device that aids in simulation processes that reduce their initial project costs. This security examination will highlight the vulnerabilities that were discovered within the framework of the company. A calculation of these issues will be displayed and the possibilities of the negative ramifications to the business process and standing within the enterprise will be discussed.
Aircraft Solutions
Assessment
During this examination of AS, there will be two vulnerabilities that will be further examined. The first is the Defense Division is going through the Headquarters, through a firewall and then into the internet. There are several lines of protections in that structure. However, the Commercial Division has a connection that is not routed through anything, which is a direct connection into the internet. The second assessment is about the policy and procedures about the router and firewall updates that are accomplished in a two year cycle. There are instances that most router and firewall updates occur very rapidly and not in a definable time frame. So waiting for two years would further expose the company to possible proprietary information being lost or stolen.

Two Security Vulnerabilities

The first vulnerability is a noticeable hardware vulnerability. There is no firewall between the commercial division and the internet connection. As depicted by the arrow in the picture below, it is an easily exploitable issue that needs to be corrected. Although there is a connection into the Headquarters, which has a firewall protection, it is only through the Headquarters. That the commercial division has a direct connection into the internet is a fully exploitable problem that should be corrected. There is no filter to go through the communications that can come from the internet into this division. So
Aircraft Solutions there should be the use of a communication risk analysis tool much like shown as shown below (ERPANET, 2003): This vulnerability could allow for many consequences that could leave the company with exposures of customer information, thoughts and designs that could be used by competitors for both companies and exposure to further legal actions and other possible data leakage into the defense division and Headquarters. For the customers, their designs could be exploited by rival companies or used as a template to change or create other competitors. There could have be manipulation of the designs that could make your company use resources in a direction that the customer would not like for their project. The second vulnerability that will be briefly discussed is about the software policy updates. The current policy stated requirements are that all rule sets and software updates are done in a two year update for the routers and firewalls. Without much consideration, there are always patches and updates that are being done in non-specific time frames by Cisco routers and other firewall companies as risks, threats and vulnerabilities are noted. A bigger consequence to this updating problem is that the possibility of an unscrupulous individual, or even an insider, could exploit the vulnerability and basically go undetected using something that had not been updated. New variants are always around the corner,
Aircraft Solutions or so it seems. Without more frequent updates, an issue could be introduced, exploited and used for whatever means. The consequences could lead to disaster in regards to lost revenue for your company, manipulated responses to projects, misuse of your companies resources, lost contracts or worse yet, disclosure of Headquarters direction or loss of government division documents. Although there are server and host detection software packages on the Headquarters’ computers. However, this direct avenue can be exploited without any firewall coming into the commercial division. There are multiple ways that these detection programs can be overwhelmed. This coupled lack of firewall and the information that an insider could use, could then devastate the company and its standing within this industry. But there are also problems with the company image within the community and industry. This could possible also lead to other legal ramifications and issues with former contractual customers. In short, it could involve more time and money to defend the discoveries, notifications and public acknowledgement that is necessary when a breach of information is discovered. Some can argue that some of this discovery and other acknowledgement may not be necessary, but there is communication of a discovered fault and being ahead of the problem makes good business sense. There is one constant in software policy, and it is all about change. There needs to be further documentation and policy updates to reflect that things occur more frequently than just every two years. Although Microsoft had a stance of "the only periodic maintenance required is the replacement of the licenses for the firewall engines on the management station every 12 months, depending on the environmental conditions within the data

Aircraft Solutions center" (Northrup, 2014) or as soon as a new patch is released by the software manufacturer, which is Nortelworks for their firewall system. This is not sufficient.
Recommended Solutions

