TASK 1 MINE FULL

 

 

 

Introduction

 

I am a consultant who is working with TeachTechNow and I have been asked to make recommendations to secure the network and to resolve some specific issues that have been brought to my attention to the office there are currently a range of different issues and I will talk about them specifically what they are and what to do and how to mitigate these risks. I have been also told that that several organisations within the same sector have experienced successful cyber attacks and the board of directors are concerned with the management of the it systems at TeachTechNow and the impact it could have on their reputations so it is my job to ensure this does not happen and is prevented.

 

 

 

 

Overview of current issues:

 

Outdated operating systems

One of the many factors that are making TeachTechNow have a insecure network is that they have old os systems and this is a major flaw and due to this TeachTechNow do not have a secure network.  Using old operating systems comes with several significant drawbacks, primarily related to security, performance, and compatibility. Outdated systems are vulnerable to cyberattacks due to lack of security patches, and they may struggle to run modern software and hardware. This affects TeachTechNow performance and efficiency and mainly the integrity of their systems and makes them a easy target by cybercriminals. The latest version of Windows is Windows 11. It was released in October 2021 and is the successor to Windows 10.  All TeachTechNow should operate on the newest and latest system older systems are knows to have vulnerabilities within them. Currently the operating system which is used by TeachTechNow for their File and Print services is the windows server 2016 also their administration server  is windows server 2019 which is also outdated .Server Administrators work to manage and secure company data and information so if TeachTechNow does not have a secure one with the latest os then confidential data can be released or can be held by hackers and then this can lead to major reputational damage like the board fears what can happen but also legal and financial damage which is very server and can result in prison time if data is mishandled under GDPR. Also their class server is operating also on a very old os it varies between windows server 2004/Windows server 2008/ windows server 2012. All of these need to be changed to operate like I have said above to the latest operating system the windows 11. Also, in control document b some of the laptops are running of windows 10 so they also need to changed to run on windows 11.

 

Staff training

Also another factor that is affecting the security of the network at TeachTechNow is the lack of training that is provided to staff there and it is essential that staff are training properly. If staff lack adequate cyber security training, it can lead to increased vulnerabilities within an organization, making it easier for attackers to exploit weaknesses and gain unauthorized access to sensitive data or systems. This can result in data breaches, financial losses, and reputational damage. Furthermore, a lack of training can lead to non-compliance with regulatory standards and potentially result in fines or other penalties. There is a increased factor of human error and vulnerabilities this can all be avoided currently at TeachTechNowstaff attend a short presentation delivered using a video conferencing software. This introduces them to the basics like the network and the software and the security systems. Staff are then provided with a copy of all relevant policies on email and are asked to complete an online form to confirm these policies have been read and understood this no where near enough also staff should at least be tested that they actually do know because otherwise they can just lie and won’t know anything. It is recommended that Staff should be trained on cybersecurity frequently, with annual comprehensive training and quarterly updates to stay current on evolving threats. Consider monthly phishing simulations this is a good way so staff understand and keep up to modern threats the latest ones and they know how to detect and mitigate them.

Poor access controls

Currently at TeachTechNow all staff are provided with administrative login and this allows them to install software when required to complete system updates and make other administrative changes. With the intention to reduce the number of calls to the help desk due to volume of employees. This is a major issue for TeachTechNow because it is another major issues why their network is insecure so it is essential that as soon as possible a stop is put to this and changes are made due to staff also having poor training they can on accident install malicious software or even intentionally to cause harm and to stop this role based access control need to be put it and only the helpdesk should be able to install things on the devices this will help enhance TeachTechNow and make sure their network is secure. Also with TeachTechNow current access control system confidential data can be stolen and then this can lead to again financial and reputational and severe legal damage which TeachTechNow might be able to recover from. Some of the advantages of having access control levels are improved security streamlined compliance reduced administrative overhead and efficient access controls. Also linking with specifically control document b by having access control in place it will ensure no unauthorised third party will be able to delete or move files.

Weak policies

It has come to my attention that another issue that TeachTechNow is currently facing is that specifically in control document c they have weak security settings  and these polices are applied to all, users which is quite concerning and should be changed as soon as possible starting of with the virus and threat protecting there is a x and it is not turned on this should be mandatory policy for that to be turned on at all times because if it is not it is open to threats like malware. Not having virus and threat protection can lead to severe consequences, including identity theft, data breaches, system crashes, and financial losses. Malware can steal personal information, encrypt files, and render your computer unusable. Without protection, your device becomes vulnerable to various cyber threats. Also another issue within control document c  again to do with the security policies at TeachTechNow is that the firewall and network protection is turned of and this also makes TeachTechNow have a weak and insecure network and this should be turned on as soon as possible. Not having a firewall and network protection enabled leaves your device and network vulnerable to various cyber threats, including malware, unauthorized access, and data breaches. This can lead to data loss, system instability, and even financial losses if sensitive information is compromised. This makes it a easy way for cyber criminals to target TeachTechNow user devices because it is a easy way to gain access to their data base. Also account protection with Microsoft for enhance security and other benefits should be turned on a soon as possible  so they should sign in this should also be a mandatory policy at TeachTechNow for all users with devices because by doing this it enhances their own devices security and the organisation as a whole and prevents a lot of issues. Signing into a device with a Microsoft account offers several security and convenience benefits, including enhanced login security with Windows Hello and passkeys, automatic app and setting sync, and features like remote wipe and location tracking for lost devices. It also enables features like OneDrive for file recovery and Microsoft Authenticator for stronger authentication. Also finally also in control document c specifically all users should have to sign in this should also be mandatory policy app and browser control this setting would enhance TeachTechNow also it says the setting to block potentially unwanted apps is turned of this should be turned on as soon as possible because it makes the device vulnerable and TeachTechNow network as a whole not secure Turning off the "block potentially unwanted apps" setting, or PUA blocking, can expose your device to unwanted software that might slow performance, display unwanted ads, or even potentially install more harmful software.

