IT Aduit & Assessment - Case 2

One of the market leading travel agencies in Hong Kong

Size
100+ Employees

Service
IT Audit and Technical Assessment Service

Challenge
Under the revolutionary technologies change in the recent decade, our client is one of the many in such industry, which undergo a transformation from manual operation to machine based operation for specific repetitive tasks.  The automated programs are functioning 24 hours a day, 7 days a week nonstop.  With the existing infrastructure set up, transiting and hosting such huge amount of automated programme would raise both management and security issues. 

To tackle any serious incidents before it happens, the IT management has turned to our IT Audit and Technical Assessment service for evaluating existing vulnerabilities and risks within the system, infrastructure and daily operations.
 

Result and Follow-up
RSEL provided IT audit and technical assessment service towards the client’s IT infrastructure and daily operation focusing on information security.  The auditing area of assessment are mainly focused on the information security aspect on:
 •    IT Structure
 •    IT Operation
 •    System Infrastructure and Architecture
 •    Network Infrastructure and Architecture.

Together with the audit assessment, a vulnerability scan assessment is also conducted towards the official webpage so as to determine if an eternal hacker can penetrate the system and network infrastructure.

Audit Report and Vulnerability Assessment Report submitted to the management includes the findings of vulnerability and risk, impact of related risk, priority of improvement and practical recommendations.  With the road map and action plan included according to the seriousness of the observation found, our client could be able to include the follow up action needed in their IT year plan to tackle the corresponding risk.

Result
With the submission of the management report of our findings, impacts, severity levels and recommendations, a meeting is held with the management team to run through each finding, some includes:
 •    Identification of security holes within their multi-sites setup in both network and application aspects.
 •    Core business ERP system running a 2-tier hierarchy, any users may delete all system data under a press of the delete button.
 •    Insufficient and ineffective configurations of firewall causing managers’ personal desktops and servers vulnerable to hackers.
 
Follow-up
Reduce potential security holes with an up-to-date centralized monitoring and administration system. Temporary work around method to protect data. Awareness of new options in ERP systems with pertinent professional advice. Establishment of new policies and procedures in protection of the company.

Our team thereafter, proposes a range of IT services providing a one stop solution of our client. Some of our services include:
 •    Immediate handling of high severity objects to minimize risks including firewall configurations and ERP data protection.
 •    In-place a centralized administration and network monitoring systems to govern and simplify IT administration.
 •    Sources different options of ERP’s providing pertinent professional advice.
 •    Establishment of new policies and procedures in protection of the company.
 
Benefit
After the running of our IT Audit and Services Scheme, the workload is centralized and eased by the new establishment of administration and network monitoring systems. The management team has much of a better overview of IT and the current environment in both security and business growth aspects. With the establishment of policies and procedures, a clear guideline is defined and a regular communication channel between management and IT is established.

More Updates

Further reading

sen-ryo & Ringus Collaboration

In this digital age, online experience has become increasingly vital. For years, Ringus has been collaborating with Maxim's Group to enhance the digital journey for customers across various brands. Today, sen-ryo, one of the Maxim's Group's Japanese cuisine brands, has released their newly revamped mobile and web application, offering customers convenience through a unified platform with enriched features like queuing management, membership management, and take-away order services. "The enhanced application aligns with sen-ryo's business and marketing strategies," Ms. Steffie Li, the Director of Business Engagement (Digital Solution) at Ringus shared. "We have implemented a more structured approach and introduced distinct membership tiers for sen-ryo with exclusive benefits for ELITE & PRESTIGE members. Additionally, the real-time management on take-away orders ensures seamless integration with the outlet's operations, optimizing sales and minimizing waiting times for to-go orders."Ringus goes beyond applications. We deliver digital solutions that bring business value to drive organizational growth. One of the key objectives is to support the organization’s strategic vision in digital, ensuring that the digital landscape becomes a powerful catalyst for success.Experience the sen-ryo application at: https://apps.apple.com/hk/app/sen-ryo-%E5%8D%83%E4%B8%A1/id734319074?l=en-GBhttps://play.google.com/store/apps/details?id=com.maxims.SenRyo&hl=en_UShttps://order.sen-ryo.com.hk/tc #DigitalSolution #BusinessEngagement #AppDevelopment #eCommerce #OnlineOrdering #CRMsolution #QueuingSystem

零日攻擊:未知的威脅及資訊安全的挑戰

在網路安全的領域中,零日攻擊(又名零差別攻擊,Zero-day attack)是一種難以防範的威脅。零日攻擊指的是攻擊者利用尚未被軟件開發者發現或修復的安全漏洞來進行攻擊,這種安全漏洞在被發現和利用之前,甚至連安全專家也不知道其存在。零日漏洞是軟件或系統中的安全缺陷,這些缺陷未被開發者或安全專家在產品發佈前發現,從而使攻擊者有機會透過惡意軟件或代碼實施攻擊,控制目標系統,盜取數據或造成其他破壞。 2017年的WannaCry勒索軟件事件是一個經典的零日攻擊案例。在該事件中,攻擊者利用Windows系統中的網路共享漏洞,迅速將攻擊在全球範圍內傳播,影響了包括醫院、銀行和政府機構在內的數萬個系統。該次攻擊不僅造成了巨大的經濟損失,還暴露了全球資訊安全體系中的重大漏洞。 零日攻擊的影響範圍非常廣泛,可以針對個人用戶的系統,企業的服務器甚至是國家級的基礎設施。而由於其未知性及複雜性,此攻擊往往能夠繞過一些傳統的安全防御措施,例如防火牆和殺毒軟件等等。而一旦被成功攻擊,不僅會有可能造成龐大的經濟損失,還可能會損害企業或者機構的聲譽,嚴重時甚至可以影響到國家安全。 雖然零日攻擊難以完全防範,但可以採取以下策略來減少被攻擊的風險:首先,軟件供應商應在發現安全漏洞後盡快推出補丁。因此,及時更新軟件和系統,保持其處於最新版本是防範攻擊的重要一步。其次,實施網路隔離和最小權限原則可以限制攻擊者在系統內的活動範圍,並確保即使系統被侵入,攻擊者也難以輕易獲取敏感資訊。再者,定期進行安全評估和滲透測試,通過模擬攻擊來檢測系統潛在的安全漏洞,以便提前發現並修復可能被零日攻擊利用的缺陷。最後,加強員工的安全意識,訓練他們識別釣魚郵件、惡意附件等常見的網路攻擊手法,可有效減少漏洞被利用的機會。面對零日攻擊的威脅,無論是個人還是企業,都應采取多層次、多角度的防禦措施。透過持續的技術更新、系統的安全檢測和員工培訓,可以有效提高對抗零日攻擊的能力,盡可能保護重要的敏感資訊。防範零日攻擊不是一次性的任務,而是一個持續的過程。隨著技術的發展及攻擊手法的不斷進化,防範策略也應不斷調整和更新。只有通過持續的努力和投入,才能在不斷變化的網路安全威脅面前保持堅強的防線。 尹展軒 Senior IT Consultant