Quality Web Design

Quality Web Design (QWD) earnest Weaknesses Steve Gelin Submitted to Jack Sibrizzi SE571 Principles of Information protection and Privacy Keller Graduate School of perplexity Submitted 8/25/2012 Table of Contents Executive Summary3 Comp each Overview3 Security Vulnerabilities3 packet Vulnerabilities4 Hardw ar Vulnerabilities4 Recommended Solutions5 A Hardware Ex angstromle Solution5 A Software Example Solution5Impact on Business Processes5 Summary5 References6 Executive Summary My paper focuses on a bail assessment of Quality Web Design (QWD), which is a very successful company that is well-known for its magnificent and appealing websites they piece of work on trying to get your company or business in the top 10 search engine results so that searchers find you on the first page of the search results.They have a competitive determine scheme going on, they offer many different options for their website construction, and they start by offering the customer a selection of pre-desig ned websites that they themselves can customize with their man-to-man logos, text, images, themes or just a whole different template and any other education that would be helpful in catching the mall of potential customers. Company OverviewQuality Web Design (QWD) is a business that specifies and focuses on Web site, Web ontogenesis, content design, programming, graphic design, photo editing and logo design for all types of businesses. QWD is a web graphic design and development company based discover of Orlando, Fl. QWD cater to a huge and diverse clientele that spans across USA, UK and Canada. Security Vulnerabilities Software Vulnerabilities Listed further down are two security vulnerabilities software and computer hardware.These security vulnerabilities were identified through the sign verification of the QWD software usage for their web design company. A absolute majority of QWD personnel require out of office access when working on projects for the company, so the use o f Virtual Private Networks called (VPNs), Outlook Web email, Microsoft SQL 2008 legion and Microsoft Exchange 2007 email servers which utilize the corporate intranet resources.Remotely utilizing these programs or software out of the company go out cause QWD to be exposed to attacks from the cyberspace. But not only that, employees put the utilization of corporate equipment such(prenominal) as desktops, laptops & mobile devices (iPhones and Windows lively 6) in very harmful situations that the company will pay for dearly later as time progress. Having these equipment listed it is possible to get outside attacks from the internet while utilizing the company intranet resource on a remote computer that is not protected.As Ive read the different equipment listed at bottom the QWD company it seems that there employee laptops, & mobile devices are being use unprotected over the internet which could lead to situations such as trojan horses and email worms. For example Microsoft Exchange 2007 email servers has a well-known pic that could allow remote code execution, this photograph can allow an assailant to take control of your affected system with Exchange Server process account privileges or the attacker could just disable your services at heart Microsoft Exchange completely.Hardware Vulnerabilities The same can be said for the companies hardware systems listed such as their iPhones and Windows wide awake 6, these hardware devices that employees of QWD are devices that can easily be hacked by an outside user for example the iPhone 4 has a vulnerability that allows an intruder to be able to act silently and retrieve e-mail messages, SMS messages, calendar appointments, contact information, photos, music files, videos, along with any other information recorded by iPhone apps.The same can be said for their Windows Mobile 6 devices, theres a well know unblock with the Bluetooth function in all Windows Mobile 6 devices. This issue allows an private t o read or write any file thats on your mobile device, even the Internet Explorer on Windows Mobile 6 and Windows Mobile 2003 for Smartphones allows attackers to cause a denial of service which the attacker indeed uses to infiltrate your device to retrieve e-mail messages, SMS messages, and calendar appointments, contact information etc.From my research the only workaround provided for this vulnerability is not to accept pairing nor company requests from unknown sources. So it would be better if the individuals who are using devices with Windows Mobile 6 as their operating system should be very careful and careful of the things that they allow their devices to connect to. Recommended SolutionsFor QWD the installation of anti-malware to protect against malicious applications, spyware, septic SD cards and malware-based attacks against their mobile or hardware devices such as iPhones, laptops etc. Strongly enforce security policies, such as mandating the use of powerful PINs/Passc odes, use SSL VPN clients to effortlessly protect data in transit and meet appropriate network authentication and access rights finally centralize deposit and remote lock, wipe, backup and restore facilities for lost and stolen devices.As for software vulnerabilities the use of firewalls, on both laptops and desktops, anti-malware and spyware programs that will protect against malicious activities, modifyd software patches with the latest updates to security threats, the use of strong passwords and pass keys, when sending information over the internet whether classified or unclassified he use of an encryption instrumental role to keep that information from being intercepted. Impact on Business ProcessesAs we all know as IT professional, there can be a lot of different impacts that can affect work progress at heart a company such as password update reminders, the monetary value that will be take to implement these new changes, what would be the privacy, rules and regulations fo r these devices. non only will these new changes cause confusion for the first few months of the change up, they may also cause employees to feel paranoiac of the thought that their system could be compromised and that there being asked to constantly update things within their system.Summary In summary this paper focuses on the vulnerabilities of QWD as a Web Design and development company, the software and hardware vulnerabilities of their system and the needed recommended solutions for all devices such as their iPhones and Windows Mobile 6 usable devices. These devices left over(p) unchecked can cause major issues to the company if such items were attacked and employ to an attackers benefit. QWD as an organization must assess the situation with their software and hardware vulnerabilities and commence the proper and needed steps to counter these problems within QWD.References Degerstrom, J. (2011). web browser Security and Quality Web Design. Retrieved from http//www. jimdegers trom. com/blog/2011/05/browser-security-and-quality-web-design. html Lowe, S. (2009). Patch these circumstantial vulnerabilities in Exchange Server. Retrieved from http//www. techrepublic. om/blog/datacenter/patch-these-critical-vulnerabilities-in-exchange-server/611 Hamell, D. (2010). Malicious Mobile Threats Report. Retrieved from http//juniper. mwnewsroom. com/manual-releases/2011/At-RiskGlobal-Mobile-Threat-Study-Finds-Security Norman, G. (2009). Windows Mobile 6. 0 Users Beware of Bluetooth Vulnerability. Retrieved from http//www. findmysoft. com/news/Windows-Mobile-6-0-and-6-1-Users-Beware-of-Bluetooth-Vulnerability/ Greenberg, A. (2011). iPhone Security Bug. Retrieved from