Quality Web Design

Quality clear Design (QWD) bail Weaknesses Steve Gelin Submitted to shite Sibrizzi SE571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted 8/25/2012 T equal of Contents Executive Summary3 Company Overview3 Security Vulnerabilities3 packet Vulnerabilities4 Hardware Vulnerabilities4 Recommended Solutions5 A Hardware usage Solution5 A Software Example Solution5Impact on Business Processes5 Summary5 References6 Executive Summary My paper focuses on a auspices assessment of Quality wind vane Design (QWD), which is a in truth successful social club that is well-known for its magnificent and appealing websites they work on trying to get your accompany or business in the fade 10 search engine results so that searchers find you on the commencement ceremony page of the search results.They have a competitive pricing organization going on, they offer many different options for their website construction, and they start by oblation the cust omer a selection of pre- digited websites that they themselves mickle customize with their individual logos, text, images, themes or just a whole different template and any another(prenominal) information that would be helpful in catching the eye of likely customers. Company OverviewQuality Web Design (QWD) is a business that specifies and focuses on Web site, Web using, content design, programming, graphic design, photo editing and logo design for tout ensemble types of businesses. QWD is a web graphic design and development company based out of Orlando, Fl. QWD cater to a huge and diverse line that spans across USA, UK and Canada. Security Vulnerabilities Software Vulnerabilities Listed further down are ii security vulnerabilities software and hardware.These security vulnerabilities were identified through the initial assay of the QWD software usage for their web design company. A majority of QWD power require out of office access when working on projects for the company , so the use of Virtual Private Networks called (VPNs), Outlook Web email, Microsoft SQL 2008 Server and Microsoft transposition 2007 email servers which utilize the corporate intranet resources.Remotely utilizing these programs or software out of the company will hold QWD to be exposed to attacks from the mesh. But not totally that, employees put the utilization of corporate equipment such(prenominal) as desktops, laptops & mobile devices (iPhones and Windows industrious 6) in very harmful situations that the company will pay for dear later as time progress. Having these equipment listed it is possible to incur outside attacks from the internet while utilizing the company intranet resource on a remote calculating machine that is not comforted.As Ive read the different equipment listed within the QWD company it seems that in that location employee laptops, & mobile devices are organism used un nourished over the internet which could lead to situations such as Trojan horses and email worms. For example Microsoft transmute 2007 email servers has a well-known photograph that could allow remote jurisprudence execution, this vulnerability cornerstone allow an assailant to take control of your bear on system with Exchange Server service account privileges or the attacker could just disable your services within Microsoft Exchange completely.Hardware Vulnerabilities The identical can be said for the companies hardware systems listed such as their iPhones and Windows Mobile 6, these hardware devices that employees of QWD are devices that can easily be hacked by an outside substance abuser for example the iPhone 4 has a vulnerability that allows an intruder to be able to act silently and mobilize e-mail messages, SMS messages, calendar appointments, contact information, photos, practice of medicine files, videos, along with any other data recorded by iPhone apps.The same can be said for their Windows Mobile 6 devices, theres a well know issue with the Bluetooth function in all Windows Mobile 6 devices. This issue allows an individual to read or redeem any file thats on your mobile device, even the lucre Explorer on Windows Mobile 6 and Windows Mobile 2003 for Smartphones allows attackers to cause a denial of service which the attacker then uses to infiltrate your device to retrieve e-mail messages, SMS messages, and calendar appointments, contact information etc.From my research the only workaround provided for this vulnerability is not to accept pairing nor attachion requests from unknown sources. So it would be better if the individuals who are using devices with Windows Mobile 6 as their run system should be very mindful and careful of the things that they allow their devices to connect to. Recommended SolutionsFor QWD the installation of anti-malware to protect against malicious applications, spyware, infected SD cards and malware-based attacks against their mobile or hardware devices such as iPhones, laptops etc. Strong ly enforce security policies, such as mandating the use of strong PINs/Passcodes, use SSL VPN clients to effortlessly protect data in transit and ensure appropriate network credential and access rights finally centralize locate and remote lock, wipe, backup and unsex facilities for lost and stolen devices.As for software vulnerabilities the use of firewalls, on both laptops and desktops, anti-malware and spyware programs that will protect against malicious activities, updated software patches with the latest updates to security threats, the use of strong reach outwords and pass keys, when sending information over the internet whether classified or unrestricted he use of an encryption tool to keep that information from being intercepted. Impact on Business ProcessesAs we all know as IT professional, there can be a lot of different impacts that can affect work progress within a company such as password update reminders, the cost that will be need to implement these revolutionary changes, what would be the privacy, rules and regulations for these devices. Not only will these new changes cause confusion for the first few months of the change up, they may withal cause employees to feel paranoid of the thought that their system could be compromised and that there being asked to constantly update things within their system.Summary In abbreviation this paper focuses on the vulnerabilities of QWD as a Web Design and development company, the software and hardware vulnerabilities of their system and the infallible recommended solutions for all devices such as their iPhones and Windows Mobile 6 usable devices. These devices left unchecked can cause major issues to the company if such items were attacked and used to an attackers benefit. QWD as an organization must(prenominal) assess the situation with their software and hardware vulnerabilities and commence the proper and needed steps to counter these problems within QWD.References Degerstrom, J. (2011). Browser Security and Quality Web Design. Retrieved from http//www. jimdegerstrom. com/blog/2011/05/browser-security-and-quality-web-design. html Lowe, S. (2009). Patch these critical vulnerabilities in Exchange Server. Retrieved from http//www. techrepublic. om/blog/datacenter/patch-these-critical-vulnerabilities-in-exchange-server/611 Hamell, D. (2010). Malicious Mobile Threats Report. Retrieved from http//juniper. mwnewsroom. com/manual-releases/2011/At-RiskGlobal-Mobile-Threat-Study-Finds-Security Norman, G. (2009). Windows Mobile 6. 0 Users Beware of Bluetooth Vulnerability. Retrieved from http//www. findmysoft. com/news/Windows-Mobile-6-0-and-6-1-Users-Beware-of-Bluetooth-Vulnerability/ Greenberg, A. (2011). iPhone Security Bug. Retrieved from