400-600 words

Please read the story entitled Data Breach an All-Too-Often Occurrence. (ATTACHED)

After reviewing the story, conduct research online into the various possibilities for analyzing and approaching the system documentation problems presented, and propose possible solutions. Address the following:

• Discuss the specific recommendations that you would make based on your personal experience and research.
• Discuss the impact (from the perspective of various stakeholders) of the lack of access controls and auditing.
• How can technology be used as an enabler and facilitator of effective access controls and auditing?
• How can you apply the lessons that you learned from the story to your own company problem?

 

Data Breach an All-Too-Often Occurrence1As Clive started his typical Wednesday morning routine, he was checking hise-mail. He saw a familiar name in his inbox. It was Jane, an informationtechnology (IT) security manager at a competitive company. Clive and Janehave a good working professional (and ethical) relationship in which theyoften share information relating to security breaches and issues. Clive opensthe e-mail, eager to see what new attack Jane has found. But in this case,Jane is pointing Clive to a pastebin link that contains the customer databasecontent from Clive’s company.Clive is now in a panicked but controlled state. His mind starts to race. Howdid these data get from the company database to this Web site? Who did it?What systems were compromised to generate this list of data? Clive takes amoment and composes himself, and then he begins to analyze the situation.The first task Clive does after he settles down is to inform the appropriatepeople. He calls his manager and tells her of the situation, and assures herthat he and his team are analyzing the situation and will keep her informed ofprogress. Clive’s next calls are to the team leaders of the network, database,and system administration organizations. The incident response plan isinitiated.Initial assessments from the three team leaders report the following:•Network:After review of the intrusion detection system and firewalllogs, there appears to be no abnormal activity; no alerts weregenerated.•Database:After a review of database accounts, user and datadefinition (DDL) and data manipulation (DML) audit logs and databaseintegrity checks, the database appears to show no abnormal activity.•System administration:The system integrity checks and systemaudit logs show no abnormal activity.After reviewing the reports, Clive is skeptical of the results, and he asks theteams to verify and confirm that log cleanup and deletion did not take place,and all leaders confirm that to be the case. Clive reports these findings to themanagement team. They are not pleased. They ask, “If no sign of break-incan be detected, then how did the list get generated and leave companypremises?”The incident response team heads back for more investigations. They nextdecide to review the application that the company uses. The application is anoff-the-shelf application with a full and rich feature list. The variousorganizations use the features and insist that all of them are needed. Upon

Attachments:

• 1495272362-U3_Story.pdf