...Security Assessment for Aircraft Solutions Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 Hardware Vulnerability – Absence of a Firewall 4 Policy Vulnerability – Lack of Timely Updates 5 Recommended Solutions 6 A Hardware Solution 6 Impact on Business Processes 9 A Policy Solution 9 Impact on Business Processes 10 Summary 10 References 12 Executive Summary This report will seek to evaluate and address security weaknesses with the Aircraft Solutions company. As security weaknesses are pointed out relating to hardware and policy weaknesses, recommendations will be made to Aircraft Solutions to be examined and hopefully implemented to improve IT security operations. Aircraft Solutions, located in Southern California, recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. In reviewing Aircraft Solutions and its operations, uncovered were security vulnerabilities. Two vulnerabilities that were evident were issues with a lack of firewalls and the current security policy in place that is reviewed only every two years. Recommendations have been made that made help to remedy these vulnerabilities through the use of virtualization and by changing the security policy to be evaluated semi-annually instead of every two...
Words: 2450 - Pages: 10
...SE571 Principles of Information Security and Privacy James Smikonis Week 3 Project March 18, 2012 Professor George Danilovics Security Assessment and Recommendations A report needs to be assessed for Aircraft Solutions. This report consists of a security assessment that exhibits all founding flaws in their system, as well as giving AS a report regarding their current infrastructure. Aircraft Solutions is a component fabrication and equipment company that delivers different architectural designs. One of their specialties is establishing communications and solutions to defense, commercial, aerospace industries. The employees at AS are fully qualified for the tasks they entail hence making their workforce more efficient and supplying outstanding service. The purpose of this assessment is to investigate the weaknesses that are presented in the operations of Aircraft Solutions (AS). While conducting this assessment, we will expose vulnerabilities; give an analysis of any relative threats, risks that will be addressed and a comprehensive analysis of the relative threats and consequences pertaining to this mission. Assessment and Investigation After carefully examining the three sections pertaining to Aircraft Solutions, we found that policy and hardware related issues require special attention. We found that Aircraft Solutions does not utilize any firewall between the commercial division and the Internet Gateway. In fact, we exhibited that the Department Defense routes...
Words: 907 - Pages: 4
...Running head: AIRCRAFT SOLUTIONS AIRCRAFT SOLUTIONS Keller Graduate School of Management SEC 571 Principles of Information Security and Privacy Abstract An assessment of Aircraft Solutions (AS) as to what Security Vulnerabilities that might be found, two areas discussed are Hardware & Policy weakness and impact. Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 2 Hardware Vulnerability …………………………………………………..…….....2 Policy Vulnerability……………………………………………………………….3 Recommended Solutions 5 Hardware Vulnerability 5 Policy Vulnerability 8 Impact on Business Processes 9 Summary 11 References 12 Executive Summary The purpose of this paper is to explore and assess computer security as it relates to Aircraft Solutions. When we talk about computer security, we mean that we are addressing one or all of the three important aspects of any computer-related system: confidentiality, integrity, and availability. One of the challenges in building a secure system is finding the right balance among the goals, which often conflict. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on...
Words: 1902 - Pages: 8
...Aircraft Solutions Security Assessment Phase 2 Table of Contents Executive Summary ……………………………………………………………………..1 Company Overview ……………………………………………………………………..1 Assessment ……………………………………………………………………………….2 Security Vulnerabilities …………………………………………………………............2 A Hardware Firewall Vulnerability …………………………………………………....2 A Software Policy Vulnerability ………………………………………………………..3 Recommended Solutions ………………………………………………………………..5 A Hardware Firewall Solution …………………………………………………...........5 A Software Policy Solution …………………………………………………………….6 Impact on Business Processes …………………………………………………………6 Budget …………………………………………………………………………………....7 Summary ………………………………………………………………………………....9 References ………………………………………………………………………………10 Aircraft Solutions Executive Summary Aircraft Solutions (AS) desired a security assessment to highlight the company’s vulnerabilities. AS is a highly esteemed leader in the design and component manufacturing enterprise those solutions can be used within the business applicability of the electronics, commercial, defense and aerospace industries. There were discovered hardware and software vulnerability of non-firewall at the commercial division and software policy updates. The solutions that will be presented are to purchase a firewall system and update the policy update timeframe within the standards that will be introduced from...
