Kudler Fine Foods It Security Report

Introduction

Kudler Fine Foods’ new rewards program is currently in the design stages. Smith Services Consulting offers the following report as to security concerns as work on this project commences. These security concerns are categorized by development phase, and outline some main points to consider at each phase to ensure this project is seen to completion with as little issue as possible.

Analysis

An analysis of the system for Kudler Fine Foods was conducted and a few potential

threats were discovered in several areas of the system. The potential threats are as follows:

One possible area that could be infected is the company network. The potential threats

this area is facing include brute force attacks and also dictionary attacks. Both attacks aim

towards gain access to the system via usernames and passwords. It may also be vulnerable to malware or malicious software as it’s been known lately that even some trusted websites are being infected. Recently, denial of service attacks has become an even bigger problem with the introduction of Ransomware. Ransomware is malicious software that blocks all users access to the system a ransom was been paid.

Another area that could also be in danger is the database server. A potential threat the database may face is SQL injection attacks. These could potentially destroy your database. SQL injection is technique where hackers can a inject SQL commands into a statement using web page input. These commands can be used to alter the website, steal data, or even erase the data. A smart hacker could even gain access to all the usernames and passwords. SQL injections compromise the security of web applications.

The email system is another area that could be in danger. Emails have made the spread of viruses and malware increase at a very fast rate. They may contain fraudulent links that, once clicked on, could install malicious software on user’s computer or even into the entire system. One case of ransom where was introduced into a system happened because someone clicked on a link that was sent to them in an email. Usernames and passwords are one of the most common areas that could be infected. They can be used not only to steal a person’s identity, but just to gain access to the system and cause any number of havoc possible. The worse part of this is that cause of the havoc may end up traced by to the one whose username and password was stolen.

The transmission of data could be in danger due to man-in-the-middle attacks. The man in the middle can intercept exchange of data and encryption codes. They can use to method

to steal and/or modify the data to suit their needs. A more secure connection and some sort of protection will definitely