Internet Services and Security : 700398


This project is compulsory to all students. The students must choose any organization or company
Write a
security policy for the company.
Analyze risks for this company by defining the Assets, Threats and
Vulnerabilities T
determine the consequence of each threa
To successfully complete the project, the following deliverables need to be provided:

Proposal This document must contain the following information:
Project description:
An o
verview of the subject and technologies you are planningto present.


You must introduce your project in the classroom, and have a maximum of 15 minutes for presentation


Internet Security is an integral aspect in protecting the data or in formation shared across the internet in any organization. In any organization or business operation where transactions are carried out, internet security is given a top priority as any activity that might threaten the security of sharing information via the network might collapse the business[1]. Internet security entails data protection, data application protection and hardware protection. Generally, the security is largely concerned with the entire organizational network system that serves as a backbone to most of the organizational business operations[2].

To understand more on the internet security, this report provide a security risk assessment analysis of one of the creditor’s right law firm called Weintein, Weinberg and Reins (WWR) Company. This company provide services to financial institutions by collecting and storing their customer’s information that is used mostly in legal processes.  A further details on some of the security threats and vulnerabilities and their consequences associated with this company are given and finally ways in which these security issues could be avoided.

Weintein, Weinberg and Reins Company

This is a kind of organization that deals in providing collection of services and legal representations to most of its clients who are creditors. These creditors include banks, real estates, credit unions and any other financial institutions that offer credits to customers. The company therefore, is entitled in protecting sensitive and most confidential client’s information that is non-public and ought not to be disclosed to any unauthorized person. This company, largely relies on internet or computer network to provide their services. This therefore, comes with a great responsibility of ensuring that the information residing on their network is well secured and free from corruption of any sought as most of its client’s information is used mostly in legal proceedings[3].

For any organization, security risk assessment is one of the most important aspect of its security policies. Security risks assessment helps the company to understand various risks that it is exposed to with the fact that it is connected to the internet. A thorough security risks assessment identifies some of the threats the company is likely to face and this helps the organization in a formulating a proper security measures to protect its resources. Considering that most of the organizational important asset is data or the information it possess, most of the security threats are likely to be targeted on the company’s data resource. Therefore, it is the duty of the company to ensure that the data integrity is upheld and that the data is protected from any form of interference that could affect the integrity of their information.

Weintein, Weinberg and Reins Company handles a very delicate information for their clients. This exposes such companies to major threats from the client’s customers. Some of the threats associated with such companies include; data loss, unauthorized access, malicious or virus attacks and hacking. All these threats are targeted to the data resource managed by the organization and in the case where the attackers find any vulnerable point to the organization network system, the likelihood of such activities to occur is high.


Unauthorized Access to the data applications

Creditor’s right law firms relies mostly on data applications for processing of their services. Most of these applications are password protected and some do not have a proper access rights control mechanisms in place[4]. In most of these organizations, the mode of access control in place is the use of typed usernames and passwords which is not such a strong access control technology. Some of the users of these applications have weak passwords and others do type their password anyhow in the presence of other persons or users. Considering, that this company deals with very sensitive information, this security access control technology can easily be manipulated by attackers to gain access to the data applications and modify or corrupt the integrity of the company’s client information. The passwords can be easily hacked using methods such as brute force or anyone can look at the user while typing the password and record it.

Also, considering that this is not an IT company, the access rights are not well structure and sometimes a user can be able to view the information he/she is not entitled to. This can lead to users knowingly or unknowingly corrupting the company’s information thus leading to interference of data integrity and finally loses to the company. With this in mind, the company should adapt proper access authentication mechanism that seals off the existing vulnerabilities of password hacking that could lead to security breach which could compromise the company’s trust on handling its client’s confidential details.

Data Loss

Data loss can occur as a result of various events in an organization. It can be as a result of file corruption, deletion or organizational system failure[5]. In case of any failure the organization operations might collapse as a result of data loss if there is no proper backup and recovery mechanism in place. In most of the Creditor’s rights law firms, backups are done after a long period of time or they are not done at all. These exposes these companies to risks of losing very important information as a result of failure or an attack. Considering that most of the data handled by creditor’s right firms are financial details and have a legal implications on most of their client’s customers, the worst that the attackers would wish for is to get rid of their information from the company’s system. Therefore, without proper backup procedures and mechanism, the company risk of experiencing data loss at any single time during processing and transmission over the network.

Malicious code or Virus Attack

Most of the creditor’s right firms are not aware of the viruses that could be used to corrupt their information. They run they network and data systems without having any anti-virus software in place. Lack of anti-virus programs makes the company’s systems vulnerable to virus attacks that are extreme and could lead to loss of data or interference of the whole operation of the company. This in turn would lead to interference of the client’s data integrity leading to severe loses to the company? Most of the virus attacks are carried out via the company’s network, that is, if the attacker gains access to the company’s network, he/she is likely to introduce a malicious code or program into the company’s system and these could really causes a lot of damages in terms of data corruption to the company’s operations.  Use of anti-virus programs will ensure that the company’s network system is safe and free from any malicious attack thus safeguarding the integrity of its client’s information and preventing the company from collapsing due to loses.


