Order Now
Uncategorized

Cyber Security Recommendations For JL

13 min read
Posted on 
April 24th, 2025
Home Uncategorized Cyber Security Recommendations For JL

Analysis of Cyber Security Issues

In this report cyber security of a small accounting company JL has been analysed. The company started the journey with very few employees and slowly it had entered digital market by offering online services to the customers. Online marketing has increased eth chances of security breaches thus it is important to address the security issues by finding out the solutions (Buczak & Guven, 2016). In this report the possible security threats that can hit the system are found and the ways in which issue could be addressed is analysed. The solutions to improve cyber security are compared with the other approaches so that best outcome could be obtained. The current situation of the company in term of cyber security is quiet weak as none of the laptops have any security software’s, poor security controls as the passwords are not strong. The number of spam message received is very high, unaware about the latest security threats as they even paid a huge amount at time of ransom ware attack (Buczak & Guven, 2016). There are currently no policies or rules guiding employees on how to best utilise resources and conform to ideal cyber security conscious behaviours. Thus, this report will help in resolving all the concerns.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper
  • Ransom ware- It is the bane for cyber security as it spreads the virus from one customer by spreading the sensitive information over the network. It is one of the fastest growing cyber threats as it prevents the users to access their personal files and then demand the payment from the users to release their file (Gupta, Agrawal & Yamaguchi, 2016). This issue was also faced by JL as their files were corrupted and the access was denied to the valid users. Thus, hackers then asked JL to send some crypto currency or payment through credit card to release their confidential data (Gupta, Agrawal & Yamaguchi, 2016).
  • Poor Passwords- In case of JL, every employee has the right to access the information of other. As there is no strong authentication or security concerns. Thus, due to poor passwords the information gets leaked over the network (Todev, 2015). The business contains sensitive and confidential data thus passwords should be strong so that only authenticated users are able to access the information (Rawat & Bajracharya, 2015). The passwords should be strong so that hackers are not able not break it.
  • Patch management- In case of JL, there is no security software installed in the system. Due to thus reasons networks are not secured and viruses enter the system through the spam messages (Todev, 2015). The attacker’s attack the system due to poor patches management as they allow vulnerabilities to enter the system and spread through the network. This can be controlled by updating the system and protecting it from all the vulnerabilities by installing anti-virus software.
  • Phishing- It is one of the criminal processes that try to read the sensitive data like username, password and some credit card details. It is a spam attack that is carried out by emails (Ibrahim, Hamlyn-Harris & Grundy, 2016). If the link or message is accessed by the victim then the sensitive information has the chance to get leaked. In case of JL all the data is stored online thus it is important to secure the data (Ibrahim,  Hamlyn-Harris & Grundy, 2016).
  • Authentication- Cyber security issue that should be addressed immediately is making use that authentication is done correctly (Wells, Camelio,  Williams & White, 2014). Only valid users are given right to access the data. This could be done by designing an access control list. It is an accounting firm thus every user should not have right to make modifications so that data remains confidential (Wells,  Camelio,  Williams & White, 2014).

It is important to safeguard the system and this could be done by undertaking various steps.

