Order Now
Uncategorized

Critical Cyber Security Issues For Small Accounting Company JL

13 min read
Posted on 
April 22nd, 2025
Home Uncategorized Critical Cyber Security Issues For Small Accounting Company JL

Identified Security Issues

This report covers some of the security concern faced by a small accounting company JL. The company was established initially with only few employees but with the use of digital services they have expanded their services and employees. The company has expanded its services on online platform which in turn have increased the possibilities of security breaches. It is important to address some of the security breaches so that it couldn’t penetrate in the system. In this report, some of the security threats are identified that are faced by JL and then steps are designed so that security breach could be resolved. Some of the solutions are suggested to improve data security and then it is compared with other solutions so that best strategy could be selected (Hammargren, 2014). The present state of JL in terms of cyber security is quiet weak. Thus, it is required to improve the current situation. From the analyses, it was found that JL as a poor security measures as laptops do not have updated software’s that increases the chances of viruses and bugs. The spam messages received are very high thus this is due to poor security control. The passwords are shared between employees that increase the chances of cyber-attacks. Thus, in this report some of the policies are designed so that resources rate used in a best possible way and security behaviours are improved.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

In JL, there are various issues that need to be addressed some of the concerns are listed below:

  • Poor passwords-While analysing the present situation, it was found that security regards passwords were poor. As the right to access was not defined correctly and passwords were shared between employees easily. Thus, it is recommended to have strong passwords that are hard to crack (Hills & Batchelor, 2015). Due to poor passwords some of the business files of JL were leaked, thus it is recommended to maintain confidentiality and integrity by keeping the passwords safe. The passwords should be strong and should be changed on regular basis (Atgiller, 2015). .
  • Ransomware attack- It is a virus that spreads from one computer to other easily. The sensitive and confidential information is spread over the network. It is a cyber-threat that sometimes prevent user to access the information and then ask money to release the file (Robinson, Jones & Janicke, 2015). It is a common issue faced by small organisations. They are unaware about the attacks that are new in the market (Hammargren, 2014). Hackers corrupt the files and then ask for crypto currency in return for realising the files.
  • Phishing attack- This is attack that is processed so that all the sensitive data is read like passwords, username and credit or debit card details. It is a spam attack that is introduced in the system by the source of emails. If the email is accessed by the user then viruses enter the system and penetrate which increases the chances of information getting leaked(Abawajy, 2014). All the accounting and other information related to the company is stored on online platforms (Hills & Batchelor, 2015). Thus, it is important to secure the data so that information doesn’t get leaked.
  • Patch monitoring- There should be proper software that keeps track for the security concern in an organisation. The present scenario of JL states that there is no security software’s installed in the system. The poor patch management increases the chances of attack and vulnerability in the system (Korpela, 2015). The patch can be controlled by keeping the system updated or installing anti-virus software so that vulnerabilities do not penetrate deep into the system (Creative technolgy, 2015).
  • Authentication-The security concerns can be improved by maintaining authentication and making sure that only valid users are able to access the sensitive information. In case of JL, all the users are allowed to access others information. Thus, a proper access control list should be designed so that only valid users can modify or read the data (Korpela, 2015). It is an accounting firm thus it is important to keep the data confidential.

Some of the steps that should be taken by an organisation to secure the system are:

