CIS 333: Networking Security Fund
As an information security officer for a small pharmacy there are a few things that need to be addressed. As with all companies it is top priority to make sure that the data that is input into the machines stays safe and to make sure that the people using the computers know it is their responsibility as well. As a security officer my supervisor has asked me to identify any inherent risks associated with the pharmacy and establish any physical and logical access control methods that will mitigate the risks identified.
When it comes to both physical and logical controls you have to keep the two separated …show more content…
To help with mitigation there is also different software that you can get that you can get to disable all USB so that the ports will be disabled or even encrypted. If a user plugs in a USB thumb drive the system would automatically encrypt it and that means that the user will not be able to get to the data on that particular thumb drive. (Unless of course they are in the computer industry then I guess technically- sometimes you can get it back). This of course is a good example of a logical vulnerability because all humans can be a risk to a network mostly unintentional but occasions intentionally. Personal devices like IPOD, IPAD, Kindles etc., are the worse culprits because these devices could bring malicious code, giving hackers access or breaking into the network because it is a “wink link”. I think that administrative controls are definitely important “With the firewalls you want to configure them in the reputable internet security program to block unsolicited request communication.” (Source 2) Firewalls need to be installed on each computer and configured