Premium Essay

Web Security Issues

In: Business and Management

Submitted By samperera
Words 356
Pages 2
Web Security Issues/Concerns
Comparing to other online Apollo group organizations Riordan manufacturing has a few locations. No matter the size of the business but still the information and the database needs to be protected in any way. To overcome this the web up-time needs to be more effective and fast. In that case if a customer place an online order it can transmitted real fast to Riordan manufacturing to process the order. A weak point I found on Riordan manufacturing website is there is no option for customers for online entries. Also if they are willing to create a for customer information entry it should be protected by (DOS) Denial of Service to prevent online attacks and threats wise versa.
Current Riordan Manufacturing website specifications
As I went through the information each Riordan manufacturing facility has their own web server which runs internally, but with any firewall which is a huge risk. I found out that each web server is being installed and maintained by different vendors without any continuity plan or proper security measures. In case if a customer needs to contact Riordan manufacturing they has the option to send a text message describing their need. The email and phone numbers of Riordan are listed on the website as well.
Recommendations to secure the web security
I do suggest that if Riordan can setup one server on a location and connect all locations to it. It that case they can maintain and monitor their system easily and quickly before a potential threat or attack. They need to setup their web server as an external proxy server. Proxy server will control all in-coming web traffic. Proxy server cannot communicate back. So, it will be a one way communication which the information will be secured. Also Riordan manufacturing needs to create a secure customer database in SQL which they can access records faster. Another suggestion is...

Similar Documents

Premium Essay

Riordan Manufacturing Internet Security Issues and Web Concerns

...Riordan Manufacturing Internet security issues and web concerns The biggest, and probably the most insidious threat facing Riordan comes not from aging servers, poor physical security, or antiquated workstations, but from their own employees; many of which may become unwitting pawns of social engineering, phishing, and malware. In recent surveys conducted across the industry, “More than 50% of businesses consider their own employees to be the greatest IT security threat, with 54% of respondents believe that insiders are the biggest threat, compared to 27% who fear criminals the most, 12% state-sponsored cyber-attacks and 8% competitors (Swabey, 2013).” With a growing trend across the industry, to include even the Department of Defense, to allow employees access to social media sites like Facebook, Twitter and LinkedIn, this comes as no small wonder. “Don't be too proud of this technological terror you've constructed (Lucas, 1976).” On the surface, all four of Riordan’s plants have firewalls at the border of their network, and to many novice system administrators and misguided information technology specialists this should be more than enough to secure the network from internet based attacks. Chances are these firewalls are inadequately configured; explicit deny means nothing if your letting social media sites into your internal network. “Social networks are about connecting people, and a convincing-looking profile of a person followed by a friend or connection request......

Words: 921 - Pages: 4

Premium Essay

Nt 1110

...Nt1110 Lab 10 Research Project E-Commerce Security E-Commerce (Electronic commerce or EC) is the buying and selling of goods and services ort he the transmitting of funds or data, over an electronic network , primarily the internet. These business transactions occur either business to business ,business to consumer ,consumer to consumer or consumer to business. The terms e-commerce and e-business are often used interchangeably. The term e- tail is also sometimes used in reference to transactional processes around online retail. E-commerce is conducted using a variety of applications, such as email, fax, online catalogs and shopping carts , Electronic Data Interchange (EDI),File Transfer Protocol, and Web services. Security is an essential part of any transaction that take place over the internet .Customer will loose his/her faith in E-commerce if its security is compromised. Following are the essentials requirements for safe e-payments/transactions. Confidential-Information should not be accessible to unauthorized person. It should not be intercepted during transmission. Integrity-Information should not be altered during its transmission over the network. Availability-Information should be available wherever and whenever requirement within time limit specified. Authenticity-There should be mechanism to authenticate user before giving him/her access to require information. Non-Repudiability-It is protection against denial of order denial of payment. Once a......

Words: 813 - Pages: 4

Premium Essay

Pdf, Docx

...Nt1110 Lab 10 Research Project E-Commerce Security E-Commerce (Electronic commerce or EC) is the buying and selling of goods and services ort he the transmitting of funds or data, over an electronic network , primarily the internet. These business transactions occur either business to business ,business to consumer ,consumer to consumer or consumer to business. The terms e-commerce and e-business are often used interchangeably. The term e- tail is also sometimes used in reference to transactional processes around online retail. E-commerce is conducted using a variety of applications, such as email, fax, online catalogs and shopping carts , Electronic Data Interchange (EDI),File Transfer Protocol, and Web services. Security is an essential part of any transaction that take place over the internet .Customer will loose his/her faith in E-commerce if its security is compromised. Following are the essentials requirements for safe e-payments/transactions. Confidential-Information should not be accessible to unauthorized person. It should not be intercepted during transmission. Integrity-Information should not be altered during its transmission over the network. Availability-Information should be available wherever and whenever requirement within time limit specified. Authenticity-There should be mechanism to authenticate user before giving him/her access to require information. Non-Repudiability-It is protection against denial of order denial of payment. Once a......