Words: 2065 - Pages: 9
...Aircraft Solutions: Security Assessments And Recommendations Session: March 2012 Security in Computing Professor: Randy Strauber BACKGROUND Aircraft Solutions (AS) located in beautiful southern California has become a recognized leader in the electronics, commercial, defense and aerospace industries. This is due their design and fabrication of component products and services available to their customers in the various industries. What set Aircraft Solutions apart from other design and fabrication companies are their dedicated, trained workforce and the maintenance of a large capacity plant and extensive equipment that enables the company to meet customer requirements. The company is made up of a large highly skilled work force that works its highly automated production systems from design engineers, programmers, machinists and assembly personnel. Aircraft Solutions goals are to provide excellent customer service and success through its machined products and services. This is achieved while at the same time keeping their cost, quality and scheduled deliveries in check. The main headquarters for Aircraft Solutions is currently in San Diego, California, while their Commercial Division is located 40 miles east of headquarters and the Defense Division is located in Santa Ana, California. Security Weakness In reviewing the current business process, geographic layout, current IT architecture and network infrastructure there were some security...
Words: 677 - Pages: 3
...Running head: Security Assessment and Recommendations Week 6: Weaknesses Assignment Phase II- Security Assessment and Recommendations SE571 Principles of Information Security and Privacy Introduction Aircraft Solutions (AS) is a renowned equipment and component fabrication company with the capability to provide full range designs and implantation solutions to different sectors such as defense, aerospace, commercial and electronics industries. This paper discusses the possible recommendations based on the security assessment conducted in Phase 1, and proposes possible changes in order to ensure the safety of AS networks. The Company owns an enormous production plan which promises to deliver high quality solutions for targeted at various industries. It is equipped with a team of excellent and highly qualified professionals who cater to various needs of different industries. This paper intends to find possible solutions to bridge the gaps as found in the investigation in Phase 1. The weaknesses that are being addressed are the firewall configuration, virtualization of their hardware assets and defining and revisiting their security policy regarding firewall configuration and updated software at least twice a year. Brief overview of the Vulnerabilities in AS After a thorough investigation of the IT architecture and systems of the Aircraft Solutions, two main concerns were identified as the priority items that needed attention. The first was hardware related concern and was...
Words: 1692 - Pages: 7
...Security Assessment and Recommendations – Phase I Submitted to: Farhan Farrukh SE571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: March 18, 2012 Table of Contents Company Overview 1 Security Vulnerabilities 1 Policy Vulnerability 1 Hardware Vulnerability 2 Company Overview With three sites strategically located for global reach, headquarters in San Diego, California, The Defense Division (DD) in Santa Ana, California, and the Commercial Division (CD) 40 miles east of San Diego County, Aircraft Solutions has developed a dedicated and trained work force focused on providing its customers in the electronic, commercial, defense, and aerospace industry with great design and fabrication of component products and services. The mission of Aircraft Solutions is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. The company’s strategy is to offer low-cost design and computer-aided modeling packages to customers to reduce their development expenses. Two Security Vulnerabilities Policy Vulnerability One of the major threats Aircraft Solution’s systems faces, under its current configuration, is its data vulnerability to unauthorized access. Data is consistently being accessed and modified by people such as employees, customers, suppliers, and contractors through...
Words: 605 - Pages: 3
...Aircraft Solutions: Security Assessment and Recommendations Phase I and Phase II Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 A Software Data Loss/Data Leak 4 A Hardware Firewall 5 Recommended Solutions 7 A Software Example Solution 7 A Hardware Example Solution 8 Impact on Business Processes 9 Summary 10 Appendix 11 References 17 Executive Summary Aircraft Solutions is aircraft Design Company that allows internal and external users to access its system. As a result of this, the company has made itself vulnerability to certain threats. This paper identifies two vulnerabilities. One is the threat of data loss or data leak. The other is intrusion by way of the internet firewall. Based on the known vulnerabilities, it was recommended that the Check Point Software Blade application is used to prevent the data loss and the Check Point Power-1 appliance be used to address the firewall vulnerability. Company Overview Aircraft Solutions (AS) design and fabricate component products and services for companies in the electronics, commercial defense, and aerospace industry. The mission of AS is to provide the customer success through machined products and related services, and to meet cost, quality, and scheduled requirements. Aircraft Solution uses Business Process Management (BPM) to handle end to end processes that span multiple systems and organizations. BPM system is designed to connect...
