Your boss mentions that recently a number of employees have received calls from individuals who didn’t identify themselves and asked a lot of questions about the company and its computer infrastructure. At first, he thought this was just a computer vendor who was trying to sell your company some new product, but no vendor has approached the company. He also says several strange e-mails requesting personal information have been sent to employees, and quite a few people have been seen searching your company’s trash dumpsters for recyclable containers. Your boss asks what you think about all of these strange incidents. Respond and be sure to provide recommendations on what should be done about the various incidents. Students are required to post one original response to the discussion questions each week, as well as a response to one classmate. Original responses should not be a word for word rehashing of what is stated in the readings, but rather an integration of the concepts and additional insights, either from real world experience or additional sources. It should be a 250 word response to the question each week by 11:59 p.m. on Wednesday evening. Your primary posting may end with a tag-line or a related question of your own.

The strange incidents described by your boss could indicate potential security threats to the company’s computer infrastructure. The calls from unidentified individuals asking questions about the company could be attempts to gather information for malicious purposes. These individuals could be trying to gain insight into the company’s computer systems, network architecture, and potential vulnerabilities.

The strange emails requesting personal information could be attempts at phishing, where attackers try to trick employees into revealing sensitive information, such as login credentials or personal identification details. These emails may appear legitimate and aim to exploit unsuspecting employees.

The people searching the company’s trash dumpsters could be engaging in dumpster diving, a technique used to gather information from discarded documents or devices. This could include confidential information, such as intellectual property, customer data, or internal memos that could be used against the company.

To address these incidents, it is important to implement a comprehensive security strategy. This strategy should include the following recommendations:

1. Educate Employees: Train employees to be vigilant about sharing sensitive information, both verbally and through electronic means. Conduct regular security awareness sessions to educate them about the nature of phishing attacks and the importance of protecting company information.

2. Implement a Strong Access Control System: Ensure that only authorized personnel have access to sensitive areas and information. Implement password policies, multi-factor authentication, and regular audits of user accounts to prevent unauthorized access to the company’s computer systems.

3. Strengthen Email Security: Implement email filtering and scanning mechanisms to identify and block phishing emails before they reach employee inboxes. Provide guidelines on how to identify and report suspicious emails to the IT department.

4. Secure Document Disposal: Implement a document management policy that includes secure disposal methods for sensitive information. This could involve shredding documents containing sensitive information before they are discarded.

5. Physical Security Measures: Consider enhancing physical security measures, such as surveillance cameras, access card systems, and restricted areas, to prevent unauthorized access to the company premises and dumpster areas.

6. Incident Response Plan: Develop an incident response plan that outlines the steps to be taken in the event of a security incident or breach. This plan should include a clear communication strategy, escalation procedures, and collaboration with law enforcement and cybersecurity professionals.

It is also recommended to conduct a thorough security assessment of the company’s computer infrastructure to identify any potential vulnerabilities and address them accordingly. Regular monitoring and updating of security systems are crucial to staying ahead of emerging threats.

In conclusion, the strange incidents described by your boss may indicate potential security threats to the company’s computer infrastructure. By implementing the recommended measures, the company can enhance its security posture and mitigate risks associated with these incidents.

Need your ASSIGNMENT done? Use our paper writing service to score better and meet your deadline.


Click Here to Make an Order Click Here to Hire a Writer