The recommendation to provide the hardware vulnerability firewall solution can be fulfilled with a Cisco product line within ASA Next-Generation Firewall Services. It is a modular security services system that runs on the Cisco ASA 5500-X Series Next-Generation Firewalls that includes a Security Services Processor (Cisco, 2013). This system provides network awareness, which includes the users connecting to the network, what devices are being used, the applications being used and what websites that are being accessed. In short, it provides the necessary business protection and safety from outside websites and the increasing blurred lines between business communication and employee uses. It will also maintain an intrusion alert system to provide awareness of outside attempts to access the business computer network. The very interesting aspect of this series is that it can also allow connections into the cloud computing network without additional hardware needs (Cisco, 2013). The software vulnerability closure would fit nicely with the mentioned Cisco solution. Cisco has more robust timeline to provide many services and updates for their products. Cisco has a 24 hour a day security incident response team for their products. The company produces advisories with the machine-readable attachment to correct issues noted in the advisories. These advisories will be generally disseminated at 1600 GMT (Greenwich Mean Time) on any given Wednesday (Cisco 2013). For GMT breakdown, refer to http://wwp.greenwichmeantime.com for conversion to local time.
Aircraft Solutions
The following table is how Cisco would communicate updates for their systems. You can access the portal at any time your company would like and can set your timeframe that your company’s security intelligence operations (SIO) or information technology cadre would be directed to check the portal for any updated information and feedback. E-mail SIO Portal RSS CNS Bug Search Tool
Cisco Security Advisory Yes Yes Yes Yes Yes
Cisco Security Notice No Yes Yes No Yes
Cisco Security Response Yes Yes Yes No Yes
Cisco Event Response No Yes Yes No No
Cisco Applied Mitigation Bulletin No Yes Yes No No
Threat Outbreak Alert No Yes Yes No No
Release Note Enclosure No No No No Yes
(Security Vulnerability Policy, 2013)
Impact on Business Processes The first thing would be that you have purchased a state of the art firewall and detection system for your company. As will be shown, there are many advantages to this system beyond its module nature. It will provide a confidence for your information technology department that will allow the usage and monitoring of the system that everyone would like access to. It will allow the company and outside user’s access into the desired location or sites, but would allow the system administrators to control the access and may provide less policies and procedures that need to be trained and maintained. The authentication process would still be robust enough to changes to administrative actions to include password changes, password complexity and various logging functions and checks as needed. It also can incorporate what is termed as the “DMZ” zone (Cisco, 2013) which allows the external user access to only the internal departments that they need to be in for whatever reason. As a matter of fact, there are
Aircraft Solutions other vulnerabilities that this system could be used to route all traffic through the headquarters and provide even more security for your computer system. But to stay within the scope of this observation paper, it could easily handle the traffic that could be generated with the commercial division of your company.
BUDGET
The cost analysis of the ASA5555-2SSD120-K9 used computer system at the following website: http://www.nextwarehouse.com/item/?1376376_g10e, is $18,495.46 with a 45 day warranty (that can be expanded if needed). This is one of the better used ones with 14 port access points and is equipped with the ASA 5555-X Firewall Edition. Further specifications can be noted at the website. At New Egg, there was a 5525-X Firewall System (http://www.newegg.com/Product/Product.aspx?gclid=CMO3N_Cz7wCFcY7MgodOlIAfg&Item=N82E16833420489&nm_mc=KNC-GoogleAdwords&cm_mmc=KNC GoogleAdwords-_-pla-_-Firewalls+%2f+Security+Appliances N82E16833420489&ef_id=UwAX2gAABCVUObCe:20140216014354:s) for $5,228. But this unit has only eight port access points and their 30 day return policy. But the firewall program was already installed into the system also. Another website claims to have systems on hand at http://www.mdsiinc.com/hardware/networking/cisco-switches-routers-security/?gclid=CLf5h5TCz7wCFSISMwodl00AWQ. But I was unable to get a quote, much like the actual Cisco website (www.cisco.com) without a company user account and password.
Aircraft Solutions There are some on-line training documentation and videos that are no cost. They also have some other live video training that is $120, hardcopy book for $28 with an eBook option of $22.40. When you register your purchased product, more training materials are offered for a nominal cost from what I could glean from their sites and the short interactions that I had with Cisco. The picture provides their continuing planning and designing migration services that are provided by Cisco. They can assist in helping with your strategy and assessment for future needs. The cost again was not accessible to me, but would be minimal at best. The one thing will be that they will need to access and analyze your business service to provide the most accurate architecture for your company (Cisco, 2012). But within the gist of the collaborative nature of the company, that is how they will best serve your company and keep your company and business associates information secure. Aircraft Solutions
SUMMARY
In summary, there are several identified vulnerabilities that need to be addressed and the proposed solutions will ensure the vulnerabilities are alleviated with the minimum time and costs needed to rectify the issues before they become possibly huge problems for your company and business associates.

