Case Study: Living Life Formerly Nn Financial Is A Leader

Case Study3ing Lifeing Life Formerly Nn Financial Is A Leading Prov

Assess the probable difficulties and risks associated with using a public infrastructure such as the Internet as part of a business solution.

Analyze ING’s solution for providing security to determine if the solution is adequate or inadequate. Provide a rationale for your answer.

Critique the extranet solution and recommend one (1) change to the solution to provide better connectivity to brokers.

Paper For Above instruction

Introduction

The integration of the Internet into business operations significantly enhances accessibility and operational efficiency; however, it also introduces a series of challenges and risks that organizations must carefully evaluate. This paper examines the potential difficulties associated with utilizing the public Internet as a backbone for business solutions, analyzes ING Life’s security measures within its extranet implementation, critiques the overall solution, and proposes an improvement to enhance broker connectivity.

Probable Difficulties and Risks of Using the Internet for Business

Implementing a business solution over the public Internet carries inherent risks primarily related to security, data integrity, and service reliability. Security concerns are paramount, as information transmitted over the Internet is susceptible to interception, unauthorized access, and cyberattacks such as phishing, malware, and denial-of-service (DoS) attacks (Kaufman et al., 2015). In the case of ING Life, sensitive client and company data traversed the Internet, necessitating robust protective measures. Moreover, data integrity issues may arise if data packets are tampered with or corrupted during transmission, leading to potential miscommunication or operational errors (Sharma & Arora, 2017). Service reliability is also a challenge because Internet-based solutions depend heavily on connectivity quality and availability; network outages or latency can hinder timely access to vital information, impacting customer service and operational efficiency. Additionally, because the Internet is a shared resource, organizations face the ongoing challenge of mitigating risks associated with bandwidth congestion and third-party vulnerabilities that could disrupt business continuity (Kaufman et al., 2015).

Analysis of ING’s Security Solution

ING implemented multiple security measures to safeguard its extranet, including the use of a Cisco Pix firewall and SSL (Secure Sockets Layer) encryption for data transmission. The firewall functions as a barrier, preventing unauthorized external access to the internal network, while SSL provides secure, encrypted communication channels for data exchange between brokers and the company servers. Such measures are aligned with industry standards for securing Internet-based data transmission (Kaufman et al., 2015). The use of SSL, in particular, ensures confidentiality and data integrity during the communication process, which is crucial when handling private financial information. However, security is a layered approach; relying solely on firewalls and SSL might not be sufficient to fully mitigate all vulnerabilities. Additional security practices, such as regular vulnerability assessments, intrusion detection systems, and comprehensive user authentication protocols, are necessary to enhance security further (Sharma & Arora, 2017). Given that security consultants had already probed the system for vulnerabilities before launch, the measures seem adequate at a basic level, but continuous monitoring and updates are essential for ongoing protection.

Critique of the Extranet Solution and Recommendation

Despite the successful implementation of the extranet using SSL encryption and firewalls, the approach still faces limitations. For instance, the reliance on browser applets for TN3270 emulation may hinder usability, especially if browser or security settings restrict applet execution. This can lead to connectivity issues or delays in accessing mainframe data. Additionally, security vulnerabilities associated with browser-based interfaces, such as potential spoofing or session hijacking, remain concerns. The solution also does not address potential bandwidth constraints or scalability issues as broker numbers grow beyond 350 (Von Solms & Van Niekerk, 2013).

To improve connectivity, a recommended change is to implement a Virtual Private Network (VPN) architecture tailored for business access, combined with multi-factor authentication (MFA). A VPN can establish a secure, encrypted tunnel directly between brokers’ devices and the company network, reducing dependence on browser applets and enhancing security (Kaufman et al., 2015). The addition of MFA would verify broker identities more stringently, reducing risks associated with compromised credentials. This hybrid approach would improve security and connectivity, ensuring scalable, reliable access for a growing number of brokers while maintaining strict data protection standards.

Conclusion

While utilizing the Internet for business solutions offers notable advantages such as cost savings and flexibility, organizations must carefully navigate significant security and operational challenges. ING’s implementation of a secure extranet with firewalls and SSL encryption demonstrates a sound but not invulnerable security posture. Enhancing the solution with VPN and MFA would further safeguard sensitive data and improve broker access, ensuring sustained operational efficiency. As organizations increasingly depend on Internet-based solutions, ongoing security enhancements and scalability considerations will be critical for long-term success.

References

• Kaufman, L. M., Perl, D., & Speciner, M. (2015). Network Security: Private Communication in a Public World. Prentice Hall.
• Sharma, D., & Arora, P. (2017). Cyber Security and Data Privacy. Journal of Information Security, 8(2), 75-83.
• Von Solms, R., & Van Niekerk, J. (2013). From Information Security to Cyber Security. Computers & Security, 38, 97-102.