Words: 2691 - Pages: 11
...SE571 Course Project: Security Assessment and Recommendations Overview This course does involve a lot of technical information and theory but, what really matters is how this knowledge can be used to identify and remediate real-world security issues. What you learn in this course should be directly applicable to your work environment. The course project that you will complete is designed to further this goal. In the first part of the project you will choose an organization from one of two given scenarios (below), identify potential security weaknesses, and in the second part of the project, you will recommend solutions. The first part of the project is due in week 3, and the second part of the project, along with the first part (presumably revised based on instructor feedback) is due in week 7. This project constitutes a significant portion of your overall grade. This is an individual assignment and may not be completed in teams. ------------------------------------------------- Phase I In this phase you will choose either Aircraft Solutions or Quality Web Design as the company you will work with. You will then identify potential security weaknesses. Security weaknesses – You must choose two from the following three areas: * hardware * software * policy (excluding password policies) and identify an item that requires improved security. To clarify: you must identify ...
Words: 914 - Pages: 4
...CMGT 582 Security and Ethics August 27, 2012 Riordan Manufacturing Security Analysis Executive Summary With today’s businesses and the global competition, a company needs to protect business information secure and place classifications on information and the information systems. The following executive summary is regarding Riordan Manufacturing (RM) with a complete security analysis for how secure the organization’s information systems are. The security analysis will review a security risk assessment, security controls, and the company policies and government mandates for regulations regarding legal and ethical issues for information systems. One of the first steps to completing a security analysis is to performing an audit for the following: * Identify security best practices * Evaluate the current policies and effectiveness * Consider current and future legal and ethical issues * Security risk assessment * Security life cycle issues * * Configuration management, annual reviews, design, implementation Once the security audit is complete, RM can determine the level of effectiveness for security management and protecting the company’s major assets. The security audit will allow management to determine the top risk found during implementation and the best practices. The top risks and best practices found are from conducting the audit through observation, document review, interviews, and web-based questionnaires. The executive summary...
Words: 877 - Pages: 4
...1.0 Introduction Flat Cargo Berhad (FCB) is an air freight services and ground handling company. Its company’s operations cover Asian Pacific region including China, Japan, Thailand, Singapore and many more. Their main customers are United Parcel Services (UPS), City Link and Nationwide Express. The main shareholder for FCB is Bangor Sdn Bhd which is part of Miri Group represented by 26.5% of the company interest. Kencana & Associates is the auditor company that audit FCB’s account. The leader of the auditors is Mr Chuah Mun Soong. The auditing team found some irregularities in accounting record of FCB. There are two parties which Mr Chuah has to report, they are his superior, Mr Keong Chee Wah and FCB Audit Committee. However, Mr Chuah concerns that FCB might have a fraud due to the past experience such as Media Com and Blue Vital. 2.0 The Root Cause of the Problems As per our discussion about this case study, we managed to find out several root cause of the problems. 2.1 Rising of Oil Price The first root cause is the rising in oil price in the year 2005. In the year 2005, there was an international crisis occurred with the exceptional increase in oil prices. The hike started in mid-2004 at US$40 per barrel but eventually, the increase continued to stages of US$50, US$60, US$65, US$70 and US$80 per barrel. The price hike in fuel surcharges drastically affected the freight forwarding industry significantly because of its reliance on fuel for operations. This...
Words: 2524 - Pages: 11
...identified in 14 CFR 139. Security systems, methods, and procedures within the construction and operational process are the obligation of TSA. The Federal Security Director (FSD) is the designated TSA official that approves the required Airport Security Program (ASP) document, the document identifies how the airport will meet security requirements. The FSD and local FAA Airports Division officials should be consulted during all phases of the project. Airport operators must integrate a Safety Management System process into their overall plan in accordance with FAA rules. Airports must establish hazard reporting systems, a risk assessment process, and a risk mitigation and assurance process with the participation of airport management. The best way to implement security in a facility is through advance planning and continuous monitoring throughout the project. Selecting, constructing, or modifying a facility without considering security for the general public, the facility, passengers, and airport and air carrier personnel can result in costly modifications. All physical security upgrades should be based on applicable Federal, State, and local laws, regulations, and policies to ensure the protection of all persons and assets (including information systems and data). At a minimum,a physical security approach should include: 1. A vulnerability assessment, including a check of regulatory compliance (refer to Appendix A) to evaluate the existing security at an operational airport...
