ISOL531 Access Control Individual Project Equifax Breach Case Study

Anonymous
timer Asked: Feb 9th, 2019
account_balance_wallet $35

Question Description



For this assignment you are required to search the school library or the internet for two articles stating that the failure of access control contributes to a security breach. This breach could either be in a public or private organization. Please explain in an academic format:

PLEASE USE ATTACHED TEMPLATE FOR THIS

First Company

  • What type of breach occurred?
  • What was stolen? (if any)
  • How is access control to be blamed?
  • What security protocol would you put in place to ensure such occurrence does not reoccur?

Second Company

  • How did this breach occur?
  • What role did the lack of access control play in this breach?
  • If you were Lead Security Analyst for this company what strategies would you have implemented to reduce or eliminate this vulnerability?

Assignment Requirements

Please use the Individual Project (IP) title page provided in the course material folder. Your SA score should not be more than 30%. All paragraphs must be indented and have at least four complete sentences. You should also use sub-headers for each question. In-text citations and a reference list are also a requirement. Please ensure that all cited sources are credible. Write at least 2 paragraphs (each paragraph MUST have at least 4 complete sentences and a cited source) on each question.

Unformatted Attachment Preview

Running head: NAME OF COURSE 1 Student’s Name School Name Your Assignment Name (e.g. Week 4 Individual Project) Your Professor Name Date SHORTENED COURSE NAME 2 Abstract An abstract is a single paragraph, without indentation, that summarizes the key points of the manuscript in 150 to 250 words. The purpose of the abstract is to provide the reader with a brief overview of the paper. This template is based on 6thed of the Publication manual of the American Psychological Association. Note: an abstract is only required if the assignment calls for it. Consult with your instructor. SHORTENED COURSE NAME 3 Type Your Title Here Begin writing your paper with a .5” indent and continue the paper with an indent for each new paragraph. Heading Level 1, Centered, Boldface Heading Level 2, Flush left, Boldface, Uppercase and Lowercase Heading level 3, indented, boldface, lowercase ends with period. Heading Level 4, indented, boldface, lowercase, italicized, ends with period. Heading level 5, italicized, lowercase, ends with a period Note: Depending on the length and complexity of your paper you will use different levels of headings. SHORTENED COURSE NAME 4 References Encyclopedia, S. E. (1993). Article. In The new encyclopedia Britannica (vol. 38, pp. 745-758). Chicago: Publisher. Lastname, F. (2003). Book title: Subtitle. Sterling, VA: Publisher Name. Newspaper article without an author. (1993, July 15). The Washington Post, p. A12. Wittkopf, B., & Shaw, M. E. (2003, fall). Article title from the journal. Journal Name, 43(2), 1822. doi: 10:109.0932.9385.09 ...
Purchase answer to see full attachment

Tutor Answer

ProfJamesmiller
School: Boston College

Hello, I have completed the assignment. see the attached documents below. its nice working with you😇

Running head: ACCESS CONTROL

1

Student’s Name
School Name
Your Assignment Name (e.g. Week 4 Individual Project)
Your Professor Name
Date

ACCESS CONTROL

2
Abstract

This paper discusses access control as an essential solution to the recently prevailing data
breaches. It examines the factors that might have enabled previous cyber-attacks to two
corporations, Equifax and Target. Among the primary access control failures discussed are the
use of a single-level security system and an insufficient segregation policy. Target had this type
of data protection policy where only encryption was used to secure customer credit card
information in the system. However, an easily maneuvered network and an unencrypted memory
acted as vulnerabilities utilized by attackers in 2013 to steal more than 40 million credit cards.
Equifax had inadequate policies and procedures guiding information security employees. An unupdated patch of software is seen as the cause of breach if more than 148 million customers
information. This paper discussed multilayered and defense in depth security protocols as the
best access control processes. It also identifies that having policies that govern information
security teams and ensures their adherence to protocols and their vigilance and responsibility
reinforces the logical access control process.

ACCESS CONTROL

3
Access control
Introduction

Corporate cyber-attacks are becoming too familiar with data breaches flocking the news
almost monthly. Companies are paying millions of dollars for problems that could have been
prevented for far less. Access control is one of the solutions to securing sensitive and vital
customer and corporate information. It involved logical protocols that protect networks,
databases, and software and physical policies and procedures that protect hardware and
mainframes from remote and physical unauthorized access. This paper discusses that through
better logical and physical access control solutions companies such as Equifax and Target could
prevent a repeat of access control breaches.
Equifax Information Security Breach
Breach type
In the Equifax access control breach, attackers utilized a Struts vulnerability in one of
Equifax's online portals. An open source web application development framework, Apache's
Struts is a favorite tool for big enterprises around the world (Bals, 2018). An updated version of
the software was issued and communicated to information security personnel within 48 hours,
but Equifax failed to incorporate it in its online portal and hackers managed to use it to access the
credit reporting agency's system (Buhr, 2017).
As the most massive data breach in American History, Equifax's...

flag Report DMCA
Review

Anonymous
awesome work thanks

Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors