Addressing Equifax Breach: Solution Design for IT Governance, Assignments of Computer Networks

Download Addressing Equifax Breach: Solution Design for IT Governance and more Assignments Computer Networks in PDF only on Docsity!

Ronnie Earnest 10/9/ DeVry University Week 6: Course Project -Solution Design Barham Zuhdi

Solution Design

Solution Design to Address Equifax data Breach and Poor IT Governance Introduction The 2017 Equifax information breach brought to light the inadequacies in the company's IT administration engineering, which led to the compromise of classified data and genuine harm to the company's picture. In response to this occasion, Equifax must produce an intensive arrangement of activity that addresses the existing security issues and sets up a solid, initiative- taking structure for IT governance. This arrangement plan offers an exhaustive approach that covers work force preparation, security measures, arrangement updates, overseeing exterior providers, and nonstop enhancement techniques. By appropriately tending to these concerns, Equifax can resolve its IT administration issues, recapture the belief of partners, and guarantee the security and security of client information. Enhance Risk Assessment and Security Measures Urgently, one of Equifax's inside security tools' encryption certificates had terminated. Besides, the aggressors were able to get to the organization through a few distinctive endpoints. A web entrance that was not disconnected from the other imperative frameworks on the organize made it conceivable to take advantage of the shortcoming and get to the individual data of millions of clients. The Business Owner in charge of the (PII) information should have been able to anticipate such threats to its arrange and take initiative-taking measures to moderate them. Conduct an intensive chance evaluation to distinguish vulnerabilities in Equifax's frameworks and framework. Utilizing the discoveries of the appraisal, make and execute exacting security arrangements, methods, and guidelines. Needs ought to incorporate information encryption, arrange security, get to limits, and occurrence reaction conventions. By joining modern security innovations like interruption location frameworks, information misfortune avoidance apparatuses, and encryption strategies, the organization's security pose would be reinforced. Its inner systems' defenselessness to hacker(s) warrants the necessity for an alter ask. We will base our proposal to create more extreme powerless administration strategies on the circumstance that unfolded. Monitoring and Oversight Applying an ITIL (Information Technology Infrastructure Library) security administration framework to assign parts and duties. This will incorporate the proprietor of the company who directs putting the suitable securities and remedial activities in put to diminish the plausibility of a future breach influencing by and by identifiable data. Organize division, modern subnet creation, or arrange division. outstandingly pivotal frameworks, "The aggressors were able to move from the web entrance to other servers since the frameworks weren't satisfactorily portioned from one another," and devices for overseeing program resources, such as program

Cost and Impact Estimates Equifax is required to gauge the costs related to executing the arrangement, which may incorporate work force, instruction, innovation updates, and reviews. Also, it should to evaluate the potential impacts of progressed IT governance on client belief, notoriety administration, information security, and administrative compliance. Labor Hours for Implementation Allocate the essential number of labor hours for each stage of the solution's execution. This strategy incorporates bookkeeping for parts such as lawful direct, IT experts, security specialists, coaches, and inspectors. This estimation will empower asset allotment and timeline management. Scalability and Futureproofing The scalability of IT governance measures ought to be considered in the arrangement engineering as Equifax extends its operations. The conveyed arrangement ought to moreover take into thought any changes in directions and progressions in innovation to guarantee that it remains significant and compelling overall. Continuous Improvement and Feedback Loop Equifax must set up an input circle to get input from partners, representatives, and clients on how well the executed arrangement is doing. These comments will help IT Governance processes to be moved forward over time. Equifax may give a intensive arrangement that addresses the information breach and issues with lacking IT controls by carefully completing these numerous stages. This arrangement looks for to address current issues whereas too building up a strong, initiative-taking system for IT administration that acclimates to lawful measures and commerce targets.

Reference Equifax Data Breach FAQ: What happened, who was affected, what was the impact? CSO Online. (2020, February 12). https://www.csoonline.com/article/567833/equifax-databreach- faq- what-happened What is governance? A formal way to align IT & business strategy. CIO. (2017, July 31). https://www.cio.com/article/272051/governanceit-governance-definition-andsolutions.html What is patch management? – crowd strike. crowdstrike.com. (2024, February 4). https://www.crowdstrike.com/cybersecurity-101/patch-management/ Baird, P. (2021, September 28). How To Improve Patch Management. Info security Magazine. https://www.infosecurity-magazine.com/opinions/how-to-improve-patch- management/ Edwards, J. (2022, June 21). 7 IT governance mistakes - and how to avoid them. CIO. https://www.cio.com/article/401388/7-it-governance-mistakes-and-how-to-avoid-them.html