References

ERPANET., (2003, September). ERPATOOLS Risk Communication Tool. Retrieved on January 20, 2014 from http://www.erpanet.org/guidance/docs/ERPANETRiskTool.pdf .

Similar Documents

Premium Essay

Aircraft Solutions

...Introduction According to information reviewed as part of this project, Aircraft Solutions is a recognized leader and highly respected equipment and component fabrication company. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on additional research, the primary objective in this assessment was to identify the possible presence of vulnerabilities within the overall framework of Aircraft Solutions operations. Based on the presence on weaknesses, an evaluation of the associated threats was conducted, followed by an analysis of any risks that may be present and potential outcomes. Overview Three areas of potential security weaknesses in Information Technology (IT) for Aircraft Solutions, or any company are hardware, software, and IT policy. In terms of hardware, the provided Network Architecture Map detailed that Aircraft Solutions lacks a firewall between the Commercial Division and the Internet, while all other branches of the company are protected through a firewall in one manner or another. This is a significant vulnerability to the entire system. For Software, Aircraft Solutions uses a Business Process Management System (BPM) that handles...

Words: 1847 - Pages: 8

Premium Essay

Aircraft Solutions

...Aircraft Solutions: Security Assessment and Recommendations Phase I and Phase II Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 A Software Data Loss/Data Leak 4 A Hardware Firewall 5 Recommended Solutions 7 A Software Example Solution 7 A Hardware Example Solution 8 Impact on Business Processes 9 Summary 10 Appendix 11 References 17 Executive Summary Aircraft Solutions is aircraft Design Company that allows internal and external users to access its system. As a result of this, the company has made itself vulnerability to certain threats. This paper identifies two vulnerabilities. One is the threat of data loss or data leak. The other is intrusion by way of the internet firewall. Based on the known vulnerabilities, it was recommended that the Check Point Software Blade application is used to prevent the data loss and the Check Point Power-1 appliance be used to address the firewall vulnerability. Company Overview Aircraft Solutions (AS) design and fabricate component products and services for companies in the electronics, commercial defense, and aerospace industry. The mission of AS is to provide the customer success through machined products and related services, and to meet cost, quality, and scheduled requirements. Aircraft Solution uses Business Process Management (BPM) to handle end to end processes that span multiple systems and organizations. BPM system is designed to connect...

Words: 2691 - Pages: 11

Premium Essay

Aircraft Solutions

...Aircraft Solutions (AS)
Security Overview 
Introduction 
Aircraft Solutions is a well respected equipment and component fabrication company who 
provides a full spectrum design and implementation solutions to several industries which
 includes; electronics, aerospace, commercial and the defense sectors. Aircraft Solutions employs 
a range of highly qualified professionals and houses an immense production plant, with an 
overall goal of providing high-quality solutions to accommodate specifications from a wide
range of customer demands. The following report is a security assessment on Aircraft Solutions
and the primary objective in this assessment is to identify the existence of vulnerabilities present 
within the global context of Aircraft Solutions’ operations. An evaluation of the associated 
threats will be deduced, accompanied by the exposed weaknesses. This will be followed by an
analysis of the degree of risk present. Finally, there will be a focus on the consideration of the
 consequences resulting from revealing of potential threats.

 Assessment 
Hardware and policy will be the main focus of this investigation. It will be narrowed down more 
to hardware issues. It is very curious that there is no firewall implemented between the
commercial division and the Internet. The Defense Department must be routed through
Headquarters, but the Commercial department is connected straight to the Internet. This is a
significant vulnerability. The second weakness that will be...