  • One of the most important security tools is cryptography that is used to hide the meaning of information by keeping eth data confidential. It is needed in JL as it deals with accounting data (Perakslis & Stanley, 2016). Cryptography encodes the data in such a way that it is not in readable form. Even if the data is leaked it is not read by the correct user (Perakslis & Stanley, 2016).
  • Backing up the data is another way through which business is protected and the trust of customers is maintained (Abomhara, 2015). The data should be backed regularly so that in case of failure it could be recovered easily. Backing up the data is a cost effective and easy approach (Tsai, Jiang, Alhabash,LaRose, Rifon & Cotten, 2016).
  • The devices and software’s used in an organisation should be secured by installing software’s so that they protect the system from malware and viruses. Such software’s make sure that infection is not penetrated in the system (Tsai, Jiang, Alhabash,LaRose, Rifon & Cotten, 2016). The updates in the software’s should be done automatically so that security upgrades protect the internal as well as external network (Shacklett, 2015).
  • It is important to protect and monitor the information so that sensitive information is not leaked (Geers, Kindlund, Moran, & Rachwald, 2014). It reduces the overall risk of resource theft and tampering.
  • As seen in case of JL passwords are not managed properly. It is important to manage all the passwords and avoiding the invalid access to the network or data. This can be improved by choosing strong passwords so that digital security is enhanced. Passwords can protect the system from attacks.
  • It is suggested that spam filters should be used so that amount of spam messages could be reduced. As in case of JL, each employee receives on average 40 spam messages each day (McGregor, Charters, Holliday & Roesner, 2015). Thus, applying spam filter will help in reducing the chances of phishing attack and fraud emails.
  • Every organisation should remain updated about the latest cyber security risks and threats. It is necessary to stay informed about the latest scams and vulnerabilities so that security risks could be understood (Alieyan, Kadhum, Anbar, Rehman & Alajmi, 2016).
  • The hardware devices and the storage devices should be encrypted so that concerns related to hardware theft could be reduced. The devices should be certified so that no bugs in the system (Alieyan, Kadhum, Anbar, Rehman & Alajmi, 2016).
  • JL don’t make use of any antiviruses software, thus it is suggested that organisation should make use of antivirus software. They should be updated regularly so that system is protected from all the threats and vulnerabilities. Antiviruses are installed in the system as they block the bugs to enter in the system.
  • Firewalls and other security software’s should be used so that security could be maintained (Kaur & Kaur, 2015). It is also suggested that untrusted Wi-Fi and internet connections should be avoided so that entry of hackers in eth system becomes difficult.
  • Data recovery software should be used so that data breaches don’t occur. Data could be recovered so that system continues to work in every situation. The data should be kept (Kaur & Kaur, 2015).
  • Access control is an important part for maintaining security in an organisation. The poor access control leave the data open and allow unauthorised user to access the data.
  • The standardize software should be used by ensuring that software’s cannot be downloaded in the system without any approval. This is an access control list that is used to assign right privileges among users. It enhances the overall performance.
  • One of the most important way through which security can be maintained is training the employees.
  • A secure network is needed so that channels through which communication take place is secure. Some of the networks that could be virtual private network it ensures that channels through which communication is done are authenticated.
  • Apart from all these, one of eth important tool that should be used is intrusion prevention system. It is a way in which steps are taken to remove the bugs so that unauthorised users are not permitted to hit the network.

The chosen technology is encryption and cryptography that secures the data from the hackers. Even if the data is leaked, the hackers are not able to access the actual information. It is better than some other means as it make sure that data remains confidential and it is not accessed by nay unauthorised users (Knowles,  Prince, Hutchison,  Disso & Jones, 2015). If compared to other technology, encryption is the best technology for data protection. It provides security to data at time of data transfer. Apart from that, it maintains the integrity so that hackers are not able to alter the data. It is difficult to alter the encrypted data, thus it can be said that encrypted data means integrity. It also maintains the privacy of data as it protects all the sensitive data of an individual (Ashfaq, Wang,  Huang, Abbas & He, 2017).  It is a powerful technique that is used to limit the criminal activities. It is one of the correct solutions that are used for transferring the data. Encryption technology helps in protecting stored data across all devices even during transfer (Ashok, Wang, Brown & Govindarasu, 2015). Additional, it is one of the best security solution measures as it offers authentication that helps in detecting unauthorized users. It is an improved technology as it maintains the confidentiality, integrity and availability in data (Ashfaq, Wang,  Huang, Abbas & He, 2017).

To address the security issue, it is suggested that access control list should be designed by an organisation (Boopathi, Sreejith & Bithin, 2015). The cost for using access control concept in an organisation requires 1200 dollar for installation and about 1200 dollar per year for licence.  The security software’s are also needed like antivirus and other software’s that cost around 30-70 dollar. The cost needed for encryption by an organisation is not fixed as it depends upon the type and amount of data (Knowles,  Prince, Hutchison,  Disso & Jones, 2015). The cost factor includes various things like hosting fees  for infrastructure, storage, bandwidth, SSL and domain renewals, cost for software licenses, cost for UI/UX updates, Preventative maintenance cost that includes periodic updates to plugins, security patches and much more

