Topic 4- Organization Systems and Network Diagram
.docx
School
Grand Canyon University**We aren't endorsed by this school
Course
CYB 650
Subject
Information Systems
Date
Dec 28, 2024
Pages
8
Uploaded by JusticeFogTurtle567
Dorita AdamsTopic 4: Organization Systems and Network DiagramNovember 21, 2024
There are a lot of chances due to the quick development of communications and technology. Digitizing business operations and service access resulted in enhanced performance, reduced and streamlined servicing time, improved accuracy, and optimized costs. However, this transition introduces the risk of unauthorized access to sensitive information by hackers. Conducting a cybersecurity risk assessment is essential to educate staff about potential threats, their origins, and their potential impact on business operations. This study aims to provide an organizational-level cybersecurity risk assessment for DCS Communication Center Company, focusing on its resources, vulnerabilities, and potential risks.DCS Communication Center Company offers a comprehensive range of services, including inbound, outbound, and back-office call center solutions. Servers, client contact details, private partner documents, and trade secrets are examples of IT assets. Hardware and computing devices are examples of physical assets; data and software are examples of electronic assets. Additionally, not every asset has the same worth. Some have greater risk exposure, and some are more expensive than others. There must be documentation. This includes recommendations, audit assessment reports, security policies, and backup strategies (Cybersecurity Framework for Jordan Banking Sector, 2021). Examples of cybersecurity vulnerabilities include issues related to availability, confidentiality, and integrity. Attacks targeting an organization can manifest in various ways. Thestudy identified key contributing factors, including telecommunications (internet and governance), human elements (such as intrusion motives and hacker psychology), hardware and software of information systems, as well as operating systems (their fundamentals and protective measures). Additionally, risks at the forefront are primarily associated with physical security and both intentional and unintentional human actions.
These elements need to be carefully examined (CISO, n.d.). Office of the Chief Information Security Officer, 2019).Vulnerabilities include: • Human error and poor data management • Administrators connect, configure, cool, secure, and supply a large number of devices. • Equipment and hardware malfunctions and damage. • Relying on the central server in Germany for data backup. Risks include: • Client dissatisfaction and harm to the telecom businesses' reputation. • More vulnerability to hackers and data loss, as well as the utilization of cost-effective resources. • Data loss and reputational risk. Technical training and awareness should be provided to every employee in order to reduce any risks associated with human intervention. Implement appropriate application controls,monitoring protocols, and internal or external audits to address software-related issues. Enhance data protection through additional backup and restoration processes. Incorporate specialized hardware, such as voice response generation cards connected to main servers, to facilitate the integration and management of phone conversations.
DCS Communication Center Company effectively mitigates security threats through network segmentation, optimizing time, resources, and access control for each segment. Each branch or segment with remote agents or users is equipped with a Cisco voice router featuring packet filtering configured within a firewall. Additionally, one branch utilizes a specialized firewall, the Cisco Unified Computing System (UCS), as part of its data center infrastructure. Local agent branches are supported by SIP proxy servers, backup servers, and other telephony systems. All external networking devices are integrated via VOIP Gateways, which connect seamlessly to the VOIP Systems.Telephony systems are enhanced with self-service features and advanced functionalities, such as a call flow designer. The computing infrastructure primarily consists of Windows-based laptops and workstations integrated with Cisco call center software. The system operates on a high-bandwidth, high-speed ISDN network. All SQL servers run SQL Server 2021 with recurringbackups, ensuring data reliability. Voice routers are equipped with redundancy-enabled firewalls for enhanced security. Additionally, Salesforce.com, a fully cloud-based CRM platform, is utilized to gather, store, access, monitor, and analyze customer data via a unified dashboard. The system is user-friendly, allowing operation and management without the need for IT specialists.