Words: 813 - Pages: 4

Premium Essay

Cis 500 Case Study - Cloud Computer

...services. This paper discusses the Amazon Web Services (AWS) and evaluates the scalability, dependability, manageability, and adaptability of Amazon Elastic Compute Cloud, Amazon Simple Storage Service, and RightScale. Moreover, this paper examines the security concerns for cloud-based services and assesses scalability, reliability, and cost issues. Assess how Ericsson benefitted from Amazon Web Service (AWS) in terms of cost reduction, automated software updates, remote access, and on-demand availability Ericsson is one of the world’s leading providers of technology and services to telecom operators. There are reasons how Ericsson success like that. According to the Amazon Web Services (AWS) Case study, Ericsson uses AWS such as Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and RightScale for provisioning and auto-scale functionality. AWS give many benefits to Ericsson. For example, Ericsson saves money to invest to build on-premises infrastructure by using AWS. Ericsson also saves the time to build and install the infrastructure. Some of the technical benefits of cloud computing include automation and auto-scaling. AWS had the ability to deploy new applications and automated software updates instantly. AWS are able to scale up and down as demand changed and drive more efficiency. With Amazon S3, Ericsson can add any amount of content and access anywhere. AWS provides on-demand access to scalable web and application servers,......

Words: 1257 - Pages: 6

Premium Essay

Course Discription

...& Brown, L. (2008). Computer security principles and practice. Pearson Education, Inc. Software Microsoft® Project 2010 (Virtual Desktop) Microsoft® Visio® 2010 (Virtual Desktop) Microsoft® Excel® 2010 (Virtual Desktop) Microsoft® Word 2010 (Virtual Desktop) All electronic materials are available on the student website. Supplemental Resource Microsoft. (2012). Microsoft Office Project 2010. Hoboken, NJ: Wiley. Article References Barr, J. G. (2012). Business continuity for web sites. Faulkner Information Services, 1-9. Barr, J. G. (2012). Identity management market trends. Faulkner Information Services, 1-10. Barr, J. G. (2013). Common criteria overview. Faulkner Information Services, 1-10. Barr, J. G. (2013). Biometrics market trends. Faulkner Information Services, 1-7. Week One: IT Security Overview Details Due Points Objectives 1.1 Recognize the importance of IT security implementation. 1.2 Identify major security issues associated with physical and operating system security. 1.3 Describe basic advantages and disadvantages among the various security implementations. Course Preparation Read the course description and objectives. Review the Learning Team Toolkit. NOTE: TestOut LabSims are available for this course. See Week One, Course Materials Page. Reading Read Ch. 1, “Overview,” of Computer Security Principles and Practice. Reading Read Ch. 2, “Cryptographic Tools,” of Computer Security Principles and......

Words: 949 - Pages: 4

Premium Essay

E-Business

...are two types of environments, open insecure, and secure. The web site will be one or the other. It either has security or it has no security at all. After searching the internet I was unable to divulge any web sites that provided information as to the benefits of an open environment. This leads me to believe that there are no benefits to it at all. After thinking about it the only benefit I could even conceive would be faster access within the web site from page to page. I feel that most people would trade this for the security of a secure site. Even home computers have security, such as firewalls, and virus protection on their computers. The consequences of having an open environment are important ones. Viruses can be placed on the system which can cause the entire computer system to crash. Hackers can get into the system and obtain personal information from the site that can lead to identity thief. Hackers can obtain email lists from the site and send spam mail which would appear to come from the web site. Hackers can also place viruses on the web site, or steal banking information for customers. The web site could not be accessed if hackers were to place a virus that caused a “denial of service”. An overly secure web site can have benefits if the site is only open for a select group of people. The Department of Defense for example has an overly secure web site. They have information on the web site, much of which is private, which has to be protected from......

Words: 905 - Pages: 4

Premium Essay

Unit 4 Discussion

...The Apache Software Foundation (ASF) is a reputable open source foundation that has a history of developing and maintaining many open source products, including the Apache Web Server. In April 2010, the ASF discovered that their server hosting issue-tracking software was “hacked.” You can read a report on the incident on the following Web link: * https://blogs.apache.org/infra/entry/apache_org_04_09_2010 This report documents how a vulnerability was exploited, which solutions worked, which didn't work, and the measures planned by the Apache Infrastructure Team to mitigate future risks. Security is a layered process. Although the hackers took advantage of a vulnerable third-party Web application to gain root access to ASF’s Linux infrastructure, you need to focus on the layers of security that worked and failed on the Linux infrastructure, and how this vulnerability could have been avoided with a more secure Linux server. Discuss how the hackers took advantage of the JIRA daemon. What role did Pluggable Authentication Modules (PAM) play in this process? What are the security measures that you would recommend to mitigate such risks in the future? Participate in this discussion by engaging in a meaningful debate regarding the role of the JIRA daemon and PAM in the system breach and suggest security measures. You must defend your choices with a valid rationale. At the end of the discussion, write a summary of your learning from the discussion and submit it to your......