 

Lack of devices

At TeachTechNow there are a lack of devices compared to the number of employees this isa  major security risk and also make the network insecure because it may lead to employees sharing devices or connecting with their own personal devices instead of the ones given by TeachTechNow and this can also lead to major security vulnerabilities because they may have poor setting or already be infected by viruses that will get into TeachTechNow network when the connect to the database. A lack of company-provided devices and reliance on employees' personal devices, environment, can pose significant security risks to businesses. These risks include data breaches, malware infections, and weak security controls on personal devices, potentially exposing company data to unauthorized access. It is essecial that action is taken as soon as possible and more devices are bought by TeachTechNow with the correct security settings.

 

IP address conflict errors

Currently at TeachTechNow specifically on control document b one of the users is facing major issues the class room teacher they are really concerned that students have been provided with a generic account and that occasionally student computers have intermittent connections with students saying that they receive IP address conflict errors this usually happens when IP address conflict errors on generic accounts typically arise when multiple devices on the same network are assigned the same IP address, leading to communication disruptions. This can occur due to misconfigured static IP addresses, DHCP server issues, or even unintentional assignment of the same address across different devices. It can be caused by static ip conflicts DHCP sever problems conflicting default ip addresses. This can all be sorted by checking for duplicate ip addresses it is essential TeachTechNow gets this done as soon as possible because their business will become more efficient.

 

User	Test date	Software device	Operating system	Proposed test	Expected outcome	Actual outcome	Changes made	Feedback	Ability to record changes based on test outcomes	Record of your investigation leading to solution	User acceptance of your work completed
employee	29/04/25	File and print  services	Windows server 2016	Vulnerability scanning is what I will be using to test TeachTechNow file and print servers vulnerability scanning is the process of using automated tools to identify and evaluate security flaws or vulnerabilities within IT systems, networks, and software. These scans aim to detect potential weaknesses that could be exploited by attackers.	The expected outcome for this is so I can see the severity and how weak the system is and also from there I can make clear decisions and show evidence to TeachTechNow on how weak their current os is and the risks that come with it.	TBD = to be done	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
employee	29/04/25	NON	NON	Phishing test  We will be doing one specific staff training test to see how effective the previous staff training was and how good the staff are at spotting threats A phishing simulation is a cybersecurity exercise where organizations send realistic but fake phishing emails to their employees to test their ability to recognize and respond to phishing attacks. These simulations mimic real-world phishing attempts, allowing employees to learn and improve their awareness of cybersecurity threats without the risk of actual data breaches	The expected outcome for this is we will see how poor the staff training is and the key areas for improvement and from there on we can make decisions on how to improve staff training and make sure that they know about cyber threats and how detect and mitigate them.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Employee and students	29/04/25	Laptops	Windows 10	Penetration testing is what I am going to use to see TeachTechNow and how effective their current access controls are Penetration testing, also known as pen testing or ethical hacking, is a security assessment method that simulates cyberattacks to identify vulnerabilities in a system or network	The expected outcome for this is that it will be quite easy for me to get through and again then we do implement rbac we can do this test again and then keep doing it till there are no vulnerabilities.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
employees	29/04/25	Laptops	Windows 10	Vulnerability Assessment testing through the use of tools like Microsoft Baseline Security Analyzer (MBSA): This free tool helps identify potential security weaknesses in Windows and Office settings, including weak passwords and other configuration issues.	The expected outcome for this test is again will probably find even more issues and settings and thing that need to be turned of or on for example the firewall needs to be turned on also by doing this again I will find out in  more detail the issues and setting that need to be changed and make the network and the devices secure.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Employees	29/04/25	Laptop	Windows 10	Accessibility testing Accessibility testing is crucial for ensuring digital platforms are usable by everyone, including those with disabilities. It helps identify and fix accessibility issues that may prevent users from accessing content or interacting with a website or application effectively but in this case specifically if the device sharing is impacting indiviuals but also to test the security issues that come with it I will also do vulnerability testing.	The expected outcome for this I will find a range of different issues and by finding every single possible issue that comes with a lack of devices I will have proof to show TeachTech now about the severity of having a lack of devices.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}

 

Student

29/04/25

Laptops

Windows 10

Ping Test: I will Use the ping command in a command prompt or terminal to test the connectivity to a specific IP address. If you get a response when you shouldn't (e.g., from an IP that should be unused), it indicates a conflict.

The expected outcome for this is that if there are any issues we can confirm them and take action also by doing a ping test we will understand the severity of the ip issue and how severely it is affecting the students connectivity.

TBD

TBD

TBD

{User will input changes here based on test outcomes}

{Use will record investigation and input here leading to solution}

{User will input here the acceptance of my completed work}

 

 

Conclusion

 In conclusion I conclude that TeachTechNow are facing a range of different issues so it is important that the recommendations that I have given are taken into clear consideration because if action is not taken it will result in this organisation facing severe consequences I know they do not want to face such as legal financial and reputational harm so it is essential that all of these issues are sorted as quick as possible and by doing this it will ensure that TeachTechNow can carry on expanding as they have planned without being at the threat of cybercriminals.