The risk analysis will use the Strengths, Weaknesses, Opportunities and Threats (SWOT) format to analyze the risks that could face the organization.
The purpose of the risk analysis is providing a detailed analysis of the possible threats and risks associated with the organization and the controls needed to mitigate these threats.
Risks considered on a normal basis are users leaving computers unsecure. When they walk away, not using proper storage techniques with their passwords i.e. storing them in plain sight. Users also have issues with leaving client personal information in open view when they leave their desks or when they leave for the night. Tailgating, entering into the office area without swiping the secured badge is another issue that many employees have been accused of and guilty of.
Workstations are a normal concern with any organization. Malware and viruses are a constant issue with the amount of e-mails that are received from external sources. These types of malware and viruses are down loaded to the system via attachments that are included in the e-mail. These types of infections can be dangerous if not caught with the Symantec AV that is being used on the PCs. Updates and patches are unable to stay current because there is not a WSUS server or an application similar being used. The updates and patches need to be manually loaded to the desktop systems.
In the LAN domain threats are older cabling, causing degradation of signal, patch panels not being maintained properly and defective wall jacks. There is not consistency across all of the patch panels causing possible disruption with the connectivity in some of the areas of the organization.
The LAN to WAN domain contains threats of inconsistent firewall policies, which could cause opportunities for DoS attacks and Man-in-the-middle attacks, this could provide for the entire system to be vulnerable to attack. Many employees have access to the Internet that do not require it, which could cause some security issues. In use are old VPN connections that are unstable and unreliable possibly causing breaches into the network. There is in place an antiquated telephony system that is difficult to program and has holes that attackers can expose and take advantage of.
The System/Application domain has s few risks that need to be addressed as quickly as possible. Old and insufficient amount of servers to maintain the system with redundancy is a primary risk to client personal information. Storage Area Network (SAN) is not replicated across all environments causing another possible risk to client personal information. Old domains are still active and are active across multiple environments which could cause placing client personal information into the incorrect environment causing a breach in the system. Active Directory is not utilized in the correct manner, which could cause employees without the proper authorization to access information they should not be privy to. Data Centers are only 35 miles apart, even though there are multiple connections to each of the data centers, if there were an environmental event that caused both data centers to be hit, such as a tornado or an earthquake, this could cause an outage for the entire network.
The Remote Access domain is of particular concern because there are so many remote users throughout the system. There is no inspection process in place to ensure that the user’s environment is secure. Questions that should be asked are:
* Is there any potential client information being made available to non-employees?
* Are the computer systems secured?
* Are the users locking the systems when they leave the systems to go to do personal business?
* Other risks are social engineering and the availability of going to inappropriate websites creating the availability of viruses and worms to enter