sonali non technical email

FROM: SONALI PAUL JASSAL- IT SUPPORT TEHCNICIAN TO: MANAGING DIRECTOR CC/BC: SUBJECT: Summary of meeting with IT manager. Dear HR, from my findings from the interview with the IT Manager, it has led me to realise that: · • There is a lack of security controls • A lack of knowledge in mitigation and security overall • Less focus on regular maintenance • Training needs to be carried on a regular basis • Operating systems aren’t standardised • Lack of Knowledge in this area. • There Is a lack of security controls as employees are sharing admin passwords • There is no role-based access control in place No Role Based Access Furthermore, as employees have full admin access, there are allowed to install software without any permission needed. This is a concern as it is going to lead to all staff making unauthorised changes and modify anything they like and without a way of tracing the individuals it can be hard as an to keep track and log what has been done. Furthermore, an employee might install something malicious or a malicious software, which will affect the entire network and will cause many disruptions but also leave the organisation suffering financially and reputationally. Maintenance There is generally less focus on regular maintenance and making sure everything is looked after, which poses a big risk as security vulnerabilities will keep growing and they may not be aware of anything that might be a danger to the company. Employee training Having only one session of training on the induction and only password safety and basics is clearly not enough as technology is rapidly advancing and so are threats, therefore everyone in the company should be fully aware on the latest threats but also should know how to effectively mitigate it if it were to happen No detection or alert systems Not having a system in place can put the business at risk of threats as it can lead to system failures, security breaches all going unnoticed and can cause data loss, financial damage without anyone knowing I hope this is a clear overview. Thank you for your Time

Comments

Post a Comment

Popular posts from this blog

Post-Implementation IT Satisfaction Survey – NexaTech Staff Dear Team, As part of our commitment to improving our IT infrastructure and security, we value your feedback. Please take a few minutes to complete this short survey. Your input will help us identify what is working well and where further improvements may be needed. 1. Onboarding & Training How confident do you feel using the new systems (Microsoft 365, OneDrive, Intune)? Very confident Somewhat confident Neutral Somewhat unconfident Not confident at all 2. Ease of Access How easy is it to access your files and applications remotely? Very easy Easy Neutral Difficult Very difficult 3. Device Performance Has the performance and reliability of your work device improved since the upgrades? Strongly agree Agree Neutral Disagree Strongly disagree 4. Security Awareness Do you feel more aware o...
Read more

task brief

Image
  Scenario You are a junior cyber security technician who has been hired by Shooting Star Drones Ltd to address some of the issues that it has recently experienced with its network and suspected unauthorised external access to its systems. Shooting Star Drones Ltd has been operating for 3 years and has a reputation for innovative and spectacular drone displays. The company aims to provide cheaper, more environmentally friendly drone displays to replace traditional fireworks. Displays can be of different sizes with displays often using up to 1000 drones. The company has 220 employees in its single office and is expecting to grow rapidly in the next 5 years.     Brief As part of your role, you are involved in a large security management project to identify and remediate the possible security breach. You have also been asked to support members of staff who requir...
Read more