The Exam Company which specializes in hosting online examina

The Exam Company, which specializes in hosting online examinations, has a home location in Boston, MA, and the company wishes to start transferring data to the new location in Miami, FL. The Chief Security Officer (CSO) is concerned about the secure transfer of data between the two locations via the Internet. The home location currently has a firewall it uses to connect to the Internet. You are a network administrator responsible for all network platforms and services. What network security risks exist and what recommendations would you provide to the CSO that would mitigate those risks in transferring data between the two locations?

Solution

The network security risks and ways to mitigate them are as follows:

1. Since the data transferred over internet is visible to people outside the organization, unauthorised parties can gain access to confidential and sensitive data. This is the biggest risk or transferring data over internet. Packet capture and sniffing are common ways to access data being transferred over the internet. The solution fot this is to allow only secured protocols like SFTP, HTTPS, SSH and others which use standard end-to-end encryption for data transmission. In such cases, encrypted messages are of no use even if they are captured.

2. Spoofing attack is also possible for internet data transfer. An attacker can pretend to be a sender and send harmful information to the receiver or it can pretend to be a receiver and access sensitive information. To prevent such attacks, authorization needs to be put in place between the source and destination using standard techniques like Password Authentication Protocol(PAP), Kerberos.