Internet provides an avenue for the hackers to penetrate into the systems that are not properly safeguarded[6]. Mostly if a company’s network is not well segmented, it exposes it to failure in case hacking takes place. A security analysis on creditor’s right law firms shows that most of these organizations operates on a flat network topology whereby in case on part of the network is affected then the whole system collapses[7]. Also, the organizations do not implement security measures such as firewalls to prevent unauthorized persons from gaining access to the company’s network. This provide a weak point into the organization network that could be exploited by hackers to gain access to the company’s network and interfere with the company’s business operations. Creditor’s right law firms are mostly prone to hackers who are paid to either delete a certain information or delete it. Therefore, a proper security measures should be put into place to ensure that hackers are not able to gain access to the WWR Company so as not to interfere with the main asset of these organizations which is data integrity and confidentiality.

There are a number of consequences that WWR could face as a result of poor internet security[8]. These consequences could negatively impact the business operations of such organization in a very extreme levels if the threats are not properly managed.

To understand more on the consequences of the already discussed threats, the threats are analyzed based on the following categories.

The occurrence likelihood is the degree in which the named threat is likely to affect the creditor’s right law firm operations. That is, how often it can occur. The occurrence likelihood is given in a range of 1 to 3. Where the values represent the following:

  • 1 – not likely to occur
  • 2 – Slightly certain
  • 3 – Almost certain


This is the amount of impact the threat is likely to cause to the organization business operations. The consequences is categorized into either major or minor consequences.

Under this category the threat is analyzed in terms of the level of risks that the threat exposes the company to. The risks are grouped into minimal, moderate or extreme levels depending on the impact they can cause to creditor’s rights law firms business operations.

The table below shows the ratings analysis of the impacts of the main threats associated with creditor’s rights law firms.




Threat Occurrence Likelihood Consequences Risks Level
Unauthorized Access 3 – Almost Certain Major Extreme
Data Loss 3 – Almost Certain Major Extreme
Virus Attack 3 – Almost Certain Major Extreme
Hacking 3 – Almost Certain Major Extreme


From the table above it can be seen that the threats poses a great security concern to the company. This is because the occurrence likelihood, consequences ratings and level of risks for all the four security threats are high. This shows that the company’s internet system security framework is highly vulnerable and this could cost the company In case any of these vulnerability points are exploited by the attackers.

Considering the nature of operations carried out by creditor’s right law firms, an updated and proper security technologies must be put into place in order to ensure that the companies retain their clients and still remain in market[9]. There are a number of network technologies WWR organization should consider to adapt to in order to increases their security in preserving data integrity for their clients by protecting their information against threats such as the ones discussed above. Some of these technologies include:

Authentication Technologies

Considering the sensitivity and nature of the information handled by this company, a quality and more secure authentication technology should be put into place for access control[10]. This will help to prevent any intruder from gaining access and corrupting the cases files information as this would really get the company into losses. Therefore, this proposal recommends the use of a biometric authentication technology, as this will make it easy for the large number of employees associated with the company to identify themselves more effectively than the use of passwords which are more prone to hacking. Biometric authentication is the most preferred security method as it is hard to falsify another person’s details, since each employees biometric patterns are unique. With this technology, it will be easy to control access of users into the system and thus preventing unauthorized access due to use of weak passwords that could lead to data interference.

Use of Network Firewalls

Firewall are the most important part of internet security. This technology will prevent attacker from gaining access to the organization’s network[11]. This technology controls what data packets are allowed into and out of the company’s network. Firewalls filters all the network traffic and this prevent any malicious information from being introduce into the organization network[12]. Therefore, the WWR should incorporate firewalls into their network to discourage hackers or malicious codes or viruses from interfering with their business operations.

Use of Updated Antivirus Programs

Antivirus programs help the organization to stay safe from malicious code attack[13]. The company should use best antivirus programs considering that their data is so sensitive and if not well protected an intruder may modify it by introducing malicious code into their system.

Network Segmentation

This is another internet security mechanism that ensures that the network is well structured in a manner that a failure on one part does not affect the entire operation of the organization[14]. Network segmentation ensures that different users are grouped into different networks based on the rights each users are given. This will minimize the chances of data loss as well as prevent unauthorized persons from gaining access into organizational data which they are no supposed to see[15]. Also with network segmentation, it becomes easier to monitor the network operations and detect and prevent any malicious activities from causing harm into the company’s system.

Implementation of Backup and Recovery Mechanisms

The company should implement a day to day backup procedure of their information. This will help the company recover in case of any system failure or corruption from the attackers. Backups plays a vital role in enhancing the security of a network system and having in mind the complexity and integrity of the information that creditor’s law firms deals with, a proper backup and recovery mechanism will serve them best.