  • One of the security solutions that should be adopted by JL is keeping a backup of data packets (Itpro, 2015). Backing up of data is useful as if data gets lost it could be recovered easily. It is an easy and cost effective technique as it builds trust among customers.
  • Cryptography is one of the security tools that hide the meaning of file by encrypting the text that is not in a human readable form (Alotaibi, Furnell, Stengel & Papadaki, 2016). In case of JL, all the accounting related data should be encrypted so that even if the data is leaked the information is not accessed by the user (Itpro, 2015).
  • The devices and software should be certified so that system remains protected from all the viruses and malwares. It makes sure that viruses do not penetrate in the system.
  • The information should be monitored at regularly interval of time so that it is not leaked. System should be checked internally as well as externally so that no viruses penetrate in the system (Thornton, 2015).
  • The system software’s should be updated so that no infections hit the system. The updated software’s protect the system from all the internal as well as external bugs.
  • The overall risk can be reduced by installing firewalls, anti-viruses in the system so that information could be protected (Jajodia, Shakarian, Subrahmanian, Swarup & Wang, 2015).
  • It was found that employees of JL use to receive approximately 40 spam messages daily, this can be resolved by using spam filter. It reduces the chances of cyber security attack and fraud emails (Dobson, , Rege & Carley, 2018).
  • An access control list should be designed that allow only valid user to access the information (Jajodia, Shakarian, Subrahmanian, Swarup & Wang, 2015).
  • While analysing the present situation in JL, it was found that passwords are not strong thus passwords should be designed in such a way that they are not hacked easily (Colarik & Janczewski, 2015). The security can be improved by choosing strong passwords and keeping it confidential. It is also suggested that passwords should be changed at regular interval of time (Elder, Levis & Yousefi, 2015).  
  • The organisation should also have training sessions so that they remain aware about the security attacks that are penetrating in the market.
  • The hardware devices should be encrypted so that all the hardware related thefts could be eliminated (Dobson, Rege & Carley, 2018). The devices should be secure so that no bugs can hit the system.
  • In the research it was found that JL do not make use of any antivirus’s software. Thus, it is recommended that an organisation should have antivirus’s software so that it remains protected from all the threats and vulnerabilities (Alotaibi, Furnell, Stengel & Papadaki, 2016). Antiviruses are the barriers that stop viruses to enter in the system.
  • Recovery software’s should be used so that data breach does not occur. It is a best way as it helps in recovering the data at time of data loss.
  • The security can be maintained by defining an access control list that make sure that only valid users are allowed to access the information. It does not allow any unauthorised user to make any changes or modify the data.
  • The software should be downloaded from an authorised source so that right privilege is gained. It assures that correct approval is granted to people (Elder, Levis & Yousefi, 2015).
  • The other way is offering training sessions so that precautions are taken beforehand.
  • A communication channels should be secured so that communication take place in a secure way (Elder, Levis & Yousefi, 2015). It is suggested that network should make use virtual private networks that make sure that messages are transmitted from valid user to authenticated user (Colarik & Janczewski, 2015).  
  • One of the important security tools that can be used is intrusion prevention system. It is ways that do not allow unauthorised users to access the system. On the other hand, it also finds the bugs and removes it for entering into the system (Yunos, Hamid & Ahmad, 2016).

The solution that is suggested to improve data security is encryption and cryptography. It is a way in which data is decoded in a form that is not readable by human. It is a best way as even if the data is leaked it is not read by the humans. Thus, it makes sure that data remains confidential and it is not accessed by any unauthorised means. Encryption is a best way when compared to other technology. It also maintains the integrity of information by making sure that encrypted and sensitive data of an organisation is not leaked. This technology also maintains privacy of data as it makes sure that data is read only by the valid and authorised users (Arachchilage & Love, 2014). It is a best way as it protects the data by making sure it is accessed by valid user. It is an improved technology as it maintains integrity, confidentiality and availability of data. As it is seen that ransom ware attacks are increasing and in return they demand for money (Yunos, Hamid & Ahmad, 2016). Thus, if data is encrypted even they will not be able to access the data. Encrypting technology is one of the best methods to protect the data that is stored on online means (Dobson,  Rege & Carley, 2018). The data is decoded into cipher text that can be safely transferred from one location to another without the fear to information leakage. In case of JL, it stores all the accounting related data which should not be leaked. Thus encryption or cryptography is a best technology that makes data thefts a difficult task and reduces the chances of attacks (Arachchilage & Love, 2014).