Words: 1568 - Pages: 7

Premium Essay

Security Assessment

...Security Assessment Methodology and Tools for Conducting Security Assessment Footprinting and scanning an organization involves gathering information about the organization in both the passive and active forms. Active footprinting involves assessing the required information about the company through the website, while the passive footprinting is where one would find out the information directly with the organization through the customer care or from an employee of the organization. Security assessment of organizations is carried to identify the security issues such as the risks that the company is exposed to through the information is available from the company’s website or the customer care desk. For most organizations, important information about the company is stored in the company’s database through cloud computing of the website (Gupta, 2013). The existence of high risks in an organization requires the need for an intensive security assessment. In conducting the security assessment, the following tools and methodologies are used; Web Application Security Scanner The web application security scanner is a tool that is used by organizations in speeding up the process of identifying the web applications vulnerabilities. Company websites, for instance, are vulnerable to various risks that lead to loss or lack of privacy of the information saved in the company’s database. The tool thus, assists in identifying the vulnerabilities in the shortest time possible....

Words: 652 - Pages: 3

Free Essay

Af 302 Essay on Web 2.0 Technologies

...Introduction Web 2.0 refers to a variety of websites and applications that allow people to create, share, collaborate and communicate. Web 2.0 unlike from other types of websites as it does not require any web design or publishing skills to participate, making it easy for people to create and publish or communicate their work to the world. The nature of this technology makes it easy and popular way to communicate information to a much wider audience. There are number of different types of web 2.0 applications including wikis, blogs, social networking, folksonomies, podcasting & content hosting service, YouTube, Facebook, MySpace, and Flickr (Thomson, 2008). However, despite it greater advantageous to our world today, there are some threats involved on the other hand. In this essay, I will discuss some number of privacy and ethical issues associated with the use of this type of technologies. As well some threats such technologies pose for small Pacific Island communities. Lastly, I will discuss the reasons why a privacy bill should or should not be adopted in the Pacific. Ethical and privacy issues related with the use of web 2.0 technologies? Copyright is one of a major issue related with the use of web 2.0 technologies. This ethical issue is referring to copy of others information illegally, by means without the permission of the copyright holder. Using of web 2.0 technologies like Facebook, you tube and other applications nowadays are rapidly growth all over the world...

Words: 774 - Pages: 4

Free Essay

Cloud Computing

...and services to mobile and fixed network operators all over the globe” (Ericsson n.d.). Amazon initiated their web service (AWS) in 2006, by offering IT infrastructure services to businesses in the form of web services referred to as cloud computing. One of the key benefits of cloud computing is the opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with your business (Amazon 2014). Ericsson benefits of AWS Amazon Web Services provided Ericsson with a highly integrated public cloud with hosting centers in practically every region in the country. This benefit would be a big plus due to the universal impact that Ericsson makes in the telecommunication industry where they provide services to more than one billion consumers. Cost savings was a significant benefit for Ericsson due to not having to expend the capital to build a comparable IT infrastructure internally. Arpit Joshipura, Ericsson Vice President of Silicon Valley (2014) states that, “With cloud computing services, operators can combine the user experience with professional services and will be able to handle a range of issues, such as protection of personal information, confidentiality of sensitive business data, data protection, IT governance, legal questions, unclear regulation, non-standardization, customer support and billing. Additionally, Amazon Web Services provided a proven track...

Words: 1184 - Pages: 5

Premium Essay

Firesheep

...Introduction I came across an article dates back to 2011. The title of this article is called “New Hacking Tools Pose Bigger Threats to Wi-Fi Users”. The title of this article basically sums up what the type of threat it is and a general idea of what the article will be about. Turns out there were more to this title than I thought because the person imposing the threat is a network security expert, a white hat hacker. Network Threat A security expert by the name of Eric Butler decided to release a free hacking tool called Firesheep, onto the Internet. Firesheep is an add-on of Mozilla Firefox, which means a Firefox browser has to be installed, to use this software. What is so intriguing about this tool is, no hacking experience is required, and anyone that downloaded this software will be able to hijack login information on an open wireless network. Threat materialized Firesheep was basically designed to targeted sites like Facebook, Twitter, Flicker, Amazon, eBay, etc. Sites that didn’t fully implemented HTTPS. HTTPS stands for Hypertext Transfer Protocol Secure, it is a communication protocols that provides encryption communications between its sender and its receiver. Websites that don’t support HTTPS or doesn’t fully use HTTPS are at risk of exposing their users’ information during their session with the site. Firesheep nourished on websites without HTTPS. Because it provided Firesheep users with no limitation to amount of account logins they can......