In conclusion, it is therefore important for Weintein, Weinberg and Reins Company to ensure that their systems are well secured throughout their operations. This is because the nature of the work and resources are so much exposed to threats from outsiders as their client’s customer’s record could have a legal implications to some individuals out there. Therefore, the company should ensure that they apply updated security measures such as biometric authentication technologies, use of firewalls, backup plans and recovery procedures as well as network segmentation. These measures will ensure that the organization processes it operations smoothly without fearing the risks of hacking, data loss, unauthorized access or malicious attack.










in media-library-data, , 2013, <> [accessed 26 March 2018].

in “Network Security: Common Threats, Vulnerabilities, And Mitigation Techniques”, , 2018, <> [accessed 27 March 2018].

in User Authentication Technologies, , 2018, <> [accessed 27 March 2018].

in Omnisecu, , 2018, <> [accessed 27 March 2018].

in, , 2018, <> [accessed 27 March 2018].

BEAVER, K. in “Top Five Network Vulnerabilities”, , 2018, <> [accessed 27 March 2018].

“ccna-study-guide”. in , , 2018, <> [accessed 26 March 2018].

“Firewalls”. in , , 2018, <> [accessed 27 March 2018].

Garden, H, C Security, & C Security, “How Firewalls Work.”. in HowStuffWorks, , 2018, <> [accessed 27 March 2018].

Horowitz, M, “How useful is antivirus software?.”. in Computerworld, , 2018, <> [accessed 27 March 2018].

“IT”. in , , 2012, 1-10, <> [accessed 26 March 2018].

Manky, D. in “Top 10 Vulnerabilities Inside The Network”, , 2018, 1-10.

Rampat, A. in “Vulnerabilities In Network Systems”, , 2015.

“VLAN Network Segmentation and Security- Chapter 5”. in , , 2018, <> [accessed 27 March 2018].

“why-secureworks?”. in , , 2017, <|SWRX|NB|US|All|General|Modbroad|Bing&utm_term=+network%20+security%20+solutions> [accessed 26 March 2018].

Young, G. in Best Practices in Network Segmentation for Security, , 2018, 1-6, <> [accessed 27 March 2018].

[1] in media-library-data, , 2013, <> [accessed 26 March 2018].

[2] “ccna-study-guide”, in Computer Networking Notes, , 2018, <> [accessed 26 March 2018].

[3] “why-secureworks?”, in SecureWorks, , 2017, <|SWRX|NB|US|All|General|Modbroad|Bing&utm_term=+network%20+security%20+solutions> [accessed 26 March 2018].

[4] “IT”, in Network Protection and Information Security Policy, , 2012, 1-10, <> [accessed 26 March 2018].

[5] D Manky, in “Top 10 Vulnerabilities Inside The Network”, , 2018, 1-10.

[6] A Rampat, in “Vulnerabilities In Network Systems”, , 2015.

[7] in, , 2018, <> [accessed 27 March 2018].

[8] in Omnisecu, , 2018, <> [accessed 27 March 2018].

[9] K BEAVER, in “Top Five Network Vulnerabilities”, , 2018, <> [accessed 27 March 2018].

[10] in User Authentication Technologies, , 2018, <> [accessed 27 March 2018].

[11] H Garden, C Security & C Security, “How Firewalls Work”, in HowStuffWorks, , 2018, <> [accessed 27 March 2018].

[12] “Firewalls”, in, , 2018, <> [accessed 27 March 2018].

[13] M Horowitz, “How useful is antivirus software?”, in Computerworld, , 2018, <> [accessed 27 March 2018].

[14] G Young, in Best Practices in Network Segmentation for Security, , 2018, 1-6, <> [accessed 27 March 2018].

[15] “VLAN Network Segmentation and Security- Chapter 5”, in InfoSec Resources, , 2018, <> [accessed 27 March 2018].

Related Assignment Samples

  • November 17, 2017 Methodologies and Technical Solution for Bazaar Ceramics : 648293
  • April 4, 2017 Principles of Transaction Processing
  • May 8, 2017 Business Information System
  • June 3, 2017 E Government System:552729
  • September 19, 2017 Sustainability and Portfolio Management:606010
  • May 15, 2017 ISOL 533 – Information Security and Risk Management:553270
  • May 9, 2017 Information Technology: Diana
  • September 6, 2017 Business Research:608132
  • September 19, 2017 Business Research (Enterprise Business Mobility):608132
  • August 31, 2017 Computer Information System:588870
  • January 15, 2018 Demonstration and Detailed Status Update : 668845
  • April 25, 2017 Project Scope Statement
  • September 25, 2017 Computer Science and Computer Engineering treats:621437
  • June 7, 2017 Information Technology-Medium Sized Telecommunication:539022
  • November 3, 2017 Competency Demonstration Report (CDR) : 629127
  • April 5, 2018 Evaluation of the Milwaukee Brewers Baseball Team : 684838
  • January 31, 2018 Effect of Creative Accounting on shareholders wealth : 668195
  • December 22, 2017 Telecommunication Management Network : 652798
  • June 7, 2017 Cyberpark.Co.Nz Web-Based System Analysis:534699
  • June 3, 2017 Issues in the e-Governance in Jordan:548708

Is this question part of your assignment?

Essay Paper has the leading writers who are ready to help you with your assignment today.

We are very confident in the quality of work that we offer you 100% Money back guarantee

Header Button Label: Get StartedGet Started