IT must ensure that cell phones, networking devices, and systems remain up-to-date. Business-grade antivirus software should be installed on every computer or device connected to the network. To safeguard against malicious activity, Network IDS/IPS systems should be implemented at the VLAN level to filter incoming internet data, monitor network activity, and respond by reporting, blocking, or dropping threats. Network-level firewalls must also be mandatory to prevent security breaches. IT should report and document any network issues to ensure that changes are accurately recorded for PCI compliance. Additionally, weekly system performance reports should include periodic data backups, restoration records, Disaster RecoveryPlanning (DRP), and Business Continuity Planning (BCP) updates.VPNs establish internet connections at the router-to-router level, encapsulating data through tunneling protocols such as PPTP or L2TP and securing it with encryption protocols likeMPPE or IPsec before transmitting over a public network. On Windows operating systems, the Connection Manager tool can facilitate connections to VPNs or dial-up networks. This communication is routed through a firewall to protect against malware and application-layer attacks.All hard drives are encrypted using HP Bit Defender for enhanced security. RADIUS provides centralized authentication, authorization, and accounting services, utilized by SQL servers. The organization adheres to a Clean Desk Policy, prohibiting handwritten notes and sensitive documents in the workplace, particularly when transmitting data over the network. Physical access to sensitive customer and payment data is tightly restricted. Recording systems are integrated with the CRM system to automatically pause recordings in response to specific agent actions—for instance, muting call recordings when sensitive information such as account numbers or security codes is shared. Wireless traffic to local agents is secured with a disabled
SSID and protected by a strong password. Multi-factor authentication (MFA) is employed where necessary. Additionally, passwords for networking devices and administrative credentials are automatically reset every three months to enhance security.The network diagram for DCS Communication Center Company's local agents is structured using VLANs. A suite of resources—including agents, computers, telephony software,and related equipment—ensures customers receive the services they require through the inbound call center. When a call originates from the PSTN, the VoIP gateway encodes the signal for transmission over an IP network. Conversely, if voice traffic originates from the IP network, the VoIP gateway decodes and decompresses the signal before routing it through the PSTN. According to Tupia's (2009) research, IVR permits users to successfully exit the system after
resolving their questions and self-serve without losing time in subsequent line waits. When consumers dial specific numbers, the PSTN utilizes available trunk lines to route the call to a Private Automatic Branch Exchange (PABX). The PSTN identifies calls using two key pieces of information: the Automatic Number Identification (ANI), which is the caller's originating number, and the Dialed Number Identification Service (DNIS), which is the number dialed by the caller. If no trunk line is available, the call is denied, and the caller receives a busy signal. According to Akhtar and Latif (2010), when a consumer contacts an inbound call center, various call handling and routing technologies leverage ANI and DNIS data to connect the call to the nearest available agent, based on the client's location.To enhance security, a network of intrusion detection systems (IDS) is integrated with intrusion prevention systems (IPS) to filter internet data before it reaches the VoIP gateway. Callsare initially routed through the PABX to the Interactive Voice Response (IVR) system, where users input data, such as Customer Reference Numbers (CRN), using their phones or software. Agents operate from laptops or PCs with shared access to a centralized Corporate Information System. The IVR gathers customer details and cross-references them with the caller's CRM record, ensuring agents receive both customer and call data when the call is transferred. This allows agents to quickly identify callers and provide optimal service.To enhance productivity and streamline centralized management, a UCS server with an integrated firewall manages networking, storage, and computing resources at the router-to-router VPN level. Backup and recording servers are maintained both locally and in the cloud, ensuring reliable storage and accessibility.
ReferencesCISO. (n.d.). Office of the Chief Information Security Officer. (2019). The Office of the CISO. https://ciso.uw.edu/2019/05/23/mitigating-sql-injection-sqli-vulnerabilitiesCybersecurity Framework for Jordan Banking Sector: Vol. v1.0.(2021, April). Central Bank of Jordan.Tupia, M. (2009). Auditoría de sistemas de información basados en la tecnología IVR (Interactive Voice Response) para centros de atención automatizada (Call Centers).In M. Groppo (Ed.), Proceeding of Congreso de Información y Comunicación para la Sociedad del Conocimiento CNIT (pp. 1–17). CORDOBA. SADIO Sociedad Argentina de Informática. Recuperado de: http://www.cnit2009.org.ar/.Akhtar, S., & Latif, M. (2010). Exploiting Simulation for Call Centre Optimization. Proceedings of the World Congress on Engineering 2010 Vol III. WCE 2010, London, UK.