Words: 1132 - Pages: 5

Premium Essay

Apple Security

...Jordan Jackson Is User Security as Important to Apple as They Say? Over the last couple of weeks, multiple nude photos of celebrities have been (and continue to be) leaked due to a hacker being able to figure out the usernames and passwords to their Apple iCloud accounts. Celebrities such as Jennifer Lawrence, Rihanna and Jenny McCarthy have been affected by this recent hack but they’re just the tip of the iceberg.  Apple’s investigation is ongoing but they released a statement through Spokeswoman Natalie Kerris saying that they “take user privacy very seriously and are actively investigating this report.” This recent infiltration of Apple’s iCloud made me realize how much we as a society use our phones to do almost everything (taking photos/videos, paying bills, managing bank accounts, etc…). More importantly it made me wonder how safe this information on our phones really is. Obviously the security measures in place at Apple aren’t what they should be if a hacker can run a simple “common password” software and potentially access the personal files of any user they choose. This security breach made me step back and take a look at not only Apple’s current security measures but those of other companies/phone carriers. This controversy has raised many questions, the most important of those questions being whether Apple and other companies are taking user security as seriously as they lead us to believe and the answer to that question is no. Apple dropped the ball by not......

Words: 1695 - Pages: 7

Free Essay

Cloud Computing

...CIS500: Information Systems Decision-Making 2012, December 2 How did Ericsson benefit from Amazon Web Services (AWS)? According to Amazon’s Web Service website, it gives users the option to run just about everything using their service applications. By incorporating cloud computing, users are able to cut variable costs to a more attractive scale for the business by eliminating costly administrative and hardware fees. Due to remote access, Ericsson was able to immediately take advantage of AWS’s benefits since the infrastructure was already up and running. Demands change quickly and it’s important for a company to be able to adjust accordingly. By using the cloud system, Ericsson was able to employ software updates and new applications quickly and more effectively. AWS services hundreds of thousands of customers in more than 190 countries, making their global infrastructure far more expansive than competitors; this allowed Ericsson to have data centers in various parts of the world. According to information provided in the case study, Ericsson chose AWS because they felt it was “the most integrated public cloud provider in the Rightscale Cloud Management Platform (Rightscale)”. Amazon EC2, Amazon S3, and RightScale Amazon EC2 The AWS website describes Amazon Elastic Compute Cloud (Amazon EC2) as a web service that provides resizable compute capacity in the cloud, making web-scale computing easier for developers. It also allows you to quickly scale capacity up and......

Words: 1122 - Pages: 5

Premium Essay

It Assignment

...programming software. , The most important type of software for computer users is application software, because it can used to achieve many of the tasks so that we can turn to our computers in the first place, such as Web browsing, word processing, and data crunching. Application software applies the power of system software. This is why when downloading software, you have to find a version that fits with your running operating system (OS). That software draws on the OS to create a spreadsheet, PowerPoint presentation or Word document in essence. The software that it worked like in your house pipes run behind the scenes to keep things invisible is programming software, or middleware. System software includes all components of the computer's operating system (OS), including configuration files, other key system components and device drivers. This software provides a basis for the system and tell the computer’s hardware what to do. Analysis There have been debates on Web applications replace desktop software applications started from long time ago. While some features better suited for Web applications. I think the legacy systems and security concerns will prevent desktop software become obsolete. There have no clear answer, some people think that argument Web applications and application software between is pointless. Although some people believe...

Words: 1528 - Pages: 7

Premium Essay

Security Project

...SECURITY WEAKNESSES FOR QUALITY WEB DESIGN Contents Course........................................................................................................ Error! Bookmark not defined. Introduction ............................................................................................................................................ 3 Abstract .................................................................................................................................................. 4 Company Background.............................................................................................................................. 4 Software Weaknesses and Recommendations......................................................................................... 5 Hardware Weaknesses and Recommendations........................................................................................ 6 Network Security flaws and Recommendations ....................................................................................... 7 REFERENCES:........................................................................................................................................... 7 Introduction A company that deals with making web site and web business solutions is known as Quality web design. The company provides its customers to provide an opportunity so that they can spread their business through the internet. The other business solutions accompanied are......

Words: 1406 - Pages: 6