Huffman Trucking: Benefits Election System Security
Lisa M. Gardner
CMGT442: Information Systems Risk Management
March 19, 2012
Huffman Trucking: Benefits Election System
Huffman Trucking Company has requested a new Benefits Election System to be implemented within the organization. The current benefit packages include medical, dental, and vision plans for employees. For the Benefit Election System, employee information and the benefit package they choose are stored and managed on a database system. This can either be a hardcopy paper file or an electronic file. Regardless ...view middle of the document...
One security measure is that of firewall protection. A firewall blocks certain kinds of traffic between a source and a destination (TopBits, n.d.). This prevents the spread of computer attacks by blocking access to information from unauthorized sources. Additionally, firewalls can be configured to default-deny and default-access. Using the default-deny configuration the administrator inputs specific network sources that are allowed into the network and then blocks access to the rest. Using a default-allow configuration administrators list network servers that they are not allowed into the network and then unlisted servers are allowed. In the case of the Benefits Election System for Huffman Trucking one or multiple firewalls should be in place to fight invasion.
Another security measure that Huffman can elect to implement with the Benefit Election System is password protection. Password protection allows the user to create and implement a user specific identification screen name and password to access information. The Benefits Election System should also include some sort of password protection capability; however, only a select few individuals within Huffman should have access to the password to reduce possible security issues. Additionally, users should memorize their username and password to further protect the privacy of this information. Password protection measures also include password renewal for all users. This measure requires users to change their password at specific times to ensure safety. As an additional security feature to the password renewal, a user would not be able to use the same password or previous passwords for a specific number of times; usually the last two or three passwords. Implementing password renewal on the Benefits Election System would make security for the system tighter as passwords would be required to change every few months. In the event that a non-authorized person gained access into the system, the password would only be good for a specific length of time before being changed.
Risk by definition is “the probability or threat of a damage, injury, liability, loss, or other negative occurrence, caused by external or internal vulnerabilities, and which may be neutralized through pre-mediated action” (Business Dictionary, 2011). By utilizing a Strengths, Weaknesses, Opportunities, and Threats (SWOT) analysis, individuals and corporations alike can determine where their weak spots are and attempt to correct them prior to the risk occurring. Taking into consideration the Benefits Election System, there are several potential risks within the systems. These risks include database corruption, spyware, and hacking.
Database corruption is one potential safety concern for the Benefits Election System. Database corruption comes in several forms including viruses and...