Get Instant Help From 5000+ Experts For

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote

GeeGee Internet and Data Solutions

Discuss about the Vulnerability Assessment of GeeGee Internet and Data Solutions.

GeeGee is a medium-sized enterprise at its start-up stage. The company is a partnership between me and close friends. We offer data storage and web hosting services to our clients. Our main objective is to provide a platform where clients rent a domain to host their websites and cloud storage services and retrieve data from our servers.

We decided to do vulnerability assessment on our company to identify the likely risks and hazards that might pose vulnerabilities. This is important decision to make especially for our young company. The test helps establish the threats and vulnerabilities that need to be addressed in present and future. When we establish our weaknesses, we will be able to work on them to reducible minimums for the betterment of the company.

Vulnerability assessment involves discovering vulnerabilities with aims of reducing them and increasing the ability to manage them in future. There are various risk assessment techniques but in our case, we will use Failure Mode and Effect Analysis (FMEA). This technique identifies potential failures and tries to figure out what effect failures would have. 

The core assets that our company put effort into this vulnerability analysis are the customers, data warehouses, employees, data security, web securities and market competitiveness.

  1. Customers focus – customer service is our key priority. Our customers need better services compared to other companies offering similar services. The reason why customers focus is key to our success is because we are offering a service which must meet customer’s specification and specific needs, and also because they have market choices to make. So we must give them a reason to choose us over our competitors.
  2. Data Security – investing in data security is paramount to build our company reputation and also create good relation with our customers. Our clients need privacy assurance(Calder and Moir, 2009)for their data with us, therefore this is also one of our main area of focus for market competitiveness.
  • Investment in automation – we tend to use a variety of open-source and in-house management and monitoring tools. To increase speed and time and reduce costs we need to invest in more advanced management and monitoring tools. The reason for choosing this as the asset of success is because our main service foundation is machines and computers. Therefore automation of various services will be inevitable.
  1. Accessibility guarantee – we need to assure our clients that our services will be 100% accessible and available online. The reason this is as a success factor is because our clients hold confidential information with us which they may be needed anytime anywhere. We need them to trust us on this by providing 24/7 access and retrieval.
  2. Talented and passionate man-power – we not only attach our success on trained people, we also hunt for talents and passion in computing. We believe people who are passionate and talented in computing offer bigger value to our company. We recruit and train them according to their area of interest. 

These are events that pose some harm to the company and its resources if not addressed early.

  1. Password security – our staffs can easily be tricked to provide access to the servers. In such case, the attackers are likely to use keyloggers or inject malicious codes into their computer systems which will expose security measures of the company. This will expose our clients’ data which is supposed to be protected at all costs. On the other hand, our clients are also vulnerable to attacks if they fail to take necessary security measures to protect their systems. These attacks can expose their passwords and important information on our servers in which their information is held (Wee, 2012).
  2. Physical security – our servers and data storage are housed in a warehouse. Although we have installed 24 hours security watch, which does not totally eliminate physical access to our data center or other risks (Al?Awadi and Saidani, 2010).
  3. Competition – the company is competing in a service market. The competition is high and customers are looking for quality, affordability, accessibility, convenience, and timely services.
  4. Data and server security – computer advancement and speed have come with it good and bad sides. The bad side of it is information security mostly the fear of losing data to malicious people. Cyber-crime is at an increasing trend and this has affected our company (HM Government UK, 2014).
  5. Privacy issues (Hayhurst, 2014) – today companies are using data centers uploading sensitive and confidential data. They need to be sure that no one is viewing their information, or use it information whatsoever without their consent. Any customer information leak is detrimental to our business and company reputation.
  6. Hacking – computer age has grown and many people are becoming computer enthusiasts who are ready to explore the world of computation to their own limits. This has created a group of people who look to enter into any computer systems for maliciously for fun (Goel and Mehtre, 2015)
  7. Endangerment of high-level management staff – our company store confidential and other important data from our clients. The information we store may endanger our key employees who are responsible to maintain data servers. The information we hold for the client may have interest groups who can do anything to gain access to such information.
  8. Ineffective monitoring of individuals in data center area – one computer room in a data center covers a large area, with storage devices arranged next to each other. These storage devices are managed by separate personnel. Therefore it has become difficult to manage and track them once they have access to these areas (Mocydlarz-Adamcewicz, 2011).
  9. Undetected smoke – sometimes there is fire outbreak caused by power surge by storage apparatus. We have installed fire alarms in the facility but resulting smoke may be undetectable by our standard smoke alarms, let alone the human eyes because it is often too fine and in small quantity. Advanced alarm systems need to be installed to mitigate this threat.
  10. Natural disaster – disasters like torrential rains, floods, earthquakes, and winds are likely to cause destruction to our data facility. Our structures are not built to withstand some of these disasters when they occur. 

Our responsibility was to identify threats affecting the company. Threats posed danger to our company success. To be able to select these threats we used employees provided information on their stations, evaluated occurrences books, we also did a physical audit of the company facilities. Some threats to the data and servers which are not easily identifiable, we had to run vulnerability testing tools on the computers and data servers. The threats identified are the one that has occurred or was prevented from occurring. There these threats are critical to the management so that relevant actions and responses are taken. 

These are deficiencies the company whose occurrence leads to the materialization of the threats.

