Belmont state bank
2 Pages

Belmont state bank

Course Number: MBA 589, Spring 2012

College/University: Keller Graduate School...

Word Count: 618

Rating:

Document Preview

Mini Case 1 Belmont State Bank Belmont State Bank is a large bank with hundreds of branches that are connected to a central computer system. Some branches are connected over dedicated circuits and others use the dial-up telephone network. Each branch has a variety of client computers and ATMs connected to a server. The server stores the branchs daily transaction data and transmits it several times during the day...

Unformatted Document Excerpt
Coursehero >> Illinois >> Keller Graduate School of Management >> MBA 589

Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.

Course Hero has millions of student submitted documents similar to the one below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.

Case Mini 1 Belmont State Bank Belmont State Bank is a large bank with hundreds of branches that are connected to a central computer system. Some branches are connected over dedicated circuits and others use the dial-up telephone network. Each branch has a variety of client computers and ATMs connected to a server. The server stores the branchs daily transaction data and transmits it several times during the day to the central computer system. Tellers at each branch use a four-digit numeric password, and each tellers computer is transaction-coded to accept only its authorized transactions. Perform a risk assessment. At looking at this case it is clear that we need a secure network. Once major risk we need to ensure is the bank transaction are being transferred securely. Developing a secure network means developing controls that reduce or eliminate threats to the network. Here are some of the preventions we need to review when creating preventive measures to maintain compliance Virus Engine/DAT - All virus definition and DAT file in the organization must be up to date by performing inventory of all employees machine by using a Tool such as SCCM to ensure all machine have the correct version. Push will be performing remotely to ensure all machine have the proper version. Wireless Access - In order to access wireless within the organization all employees will be required to have a SSL certificate to enable access to wireless network. Only authorized authentication will be permitted online. Desktop Firewall -To assist in protecting again spywares or a predator using employees machines as a BOT employee must ensure their Desktop firewall are activated or a Group Policy (GPO) can be setup on the administrator side to ensure they are active and restrict any modification from users. All machines will have Desktop firewall enabled to reduce the risk of remote penetration to assist in Denial-of-Service avoiding (DoS) attacks. IDS Software - IDS software will be implemented to analyzed internal and network packet for vulnerabilities. This application can also be used for packet filtering to reducing IP spoofing from outsiders by ensuring all IP communication attempts are valid and authorized. Router restriction - We need to implement Access Control List (ACL) in the router to control network traffic. The router will look at the internal and external packages process via the Network layer of the OSI model which is consider to be layer 3. The router will ensure the source and destination IP address match to render clear passage. Encryption - All computers will be required to have encryption. This will reduce the risk when sending information internally and remotely. By encrypting the information will reduce man-inthe middle attacks from predators. VPN - To ensure a secure tunnel is being created to transaction. This will reduce the cost of having modems and provide a more secure path to the companys information servers. Vendors Agreement - Agreement with vendors should state the organization IT secure will Team will be notified with any security modification and patch after testing. Internal security engineer will test to ensure the patch works properly prior to disseminating on remaining hardwares. Controls prevent, detect and correct whatever might happen to the organization when its computer based systems are threatened. The first step in developing a secure network is to conduct a risk assessment. This is done by identifying the key assets and threats and comparing the nature of the threats of the threats to the controls designed to protect the assets. A control spreadsheet lists the assets, threats, and controls that a network manager uses to assess the level of risk. Above are some examples or some of the steps to take when we look at risk assessments.
MOST POPULAR MATERIALS FROM MBA 589
MOST POPULAR MATERIALS FROM MBA
MOST POPULAR MATERIALS FROM Keller Graduate School of Management