Strategies For Managing Malware Risks - Paper Example

Introduction

Malware can be defined as an abbreviation malicious and software.as explained by Amphora (2015), the term has over the time been used to refer to software that is normally deployed will ill intentions. The concept of malware is also easy to deploy remotely. However, tracking the source of the same malware is considerably hard. This kind of combination has therefore enabled the aspect of commercial malware to help with the provision of the sophisticated black markets which are used for both the malware and kind of information that is collected. The demand for the sophisticated malware has also come with its drawbacks. This, to a larger extent, is brought by the fact that it is normally created majorly by the crime syndicates and in some cases brought up by the state-sponsored espionage agents. Various industries have benefited from the concept of malware application.one of the industries is the ranch and entertainment industry. The financial sector is also another area which has significantly benefited from the application of malware application and risk mitigation processes. This paper is therefore desisted to provide an IT solution to an organization which is known as the Cypress Ranch Vision. It will offer a solution which is pegged on computer magnate and networking in the organization.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Cypress Ranch Vision

Cypress ranch vision is an eye clinic. The organization runs on the basis that eyes are considered to be the overall indicators of the individual health. In light of this, the comprehensive care of the human eye in this clinic tends to go beyond the normal prescription of the glasses or the contact lenses. At the institution, the management is known for taking their time to get to know the client problem. Upon arrival, some of the very which are deemed significant by the organization include the eye problem history and the overall the client. With this kind of information the available, the clinic is able to provide for an expert care, options advice and also help with following up the needs of the client. This kind of information is stored on computers and other technologically enabled devices. When this occurs one of the challenges that the firm fasces ion most cases is the attack by various malware. To effectively faction, therefore, this paper will look at ways in which this malware can be prevented or mitigated altogether.

Understanding Risk Management and Malware

According to Microsoft, risk management is defined as a process whereby various risk are identified after which the overall impact of the risk is determined. In most cases, the overall process of attempting to put in place all the process and place a plan for the security risk management can be sometimes overwhelming. This could be so especially for the middle size business. In most cases, the possible factors which could be attributed to this could be lack of and lack of budget resources. In light of to this, to effectively facilitate the organization task of managing risk, there is a various process that will be followed during the research study. Some of these major processes include: assessing the risk the second step is the conduction of the decision support, third is the implementation controls and the fourth step is the measuring of the program effectiveness. However going through all could be having its own challenges some of the possible challenges that the study will highlight include the following; the availability of the common information, the existence of the common threat, the existence of the user education and some aspect of vulnerability.

Common malware threats In order to come up with some of the best solutions for malware, it will be prudent to look at some of the common malware family that the firm is likely to suffer from. Some of the malware that will be discussed in the paper comprises of the following;

The first form of, malware practice that will be looked at is the Backoff. According to Malhotra (2015), back off can be defined as malware family that normally draws ahead on the windows which are run point of sale system. There are normally used for the purposes of stealing the customers carded and data like names, mailing address, number. This kind of malware is considered to be having C2 component which for uploading some of the discovered data, down lading and also the execution of further malware and updating of the malware. The existence of the back off breaches may be in most case is significantly used to affect the business reputations...

Problem Statement or Project Purpose - As part of the contract with my client, Cypress Ranch Vision. I will be responsible for IT solution and maintain ace for computers and networking. The Company computers recently have serious issues with virus and malware attack, PCs are a very slow start-up and slow internet performance, the browser frequently crashed and Windows starts popping pop-up. I will propose a solution to the customer to fix the issues. Once the solution is approved, I will process the repair procedures to clean the virus. Routine performance checks will be conducted on the computers every month for 6 months to ensure computers are free of malware and virus. During 6 months warranty, if the same issues occur, the customer's PC will be fixed without any additional cost.

Possible Strategies That Will Be Used

In order to come up with the best strategy that will be used during the study. It is important to look at the possible solutions and strategies that can be applied during the study. The pear will look at both the advances and disadvantages of these strategies so as to come up with the best one so far. Some of the possible strategies that will be looked at in leg include; the first stage is an incident response; during this strategy, I will be able to; look at the treat vulnerability as some of the incidents and responds to some of these threats individually. It will also look at ways in which it can remediate quickly when it is exposed under pressure. The advantage of this strategy is that the aspect of fixing the highest risk vulnerability could be way better than doing nothing at all. Some of the possible cons which are associated with this kind of strategy include; first, it is associated with the constant loss of residual vulnerability risk. As explained by Malhotra (2015), this kind of strategy in most case will only be hitting the high profile vulnerability thus leaving various opportunities for the attackers. The second disadvantage is the fact that the strategy does not seem to root cause. In most case, an incident response strategy is in most cases unlikely to affect the underlying causes of the possible vulnerability proliferation which could happen within an organization. Finally, this kind of strategy is a potential threat for the stuff burnout. This is the most case has been identified as one of the problems which most of the organization will be facing, but most of the people will eventually get burned when they are responding to the emergencies when using this kind of strategy.

The second strategy that will be significantly looked at during the study is the aspect of asset focused. This kind of strategy is significant when it comes to the identification of the highest risk assets and it will also involve fixing them at first. Some of the possible

Major Security Threats In Health Cares

This section will look at the possible areas where the risk which is experienced in healthcare could be emanating from. With the increase of the mobile devices across the world, virtualized software's, social Maida, embedded devices and the aspect of customization of IT are some of the sources which have been identified to be posing risk to the healthcare departments.

Availability Of The Mobile Phones

This section will look at how the existence o and the evolution of the mobile phone are seen as a threat to the healthcare. The introduction of mobile phones is tremendously considered to be ubiquitous in the current society. Significantly, the number and also the type of devices which are used by the physicians, clinicians and nurses and also the administrative staff together with both the patients and visitors is seen to be growing in the healthcare departments .as much as mobile devices are good avenue for communication, this kind of devices are also launched and are continuously being upgraded for the operating system which is considered to be very ripe for infections. In cases where this has been identified as the problem one of the recommendations which have been significantly used is the use of network access control solutions. The use of NAC is significantly applied since it offers the ability for the clinic to identify each type of the user and the connected device. It is also used to help with the scanning the device in the health centre premises for possible threats. Finally, it provides for access which is usually based on the device and also the user role within the specific network. According to Martin & Hankin (2017), the use of NAC is also efficient in providing a view of network security status. This can be achieved across all brands of equipment and the devices which could be in operation at the premises

Embedded Devices

The availability of the amended network has since become the norm in most of the health centres with the increased use of tablets, mobile phones and Wi-Fi capabilities. Some of the areas in which they can provide possible threat include the medication scanners eye imaging devices, patient monitoring systems. however as much as they have been used in these areas, the amended network also provides for a strain on bandwidth and as such will significantly expose the network to some of the viri which probably are brought in by the host of the new connected devices which could be totally different from the traditional PCs. According to Martin & Hankin (2017), one of the possible recommendations to this kind of threat is the incorporation of the security solution that will significantly protect the integrity of the critical and in most cases the private data. When this is properly implemented, it has the ability to close any vulnerability gaps which could be available in the network.

The Virtualization From Desktops To The Serves

According to Martin & Hankin (2017...