Security Failures that Occurred in this Scenario of Hospital - Paper Example

Identify the Security Failures that Occurred in this Scenario

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

One of the security failures that occurred in the scenario was the lack of planning for failure. When designing the program, Shonn failed to consider the course of action they would take if the system failed to work out. He only assumed that the backup would be autopilot thus recovering all files and he was disappointed when the files failed to recover. Unlimited access to users was another failure observed I the system. This way, the doctor's son was able to access the system without proper guidance hence ruining the whole system (Castiglione et al., 2015). Also, the company failed to hire a good team to work on the project. Although Shonn was qualified out of experiences, it was necessary for the company to have professionals to deal with the system and that way they would have taken care of all possible breaches.

First Principles of Security that were violated as a Result of those Security Failures

The first principle that was violated was that of confidentiality. If the system were operating well, the doctor's son would have been denied access to the system by the program because he posed and attack and because he was only experimenting with the system, unsure of what to do. He was a programmer who was unaware that he could unleash a flaw that would crash the system if something unexpected occurred. To avoid such vulnerabilities, the information on the computer should have been encrypted and sent over the internet for safe keeping (Saleem et al., 2015). It was also necessary that through this principle of confidentiality that the information could only be accessed by authorized personnel who excludes the doctor's son.

The Stage of the Security Life Cycle in Which the Security Failures Were Created

The security failures were experienced in the stage of operation and maintenance. Through hard work, Shonn had managed to go through the development part successfully, and the system was in operation. In this stage, the system administrator usually works through all the programs to ensure that there are no potential threats (Haque, Aziz & Rahman, 2014). In the usual test, Shonn discovered that the computers were quite slowly and on further examination, he found out that there was a virus that is deleting all the files in the system. The system lacked adequate maintenance because it would have revealed the activities of the unauthorized access by the doctor's son and action taken to avert any potential damage.

A Strategy that will Ensure that the Hospital Have a Secure and Effective Network to Support their Work

It is paramount that the hospital to improve its network system to adequately serve their clients by safeguarding their data from unauthorized access and for future use. The hospital should, therefore, develop a system that ensures that it improves care by providing the right information and reducing the cost of the limited tests by storing the information appropriately. That said, the information should be harmonized by placing it in a well-organized operation. Implementation of the network should include the examination of the transactions that are likely to occur and the importance of the data used. The hospital should ensure that they hire fully qualified professionals to be confident that the information is well protected from damage, alteration or unauthorized access hence making the system secure.

References

Castiglione, A., Pizzolante, R., De Santis, A., Carpentieri, B., Castiglione, A., & Palmieri, F. (2015). Cloud-based adaptive compression and secure management services for 3D healthcare data. Future Generation Computer Systems, 43, 120-134.

Haque, S. A., Aziz, S. M., & Rahman, M. (2014). Review of cyber-physical system in healthcare. international journal of distributed sensor networks.

Saleem, K., Derhab, A., Al-Muhtadi, J., & Shahzad, B. (2015). Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior, 51, 977-985.