Words: 1151 - Pages: 5

Premium Essay

Aircraft Solutions

...SECURITY MEASURES AND AIRCRAFT SOLUTIONS Anita Crawford-Cowan Submitted To: Professor Kevin Reynolds SEC571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: September 21, 2014 TABLE OF CONTENTS Company Overview Page 1 Security Vulnerabilities Page 2 Policy Vulnerabilities Page 2 Hardware Vulnerabilities Page 3 References Page 4 Company Overview Aircraft Solutions (AS) is worldwide provider in the design and fabrication of component parts and services to industries such as aerospace, defense, electronics and commercial. Its headquarters, located in San Diego, California, has easy accessibility to various modes of transportation. Its locality creates an advantage to transportation modes either by land, sea, air or rail to anyplace on the globe. It also is homed with two (2) divisions which service either the Commercial Sector, whose locality is in San Diego County and its Defense Sector located in Santa Ana. Aircraft Solutions has an organizational structure divided into various departments to adhere to the mission of the company, which is to provide excellent service to its customers. It is dedicated to providing timely delivery, high quality, and low-cost product solutions to its customers, so as to keep long term, satisfied customers. These departments include a set of well trained staff of machinists, assembly workers, design engineers...

Words: 1100 - Pages: 5

Free Essay

Aircraft Solutions

...Aircraft Solutions: Security Assessments And Recommendations Session: March 2012 Security in Computing Professor: Randy Strauber BACKGROUND Aircraft Solutions (AS) located in beautiful southern California has become a recognized leader in the electronics, commercial, defense and aerospace industries. This is due their design and fabrication of component products and services available to their customers in the various industries. What set Aircraft Solutions apart from other design and fabrication companies are their dedicated, trained workforce and the maintenance of a large capacity plant and extensive equipment that enables the company to meet customer requirements. The company is made up of a large highly skilled work force that works its highly automated production systems from design engineers, programmers, machinists and assembly personnel. Aircraft Solutions goals are to provide excellent customer service and success through its machined products and services. This is achieved while at the same time keeping their cost, quality and scheduled deliveries in check. The main headquarters for Aircraft Solutions is currently in San Diego, California, while their Commercial Division is located 40 miles east of headquarters and the Defense Division is located in Santa Ana, California. Security Weakness In reviewing the current business process, geographic layout, current IT architecture and network infrastructure there were some security...

Words: 677 - Pages: 3

Premium Essay

Aircraft Solutions

...Summary 2 Company Overview 2 Two Security Vulnerabilities 3 Recommended Solutions 3 Summary 4 Citation: 5   Executive Summary The purpose of the report is to assist Aircraft Solutions (AS) in identifying the most significant Information Technology (IT) security vulnerabilities. AS products and services are at the forefront of the industry and the protection of such is very important as they are an industry leader. The vulnerabilities that will be discussed are those of the Aircraft Communications Addressing and Reporting System and defining security policy regarding the timeliness of firewall configuration and updates. Company Overview Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base: design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. Aircraft Solution uses Business Process Management (BPM) to handle end to end processes that...

Words: 699 - Pages: 3

Premium Essay

Aircraft Solutions

...Aircraft Solutions, headquartered in San Diego, California, is a company specializing in business-to-business products and services. Their customers are primarily in the electronic, commercial, defense and aerospace industries. They specialize in offering low-cost design and computer-aided packages to help their customers lower their costs for development and involve their customers in every step of the fabrication process while utilizing the Business Process Management System (BPM). With this method they hope to keep repeat business and attain long-lasting customer relationships. They have two remote locations outside of San Diego: The commercial division is 40 miles east in Chula Vista, California and the defense division is 90 miles away in Santa Ana, California. Aircraft Solutions prides itself on being recognized as an industry leader. However, after assessing the company’s information security, they may not be a leader for much longer. Two major security weaknesses have been identified: a hardware configuration problem and an unsound security policy for the firewalls. The company has five servers, a database, one switch, two routers, and a firewall. All of the hardware is behind the firewall except the main router. This router connects directly to the Internet, which is also the connection the commercial division in Chula Vista uses to connect to the headquarters. This configuration is set up in such a way where all Internet traffic hits the main router first...

