You have been hired to consult for a medical facility that six doctors share as general practitioners and ear, nose, & throat specialist in the downtown Macon, Ga area. They have a network installed and they do not know of any security breaches, but two of the doctors heard about another doctor in the area being fined for HIPPA violation.
The office has 10 examination rooms. Each of the six doctors has a tablet computer that they keep with them. They have two Windows 2012 servers running their enterprise records, file storage, print sharing, and active directory. They have two receptionist at the front, each with a PC and one HR person that works half-time from home and has an office.
Draw a diagram with all of the components listed above. Number the area where the following 10 threats would be located AND complete the table giving a more detailed description of the threat and most importantly how these problems can be mitigated.
For Threat 10 you will make up the entire thing.
Risks (likelihood of loss) = Threat x Vulnerability
Risk Description More detailed description Method to mitigate problem
Threat 1 Natural disaster
Threat 2 Hackers gaining access to Server
Threat 3 HR person lose laptop
Threat 4 Physical security of IT Infrastructure
Threat 5 Social Engineering attack receptionist
Threat 6 System Failure
Threat 7 Virus and worms infect network
Threat 8 HIPPA inquiry about patient data leak
Threat 9 Passwords shared between doctors (that pay you)
Threat 10