Jacket X Corporation Security Policy - 1186 Words

JACKET-X-CORPORATION SECURITY POLICY RECOMENDATIONS A typical vulnerability and threat analysis begins with defining and classifying the network and system resources, assigning a relative level of importance to the resources, identifying the potential threats to each resource, developing a strategy to deal with the most serious potential problems first and defining the terms to mitigate attacks against the systems. â€Å"Effective vulnerability assessment starts with analyzing internal weaknesses for business processes†, therefore the first critical area of this assessment on the Jacket X Corporation is the need for a complete analysis of the payroll irregularities. (University of Maryland University College, n.d.) Internal Vulnerability:†¦show more content†¦In relation to independent contractor payroll entries, Jacket X‘s current system allows payroll specialists to alter payroll details in the validation phase which does create a vulnerability by allowing the validating authority to edit the payroll entries of independent contractors. The best way to correct this vulnerability is to remove editing privileges from the validating authority. The in-house payroll validation process currently in place at Jacket X is secure in that it separates duties and access privileges in a clear manner. (University Of Maryland University College, n.d.) With the implementation of the aforementioned recommendations, the vulnerabilities will be fixed, thus creating a more secure network for Jacket X Corporation. Probably the greatest payroll vulnerability identified is the recording and reporting of payroll activity. As of now the companies system allows for system specialists and administrators to have access to management metrics which they should not be able to view. As well as, and when the reports are imbedded into the Excel files for electronic distribution, they can be viewed and the data could end up in the wrong hands. It is good that in the current process, Jacket X does require document password protection which does help the Excel based vulnerability. Jacket X needs to scrub the various accesses of information by the personnel whom do not require access to the payroll system in order to carry out their