Words: 1260 - Pages: 6

Premium Essay

Aircraft Solutions (as)

...Principles of Information Security and Privacy Introduction and Overview Aircraft Solutions (AS) is a design and fabrication firm that serves different sectors of the industry by providing high quality products and services with a variety of applications in the defense, aerospace, or electronics industry. AS is known by its large capacity automated production facilities located in Southern California and its well-trained workforce of design engineers, programmers, machinists, and other specialized manpower in the production platforms. Automated procedures helps the company in increasing productivity and reducing costs, as well as keeping a high level of credibility in meeting obligations and contracts with its customers and users. It uses the Business Process Management (BPM) scheme to manage its processes. BPM is a universal management methodology based on aligning the organization functions with customers’ requirements to produce the best product that meets the client’s definition according to the company standards. Security Vulnerabilities From studying current company’s configuration, layout, networking facilities, and policies, it is obvious that vulnerabilities do exist in some areas which will be addressed and analyzed. Actions that must be taken to mitigate the risk of any threat are dependent on the area of the weakness or the vulnerability, and the possible attacks that may utilize these vulnerabilities. The AS’s network has many vulnerabilities that...

Words: 846 - Pages: 4

Premium Essay

Aircraft Solutions

...Running head: AIRCRAFT SOLUTIONS AIRCRAFT SOLUTIONS Keller Graduate School of Management SEC 571 Principles of Information Security and Privacy Abstract An assessment of Aircraft Solutions (AS) as to what Security Vulnerabilities that might be found, two areas discussed are Hardware & Policy weakness and impact. Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 2 Hardware Vulnerability …………………………………………………..…….....2 Policy Vulnerability……………………………………………………………….3 Recommended Solutions 5 Hardware Vulnerability 5 Policy Vulnerability 8 Impact on Business Processes 9 Summary 11 References 12 Executive Summary The purpose of this paper is to explore and assess computer security as it relates to Aircraft Solutions. When we talk about computer security, we mean that we are addressing one or all of the three important aspects of any computer-related system: confidentiality, integrity, and availability. One of the challenges in building a secure system is finding the right balance among the goals, which often conflict. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on...

Words: 1902 - Pages: 8

Free Essay

Aircraft Solutions

...Executive Summary Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. Company Overview The main company strategy of Aircraft Solutions is to provide low cost design and computer-aided modeling packages to customers to reduce their development operating cost. One thing AS is especially proud of is that it will help the customer through all phases of new product deployment. It will help starting from the early prototypes through final large-volume production and assembly. Eventually the goal of Aircraft Solutions is to make long-term relationships with its customers and to keep on doing business with them in the long run. AS uses a few different business processes within the company. The first is Business Process Management (BPM). BPM is focused on aligning all aspects of an organization with the wants and needs of clients. It promotes business effectiveness and efficiency while striving for innovation, flexibility, and integration with technology (Chang, 2006). Then the Design Engineering department is responsible for reviewing the electronic models, interacting with the customer and making necessary modifications with customer approval, then placing them in an Engineering Release (ER) directory...

Words: 1868 - Pages: 8

Premium Essay

Aircraft Solutions

...AIRCRAFT SOLUTIONS SE571 Principles of Information Security and Privacy Phase II Course Project Company Overview Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base: design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. The company strategy is to offer low-cost design and computer-aided modeling packages to customers to reduce their development expenses. AS will help the customer through all phases of new product deployment, from initial prototypes through final large-volume production and assembly. By involving itself in all phases of customer product development, AS hopes to establish long-term relationships and secure repeated follow-on business with its customers. In addition, AS continues to invest heavily in workforce education and training, so as to improve capability to serve its customers. Security Vulnerabilities Overall...