Recommendations

It is recommended that, the situation of JL can be improved by using security software’s in the system. Apart from that as the communication is done via ADSL thus, it is necessary that wireless routers are highly secure and they make use of firewalls so that viruses do not penetrate in the system . The username and passwords should remain confidential between the employees so that there are no chances of data breach. The spam filters should be used so that issue of spam messages could be resolved. Apart from that, cryptography technology and encryption should be used so that even if data is lost it is not accessed by the hackers. Various policies or rules are designed guiding employees to best utilise resources and make them aware about security conscious behaviours.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Conclusion

From the above discussion, the security concern off JL is understood by considering their current situation. Cyber security is very important as essential data is stored online of an organisation. This information stored on the network has high chances of getting leaked. Thus, it is necessary to protect the information from unauthorized access so that data is secure. Security attacks are rising in today’s era attackers try to read the sensitive documents of various organisations this has led to development of unique security measures. It can be concluded from this research that cyber security allows the business to increase their efficiency by storing their information online.  

References

Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.

Boopathi, K., Sreejith, S., & Bithin, A. (2015). Learning cyber security through gamification. Indian Journal of Science and Technology, 8(7), 642-649.

Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153-1176.

Gupta, B., Agrawal, D. P., & Yamaguchi, S. (Eds.). (2016). Handbook of research on modern cryptographic solutions for computer and cyber security. IGI Global.

Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber security management in industrial control systems. International journal of critical infrastructure protection, 9, 52-80.

Perakslis, E. D., & Stanley, M. (2016). A cybersecurity primer for translational research. Science translational medicine, 8(322), 322ps2-322ps2.

Tsai, H. Y. S., Jiang, M., Alhabash, S., LaRose, R., Rifon, N. J., & Cotten, S. R. (2016). Understanding online safety behaviors: A protection motivation theory perspective. Computers & Security, 59, 138-150.

Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security challenges in manufacturing systems. Manufacturing Letters, 2(2), 74-77.

Ibrahim, A. S., Hamlyn-Harris, J., & Grundy, J. (2016). Emerging security challenges of cloud virtual infrastructure. arXiv preprint arXiv:1612.09059.

Ashfaq, R. A. R., Wang, X. Z., Huang, J. Z., Abbas, H., & He, Y. L. (2017). Fuzziness based semi-supervised learning approach for intrusion detection system. Information Sciences, 378, 484-497.

Shacklett. M. (2015). 10 ways to develop cybersecurity policies and best practice. Retrieved from https://www.zdnet.com/article/10-ways-to-develop-cybersecurity-policies-and-best-practices/.

Todev. N. (2015). Here’s How to Develop a Cybersecurity Recovery Plan. Retrieved from https://www.onr.com/blog/heres-develop-cybersecurity-recovery-plan/.

Alieyan, K., Kadhum, M. M., Anbar, M., Rehman, S. U., & Alajmi, N. K. (2016, October). An overview of DDoS attacks based on DNS. In Information and Communication Technology Convergence (ICTC), 2016 International Conference on (pp. 276-280). IEEE.

Geers, K., Kindlund, D., Moran, N., & Rachwald, R. (2014). World War C: Understanding nation-state motives behind today’s advanced cyber attacks. FireEye, Milpitas, CA, USA, Tech. Rep., Sep.

Kaur, R., & Kaur, R. (2015). AN OVERVIEW OF CLASSIFICATION OF DDOS ATTACKS AND DEFENCE MECHANISMS FOR DDOS ATTACKS. Int J Adv Engg Tech/Vol. VI/Issue II/April-June, 12, 14.

McGregor, S. E., Charters, P., Holliday, T., & Roesner, F. (2015, August). Investigating the Computer Security Practices and Needs of Journalists. In USENIX Security Symposium(pp. 399-414).

Rawat, D. B., & Bajracharya, C. (2015, April). Cyber security for smart grid systems: Status, challenges and perspectives. In SoutheastCon 2015 (pp. 1-6). IEEE.

Ashok, A., Wang, P., Brown, M., & Govindarasu, M. (2015, July). Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed. In Power & Energy Society General Meeting, 2015 IEEE (pp. 1-5). IEEE.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now