Words: 6328 - Pages: 26
...day, two other hijacked airliners were flown to other targets, one of which was the Pentagon, the seat of America’s military might, while the fourth aircraft crashed in a Pennsylvania field, believed to have been due to its passengers fighting back to regain control. While these incidents are certainly not the latest terrorist attacks against civil aviation, these attacks are significant in the sense that its aftermath truly changed the course of history of many nations and radically changed the lifestyles of many peoples. The earliest recorded terrorist act was on September 9, 1949, when a bomb was placed and exploded in a Quebec Airways flight in Canada. Since that first recorded aviation security breach, security experts had been trying to be one step ahead of the terror groups in hardening aircraft and airport targets against all forms of terrorist attacks. However, on July 22, 1968, three gunmen from the Popular Front for the Liberation of Palestine (PFLP), hijacked a passenger airliner of the Israeli airline El Al, on a flight from Rome to Tel-Aviv, and demanded the release of their comrades-in-arms who were imprisoned in Israel. While this may not be the first case of civilian aircraft seizure during that year, this operation was qualitatively different in its content and ultimate aim. It was the first time that an aircraft had been hijacked not out of criminal motivation or for personal reasons, but with the specific goal of politically pressuring an opponent and using...
Words: 17180 - Pages: 69
...Table of Contents Executive Summary 3 Company Overview 3 Vulnerabilities 3 Hardware Vulnerabilities 3 Policy Vulnerabilities 6 Recommended Solution - Hardware 7 Impact on Business Processes 10 Recommended Solution – Policy 10 Impact on Business Processes 11 Budget 11 Summary 11 References 13 Executive Summary The purpose of the report is to assist Aircraft Solutions (AS) in indentifying the most significant Information Technology (IT) security vulnerabilities. AS products and services are at the forefront of the industry and the protection of such is very important as they are an industry leader. The vulnerabilities that will be discussed are the firewall configuration, virtualization of their hardware assets and defining security policy regarding the timeliness of firewall configuration and updates. Company Overview Aircraft Solutions, headquarters located in San Diego, California develop and fabricate products and services for companies in the electronic, commercial, defense and aerospace industries. AS is made up of two (2) different divisions, the Commercial Division and the Defense Division. The Commercial Division is located in Chula Vista, CA and the Defense Division is located in Santa Ana, CA. AS company strategy is to offer low cost design and computer aided modeling packages to companies and assists them through the lifecycle of their product in an effort to save money for the consumer while profiting from their business....
Words: 2440 - Pages: 10
...PHILIPPINE AIR FORCE AIR EDUCATION AND TRAINING COMMAND AIR FORCE OFFICER SCHOOL Col. Jesus Villamor Air Base, Pasay City COMMANDANT’S PAPER THE IMPACT OF INTERNAL SECURITY OPERATION IN THE STRATEGIC MANAGEMENT OF AIR DEFENSE WING CHAPTER I THE PROBLEM AND ITS SETTING 1.1 INTRODUCTION "Victory smiles upon those who anticipate the changes in the character of war, not upon those who wait to adapt themselves after the changes occur." - Giulio Douhet, Command of the Air A fitting quotation by Douhet for the case of Air Defense Wing wherein the organization was not able to anticipate the streamlining strategy of the government, leaving the Wing no choice but to adapt to the changes in the Command’s thrust of prioritizing Internal Security Operations rather than Territorial Defense Operations to prove its relevance as one of the primary unit of the Philippine Air Force. Caught unprepared of the significant changes in governments thrust, ADW is now suffering in terms of its force structure and budget allocation as it continues to fight for its relevance and existence as one of the premier unit of the PAF. The Background and Rationale of the Study Budget Allocation Statistically, the lowest percentage of allocation in National Budget is in Defense. Debt service gets the biggest share in the proposed budget at 34.1 percent. Social services and economic services follow with 27.9 percent and...
Words: 19632 - Pages: 79