Words: 1895 - Pages: 8

Premium Essay

Security Aircraft Solution

...Security weaknesses within an organizations system put the organizations assets at risk. After reading and viewing the infrastructure and architecture of AS, there are a few vulnerabilities that are very noticeable that would put their system at risk. The two evident areas are the vulnerabilities with the policy and the hardware. The first vulnerability apparent is the policy on updating the firewall and router rule sets. The security policy of AS, require that all firewalls and router rule sets are to be evaluated every two years. This is a lengthy amount of time to go without evaluating the rule sets. The intervals in the evaluation of the rule sets would put the organization at great risk for potential threats. The second vulnerability that is noticeable is that the backups are stored at the server location. This would put the company at great risk if there were ever some kind of disaster to occur. The security weaknesses mentioned above can be decreased with proper security controls. Vulnerabilities Hardware Vulnerabilities The hardware infrastructure of the AS Headquarters in San Diego, California had been identified during our recent security assessment as being a potential security weakness to the company's overall information systems security infrastructure. The system hardware infrastructure comprises of Five (5) Individual Servers One (1) Switch Two (2) Routers One (1) Firewall The hardware area of concern was the lack of Firewalls being used to protect...

Words: 2393 - Pages: 10

Premium Essay

Security Assessment for Aircraft Solutions

...Security Assessment for Aircraft Solutions Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 Hardware Vulnerability – Absence of a Firewall 4 Policy Vulnerability – Lack of Timely Updates 5 Recommended Solutions 6 A Hardware Solution 6 Impact on Business Processes 9 A Policy Solution 9 Impact on Business Processes 10 Summary 10 References 12 Executive Summary This report will seek to evaluate and address security weaknesses with the Aircraft Solutions company. As security weaknesses are pointed out relating to hardware and policy weaknesses, recommendations will be made to Aircraft Solutions to be examined and hopefully implemented to improve IT security operations. Aircraft Solutions, located in Southern California, recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. In reviewing Aircraft Solutions and its operations, uncovered were security vulnerabilities. Two vulnerabilities that were evident were issues with a lack of firewalls and the current security policy in place that is reviewed only every two years. Recommendations have been made that made help to remedy these vulnerabilities through the use of virtualization and by changing the security policy to be evaluated semi-annually instead of every two...

Words: 2450 - Pages: 10

Premium Essay

Security Weakness for Aircraft Solutions

...Security Weakness for Aircraft Solutions Michelle Harris SE 571 Principles of Information Security and Privacy Keller School of Graduate Course Project – Phase 1 January 22, 2012 Introduction In this report I will provide a security assessment of Aircraft Solutions (AS), a well known and respected equipment and component fabrication company located in Southern California. In the assessment I will identify and evaluate potential weaknesses, possible threats, the likelihood of the threat occurring and the threat if exposed in three key potential areas. AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. AS provides full spectrum design and implementation solutions to multiple industries, including the electronics, aerospace, commercial, and defense sectors. Aircraft Solutions employs a range of highly qualified professionals and houses an immense production plant, with an overall goal of providing high-quality solutions to accommodate specifications from a wide range of customer demands. I will primarily focus on the assessment that will identify the existence of vulnerabilities present within the context of AS operations as it pertains to their hardware and software. Lastly, recognition of the consequences resulting from the unfolding of potential threats will be given due attention. Security Weakness In the three areas targeted for potential threats, hardware, software...

Words: 782 - Pages: 4

Free Essay

Aircraft Solutions Risk Assessment

...Aircraft Solutions (AS) Security Assessment Submitted to: Professor SEC-571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: Overview Aircraft Solutions (AS) is a southern California company specializing in cutting edge design and manufacturing. AS supplies products and solutions in the fields of electronics, commercial, defense, and aerospace to a wide variety of customers. AS not only has a highly skilled and trained workforce, but they also utilize state of the art equipment that provides efficiency and productivity rarely seen in this industry. AS’s headquarters is located in San Diego, California while their Commercial Division (CD) is located 40 miles east of San Diego in Chula Vista, California. The AS Defense Division (DD) is located between Los Angeles and San Diego in Orange County, California. AS uses Business Process Management (BPM) to integrate customers, vendors, and suppliers in order to create a successful product. The success of the BPM is closely dependent on the success and efficiency of the Information Technology (IT) process of AS. Customer data, design engineering, and Proof For Production (PFP) are all examples of how AS’s IT success directly impacts their BPM. Vulnerabilities Hardware vulnerability AS has an obvious hardware vulnerability that could potentially have a catastrophic effect on the Chula Vista CD and the rest of AS. AS has a current network architecture that...

Words: 2620 - Pages: 11