Security Analysis: Findings & Recommendations for Air Force Reserve Command

Subject: Tech & Engineering
Pages: 6
Words: 1164
Reading time:
4 min
Study level: Master

Introduction

The Air Force Reserve Command (AFRC) – Is an exceptional branch of the forces that tenders their support to the Air Force in the United States. Specifically, this body monitors communications, intelligence and natural disasters aftermaths such as aerial spray of mosquitoes and hurricane occurrences (Air Force Reserve Command, n.d.).

From this point of view, this Air Force wing offers essential services to the entire nation. For that matter, AFRC has to handle its information receiving, storage, and delivery systems carefully during their operations in order to maintain its good image among the public and its joint partners.

Therefore, information requires high level of security to guard against leakage to the wrong parties. For instance, some information are deemed as private such that unauthorized and unauthenticated access by the public may cause instability in the nation while other pieces of information can easily be left for public access.

Private information, which are in the internet can be password protected. AFRC has outlined some of its set standards that information availability and distribution has to follow. These standards enable AFRC through the Freedom of Information Act (FOIA) to uphold democracy practices in the society and hold leaders accountable.

In addition, the organization champions for the modernization of facilities and equipment.

AFRCs security posture

This organization has put in place some of the steps that are meant to minimize incidences of information getting into wrong hands. These steps and their weaknesses are discussed below.

  • Use of computer monitoring program from multiple access points. This program involves the use of a software that makes services available to all users (The Presence of Commercial/External Links, n.d.). It also ensures that those accessing the internet do not misuse the information in those sites. For instance, the security program tracks or identify cases of unauthorized information alteration, which can cause damage. Therefore, the system assists in guarding against data intrusion.
  • A computer system that collects statistical data. During this process, the software in the computer can detect any unauthorized access to a given website (The Presence of Commercial/External Links, n.d.). Internet hackers can alter, damage, or erase all information in a website. Evidently, the organization has put in place a modern technological application that assists in mitigating illegal activities that could tamper with information and violates an individual’s privacy. Simultaneously, this control helps in assessing pieces of information that are mostly read and those that are least read; this also helps in management of sites.
  • The organization has active cookies that collect information of people using their services. If a person logs into their website, he/she does not remain anonymous; the system identifies individuals that use their information for whatsoever reasons and purposes. Chances of information hacking will easily be detected and reversed within the shortest time possible. Such intruders can deny the public access to essential information.
  • AFRC has also adopted stringent measures incase of such occurrences. For instance, damage to a critical infrastructure computer. This component tries to minimize damages that a person can cause to a critical infrastructure computer or that which is associated with the same computer. If a person does this offense, he/she is liable for a term of 3 years imprisonment (Schmidt, 2011). Remarkably, the courts are under obligation not to reduce the number of terms for such crimes. A critical infrastructure computer is a computer, which provides essential services to the public and government bodies. These services may include communication and transport services, health and clean water supply, and banking services.

Security Challenges

Control of Internet Protocol (IP) addresses

Information availability to the general public can create great loopholes for internet thieves to take hostage of an IP address of a number of clients. In this scenario, the criminal can study the trend and information that one passes to other areas. These criminals can act from far, not necessarily close to the point of control.

Similarly, technology keeps on changing everyday. This implies that the AFRC IT department needs to constantly keep vigil at any change in awareness information lest their system remain under great threat (Computer Security, Computer Lock, Laptop Lock, Computer Theft, 2012).

Network hacking

This remains a great threat as all the information are networked that is, can be accessed from any given location. AFRC needs an information management system to manage data posted on their site. There is need to control the flow of data from local servers to the external outsourcers.

Moreover, this act can totally deny clients and the public access to information that are of national importance. Information deprival can cause national panic and lose of confidence in the AFRCs management.

Virus logic – AFRC is tasked with continuously monitoring their site so that malicious logics cannot be placed in their websites. When this happens, the number of people who would access information from the AFRCs website would tremendously reduce for fear of receiving viruses on the computer systems. This is an extra cost in terms of computer maintenance. Additionally, the use of weak passwords such as date of births and security numbers pose more risks to the entire AFRCs clients, staff and other stakeholders.

AFRC should employ the use of powerful scanning tools to minimize the vulnerability of their computers from attacks like hacking, malicious logic, and denial of services. This step will help in protecting information from both internal and external threats.

The organization should liaise with information technology research institutions so that they remain updated on any change on computer management.

Recommendations and Way Forward

The password strength should be difficult to guess. This means that using common days like date of births should not be tolerated. The organization should encourage use of mixed letters and digits, small and capital letters in order to make password assumptions extremely difficult (Computer Security, Computer Lock, Laptop Lock, Computer Theft, 2012).

AFRC, being a national body, should frequently carry out website maintenance and tracking. In this, they ought to incorporate outstanding webhosting companies to avert any cases of hacking and malicious logic.

Further, AFRC should include the use of a highly sophisticated information security program that does a real time tracking of activities that one does in their website. This can help to notify the central office of any alteration or damage to information in real time hence, leading to prompt arrests to the cyber criminals.

Conclusion

Cyber security is a common activity that will continue to exist with the improvement in the computer technology. Therefore, organizations using these gadgets and the internet to communicate to their clients like AFRC should ensure that they maintain their systems to mitigate these impeding threats.

References

Air Force Reserve Command. (n.d.). United States Military Information. Web.

Computer Security, Computer Lock, Laptop Lock, Computer Theft. (2012). Computer Security Limited Inc.

Schmidt, H. A. (2011). The Administration Unveils its Cybersecurity Legislative Proposal | The White House. The White House.

The Presence of Commercial/External Links. (n.d.). Air Force Reserve Command. Web.