preview

Nt1330 Unit 3

Decent Essays

Users can be the main risk to an organization. A disgruntled employee can access the server and open it up to all types of security issues or install malware or virus’. User access to the server should be limited to users that need admin level and closely monitored. Admin accounts should never be used for day-to-day activities as this could lead to username/passwords being stolen more easily providing access to others from the outside. When an employee leaves their admin and general use accounts should be turned off immediately. If an employee is to be terminated with cause, theses accounts should be disabled prior to the termination discussion. Users risk are medium impact and highly controllable with policy and procedures. Moving to the workstations in the company. Virus, malware and Infected email can all be talked about at the same …show more content…

All three of theses are high for impact as they can cause great deal of damage to the network and control I’ve listed as medium because there is the human action that must be considered. Virus and malware detection software should be installed and kept up-to-date as well as training for users to understand how to use email. Users should always be aware of who is sending them email and not open attachments from users they do not know or unsure of. Phishing is easy and generally great way of gaining access to a network, people in general want to help, they may get an email or a phone call from someone posing as something they should be able to trust and provide details that could allow the hacker to gain access to their network. Information such as equipment type (server, firewall, routers), IP address, email addresses, any of this information could be used to stage an attack on the network. Again training is key here. If you train your employees well on data security they will know what they can and can’t answer and whom to send request to so they can be followed-up on. The last one for the Workstation is the

Get Access