6-2 Activity Christensen

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

423

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

2

Uploaded by SuperHumanDolphin2076

Report
Jennifer Christensen IT-423 – Computing as a Science 6-2 Activity: Errors in IoT Design August 3, 2022 Error #1: No firewall between router/modem and cloud server All the IoT devices are connected to the modem through their wireless access point to access the internet. The modem is not protected from incoming attacks by threat actors via the cloud server. This error doesn’t require a redesign of the system since it can easily be added into the current design. A firewall sits between the cloud server and router/modem acting as a gateway to allow approved requests to flow through. A firewall can also be used to block requests from going out to the cloud server. This system can operate and function with this error. It isn’t a critical piece in the design to establish internet access for workstations and IoT devices. The best solution to correct this error is to incorporate a firewall in the design between the cloud server and the router/modem. The firewall will filter information, both incoming and outgoing, and can be configured to maintain your organization’s security protocols. For example, the firewall can be configured to block access to certain websites, deny internet access for any device, and keep records of the blocked activity. This solution would address the CIA triad issues created by not including a firewall in the design. The confidentiality of the network’s data would be preserved, the integrity would be stronger since the data is secured and accurate, and the availability of the network would be enhanced since it is more resilient to attacks and the data will be available. Error #2: The design uses a single, unprotected wireless access point Each workstation and IoT device are connected to the router/modem through a single wireless access point. This error doesn’t require a complete redesign of the system but does mean there must be changes. The system can operate and function with this error, but security is greatly compromised. The best solution to correct this error is to add a second wireless access point and enhance the security permissions of each wireless access point. Wireless access points have default functions and settings that should be manipulated to suit this organization. The default password must be updated to follow security policies and could use two-factor access codes to authenticate users. The wireless access point has a basic default name and broadcasts its SSID. The network name should be changed to a non-identifying name and the broadcast function disabled. Adding a second wireless access point does mean another hacker access point but is important so the system doesn’t have a single point of failure. The wireless access points themselves should be secured and inaccessible, usually in a high location away from people. This solution does address the CIA triad issues that could be caused. By updating the default settings and configurations, the data within the network will be protected. Error #3: IoT devices allow remote access via web applications
IoT devices like light bulbs, smart thermostats, and security cameras have remote access incorporated within their designs. This error doesn’t require a redesign of the system because it is more about user permissions and application access. The system can operate and function with this error, but IoT devices can allow easy access via remote applications if not configured correctly. If the system was hacked remotely, it would no longer operate as intended. The best solution to correct this error is to establish proper user credentials and permissions for each IoT device. For example, the security cameras should only be accessible by the office manager. Employees and guests should not be allowed remote access to the security cameras and their data. The remote web application must be set up with the office manager’s credentials and a secure password. All passwords established for user access of IoT devices should follow password policies, like updating the password every 6 months. Others would not be allowed remote access permissions for the security cameras. Each IoT device would need to have an established user that has control over the device and its outputs. The IoT devices can operate with set schedules so user access can be limited. Lights can turn off and on during set times of the day as well as the smart thermostat. User permissions should also be established for workstations, so they are inaccessible to non-authorized users. User permissions help address issues created by this error with the CIA triad. Its important that data remain confidential and by establishing user credentials and permissions, only authorized users can gain access to the network and its data.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CJ 305 5-0 Check your knowledge.docx
When discussing an example of a disaster or emergency where poor communications significantly hamper
6-3 Quiz.docx
Diss 8-1.docx
Lab 3 Instructions.docx
4-1 Activity Christensen.docx
Module Three Major Activity.docx
WEEK 7 QUIZE.docx
1-2 Activity Christensen.docx
7-2 Project Two Christensen.docx
WireShark Lab Ethernet and Home Networking.docx
IMG_0479.jpeg