Table Contents Executive Summary 3 Proposed Technology Solution 3 Proposed Process and Policies 4 Business and Managerial Impacts and Risks 5 Cybersecurity Risks and Challenges 5 Cybersecurity Risks and Challenges 5 References 7
Executive Summary
Ullman, Manly, & Ulysses Corporation (UMUC) is a worldwide supplier with a total of 75,000 employees. One-third of company’s personnel working in several locations in the United States and three European offices. UMUC Corporation relies on its network for continues business operations.
Currently, telecommunication network is managed by a third party vendor. Due to the customer demand and continuing business growth, telecommunications network frequently experiencing technical difficulties. Not only it creating problems for business processes, it also affecting financial side of the company.
Executive management team have agreed to implement internal network solution which will improve business operations and meet system requirements. The purpose of this paper is to define technologies which will help UMUC to solve current problems and will provide company with reliable and secure telecommunications network.
Proposed Technology Solution
To resolve telecommunications network issues UMUC executive team has decided to use a Virtual Private Network (VPN) Technology. This solution is a remote data network that makes use of the public telecommunication structure, retaining privacy through the use of a security and tunneling procedure. Simply speaking, businesses using VPN’s to get remote access to network resources (Henry, 2012). One of the greatest benefits of using VPN is that it provides the same competences as private leased lines but at a much lower price. That is due to the fact that a virtual private network using the common public infrastructure and making it possible to have secure sharing of public resources for data. In today’s world many companies are using a private virtual network for wide-area intranets as well as for extranets.
Proposed Process and Policies
As technologies continues to evolve and firms expands their businesses across the globe, the need for telecommunications and security polices becoming a part of a broad issue that involves both consumers and providers. Security of virtual private network is extremely important topic; however, many businesses choose to ignore it and this creates problems that directly impact business operations and financial performance. According to researchers from Queen Mary University and Sapienza University majority of the most popular VPN’s are not secure and can leak data if not properly used (Grauer, 2015).
Businesses began to change procedures by permitting traffic to be encrypted at the edge of one network, repositioned over the Internet like any other data, and then decrypted when it reached the firms network. This encrypted traffic behaves like it is in a tunnel between the two systems: even if an unauthorized user obtain an ability to view the traffic, they cannot read it, and they cannot modify the traffic without the alterations being seen by the getting party and therefore banned. Networks that are created using encryption are called secure VPNs. New technologies give consumers an opportunity to create network sections for wide area networks (WANs).
Business and Managerial Impacts and Risks
Linked network can become a target of attack. If a spyware or virus infects a client machine, there is possibility that the password for the VPN link might be disclosed to an unauthorized users. When using extranet or intranet VPN link, there is a high risk for all of the machines to get infected by a worm, that worm can grow rapidly across other networks. It is highly important to ensure that customer and/or linking networks evaluate all of the security risks before approving access privileges. By default VPN doesn’t enforce strong user authentication. A VPN connection should be established by an authenticated user (Stines, 2003). If the authentication is not strong enough to restrict access, an unauthorized user could connect to network and access its valuable resources.
Cybersecurity Risks and Challenges
Mobile devises used by a customer may be linked to the Internet, a wireless LAN at unprotected places such as hotel or airport. Security protection in most of these places is insufficient and create danger for VPN access (Grauer, 2015). If the VPN user machine is compromised, this poses a danger to the linking network.
Cybersecurity Risks and Challenges
To avoid identified risks, company need use the following mitigation approaches: 1. Strong authentication process should be implemented for clients that are linking remotely from untrusted networks. For example integration of tokens or smart cards can help to collect a user profile, algorithms and encryption keys. A PIN number is required to invoke the smart card. A token card generates a one-time password. When the user authenticates appropriately on the token by entering the right PIN number, the card will show generated passcode that will grant an access to the network. 2. The client system should have effective anti-virus software, with up-to-date signatures, to identify and prevent virus infections from spreading across the network. 3. Physical location of servers should remain secure at all times. The authentication data stored in the system must be protected under circumstances of a securely accessed location.
References
Grauer, Y. (2015, July 3). Security News This Week: Your VPN Probably Isn’t Private. Retrieved November 20, 2015, from http://www.wired.com/2015/07/security-news-this-week-070215/
Henry, A. (2012, September 5). Why You Should Start Using a VPN (and How to Choose the Best One for Your Needs). Retrieved November 20, 2015, from http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs?sidebar_promotions_icons=testingoff&utm_expid=66866090-67.e9PWeE2DSnKObFD7vNEoqg.1&utm_referrer=https://www.google.com
Stines, M. (2003). Remote Access VPN - Security Concerns and Policy Enforcemen. Retrieved November 20, 2015, from https://www.sans.org/reading-room/whitepapers/vpns/remote-access-vpn-security-concerns-policy-enforcement-881