Solutions to Overcome Security Issues

There are various security issues that need to be addressed; this section covers the breakdown of cost that would be needed by an organisation to address all the security concern. It was found that approx. 1200 dollar are needed to just keep the system updates and install all the security software in the system. The antiviruses that are used by an organisation also cost around 30-70 dollar (Dobson,  Rege & Carley, 2018). The cost of encryption depends upon the size and type of data. The other cost factor that should be included covers the hosting fees that will be needed to for bandwidth, SSL, domain renewals infrastructure and software licence. Apart from that to maintain the security it is important to have UI/UX update that is also included in the cost needed to address security issue. The maintenance cost is also needed that covers the periodic updates and security patches needed to improve security.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

From the analyses, it is recommended that to overcome the security issue JL need to adapt to some steps so that security concerns could be resolved. It is suggested that all the software’s that are used by the company should be updated, which reduces the chances of security concern. It is recommended that firewalls should be downloaded as it blocks the path of firewalls to enter the system. The username and password should be strong and should be kept protected so that information is not leaked. The number of spam messages are quiet high in case of JL, thus spam filters should be used so that this issue could be resolved. Apart from that various, policies and procedures are designed so that security could be maintained. The steps are taken to make sure that integrity, confidentiality and availability is met.

Conclusion

In this report, the present situation of JL is understood in terms of security. It was found that there are various shortcomings faced by the company in terms of authentication and security software’s. Security attacks are rising in today’s era attackers try to read the sensitive documents of various organisations this has led to development of unique security measures. The accounting information that is stored on the network has high chances of getting leaked. Thus, it is vital to safeguard the information from unauthorized access so that data is secure. It can be concluded from this research that cyber security allows the business to increase their efficiency by storing their information online.

References

Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237-248.

Alotaibi, F., Furnell, S., Stengel, I., & Papadaki, M. (2016, December). A survey of cyber-security awareness in Saudi Arabia. In Internet Technology and Secured Transactions (ICITST), 2016 11th International Conference for (pp. 154-158). IEEE.

Arachchilage, N. A. G., & Love, S. (2014). Security awareness of computer users: A phishing threat avoidance perspective. Computers in Human Behavior, 38, 304-312.

Atgiller. (2015). Cyber Warfare Advantages Disadvantages. Retrieved from https://sites.google.com/site/atgiller/cyber-warfare-advantages-disadvantages.

Colarik, A., & Janczewski, L. (2015). Establishing cyber warfare doctrine. In Current and Emerging Trends in Cyber Operations (pp. 37-50). Palgrave Macmillan, London.

Creative technolgy. (2015). Cyber Terrorism and Information Warfare. Retrieved from https://creative-technology-articles.blogspot.in/2014/12/cyber-terrorism-and-information-warfare.html.

Dobson, G., Rege, A., & Carley, K. (2018, March). Virtual Cyber Warfare Experiments Based on Empirically Observed Adversarial Intrusion Chain Behavior. In ICCWS 2018 13th International Conference on Cyber Warfare and Security (p. 174).

Elder, R. J., Levis, A. H., & Yousefi, B. (2015). Alternatives to Cyber Warfare: Deterrence and Assurance. In Cyber Warfare(pp. 15-35). Springer, Cham.

Hammargren, P. O. (2014, December). Cyber warfare. Uppsala Forum on Democracy, Peace and Justice, and the Swedish Institute of International Law (SIFIR)-Uppsala universitet.

Hills, M., & Batchelor, G. (2015). Hard targets and an immune response: how information warfare and special force perspectives can deliver competitive advantage in mitigation and management of cyber crisis, 67-90.

Itpro. (2015). what is cyber warfare. Retrieved from https://www.itpro.co.uk/security/28170/what-is-cyber-warfare.

Jajodia, S., Shakarian, P., Subrahmanian, V. S., Swarup, V., & Wang, C. (Eds.). (2015). Cyber Warfare: Building the Scientific Foundation (Vol. 56). Springer.

Korpela, K. (2015). Improving cyber security awareness and training programs with data analytics. Information Security Journal: A Global Perspective, 24(1-3), 72-77.

Robinson, M., Jones, K., & Janicke, H. (2015). Cyber warfare: Issues and challenges. Computers & security, 49, 70-94.

Thornton, R. (2015). The changing nature of modern warfare: Responding to Russian information warfare. The RUSI Journal, 160(4), 40-48.

Yunos, Z., Ab Hamid, R. S., & Ahmad, M. (2016, July). Development of a cyber security awareness strategy using focus group discussion. In SAI Computing Conference (SAI), 2016 (pp. 1063-1067). IEEE.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now