  1. Remote code execution – we found that an attacker will be able to run arbitrary, system-level code on our server. The problem was caused by improper coding. We were able to detect this problem after carrying out source code review. We found out that the vulnerability will allow an attacker to exploit register globals in PHP and use XMLRPC for PHP vulnerabilities. This vulnerability posed total system compromise and damage to servers.
  2. The company also lacked proper differentiation in the market. This posed a risk of losing customers to competitors. We needed to offer a product package that is distinct and acceptable in the market.
  3. The facilities lacked high-quality alarm systems, not enough strategic surveillance cameras, and lack biometric identification system of the workers for easy control of entry.
  4. The data warehouse was not properly designed and built to withstand all weather conditions and a natural disaster. The building is built on a power drainage area, therefore, increased chances of flooding.
  5. Lacked effective firewalls to detect and block attacks. We were able to access servers from a remote computer using vulnerability testing tools (Goel and Mehtre, 2015). This means the whole system was vulnerable to external attach which might be malicious.
  6. Employees’ vulnerability – using our system, was able to trick some employees and was able to access information through their system. This demonstrated the ignorance with some of them which posed a potentially higher risk which can be used by attackers.
  1. Precautionary Analysis

To carry out precautionary analysis we will use Failure Mode Effects Analysis (FMEA) (Stamatis, 2003). This technique uses a step-by-step approach to identify possible failures in the company services.

“Failure modes” means the ways in which service might fail. Failures are any faults, particularly ones that affect our customers or can be potential or actual.

“Effects analysis” refers to studying the significances of those failures.

Under this his technique, failures are ranked according to how serious their consequences are, how often they occur and how their detectability. The purpose of the FMEA is to take actions to reduce or eliminate failures, starting with the highest-priority ones. 

Key success factor/ function

Potential failure mode

Potential effects of vulnerabilities

Potential cause(s) of failure

Precautionary recommendation

Customers focus

Lack quality data and internet services

Losing customers to the competitors

System lag and failures

Installation of advanced apparatus

Data security

Vulnerable database algorithms and codes

Data leak, device failure, loss of company reputation


Injection of malicious codes

Software reviews and building patches and updates in the system

Investment in automation

Slow services to our customers

Poor response to customers’ needs

Lack of finance

Invest in automation most critical services with latest advanced tools

Talented and passionate workers

Lack of motivated workers

Employees vulnerability

Poor production,

Poor customer services,

High turnover rate.

Recruitment and selection failure,

Ineffective organization structure

Invest in workers training, development and motivation.

Proper recruitment and selection criteria

Accessibility guarantee

System failures

Damages by natural disasters


Data loss

Dissatisfaction of our customers

Data loss

Apparatus damages

Loop-holes for data theft

Poor construction and design

Lack of advanced alarm systems

Lack back up system

The building of an all-weather warehouse

Advanced alarm systems

Having back up option installed


Poor market targeting

Lack of differentiation

Lack of advanced tools

Losing customers to competitors

Loss of market

Loss of revenues


Our service lack differentiation

Targeting larger market

Poor apparatus

Implement services differentiation in the market

Invest in better technology

The high-level management staff

No measures are put in place to protect staff

Endangered their lives

Fear for their life

Low motivation to work for us

Equipped them with wireless emergency alarm apparatus that send an emergency alarm signal that can notify security guard staff to enact any necessary measures.


Uncontrolled access to some company facilities

Poor control of workers in the warehouse

Tampering with data and servers

Access to malicious software to the data server and system

Loss of client data

Data Leaks

Damage of apparatus


Installation of employee monitoring tools like biometric log systems, movement detectors, CCTV, and train employees on standards measures for protecting the facility

Threat Barrier Diagram – GeeGee Data Center and Internet Solution 


Goel, J. and Mehtre, B. (2015). Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology. Procedia Computer Science, 57, pp.710-715.

HM Government UK (2014). Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks.

Hayhurst, C. (2014). Is Your Patient Data Secure?. Biomedical Instrumentation & Technology, 48(3), pp.166-173.

Wee, H. (2012). Public Key Encryption against Related-Key Attacks. George Washington University.

Mocydlarz-Adamcewicz, M. (2011). Practical guidance on implementation of the Personal Data Security Management System in an oncology center. wo, 5, pp.279-285.

Al?Awadi, K. and Saidani, M. (2010). Justifying the need for a data security management plan for the UAE. Info Mngmnt & Comp Security, 18(3), pp.173-184.

Calder, A. and Moir, S. (2009). IT governance. Ely, UK: IT Governance.

Stamatis, D. (2003). Failure mode and effect analysis. Milwaukee, Wisc.: ASQ Quality Press. 

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2019). Vulnerability Assessment Of GeeGee Internet And Data Solutions. Retrieved from

"Vulnerability Assessment Of GeeGee Internet And Data Solutions." My Assignment Help, 2019,

My Assignment Help (2019) Vulnerability Assessment Of GeeGee Internet And Data Solutions [Online]. Available from:
[Accessed 29 May 2024].

My Assignment Help. 'Vulnerability Assessment Of GeeGee Internet And Data Solutions' (My Assignment Help, 2019) <> accessed 29 May 2024.

My Assignment Help. Vulnerability Assessment Of GeeGee Internet And Data Solutions [Internet]. My Assignment Help. 2019 [cited 29 May 2024]. Available from:

Get instant help from 5000+ experts for

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing: Proofread your work by experts and improve grade at Lowest cost

250 words
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Plagiarism checker
Verify originality of an essay
Generate unique essays in a jiffy
Plagiarism checker
Cite sources with ease
sales chat
sales chat