Preview

It255 Project Part 1

Better Essays
Open Document
Open Document
634 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
It255 Project Part 1
IT255 Project Part 1

Richman Investments Security Plan Outline
User Domain:
• Restrict access to data and applications to the required users and groups.
• Review and Revise user conduct and security polices every six months.
• Conduct annual security training seminars with system users and staff.
• Track and monitor employee behaviors.
Conducting annual security training for the user in the user domain will cover the Acceptable Use Policy (AUP). Informing the users will be of what is acceptable and unacceptable use of the system. This layer also needs constant monitoring.
Workstation Domain:
• In house testing of operating system updates prior to user workstation deployment.
• Strict access control policies and procedures for user access to system and data.
• 72 Day password renewal for workstation and 180 day user password renewal.
• Content filtering and anti-virus scanning of all incoming data. Quarantine of unknown file types.
Securing a user workstation with approved updates will help prevent potential system corruption and in house data from being exposed. This domain is also vulnerable and also needs constant monitoring.
LAN Domain:
• Proper identification and two key turners to be granted access to Data Centers and wiring closets with 24/7 CCTV monitoring.
• Periodic LAN vulnerability assessments.
• Define strong access control policies.
Keeping our LAN under lock and key prevent tampering of with the networks hardware. Access to the LAN devices is the easiest way to compromise a network. By also applying strict monitoring controls and current security updates are excellent security measures to implement.
LAN to WAN Domain:
• Disable ping, probing, and port scanning of exterior devices.
• Strict monitoring for intrusion detection on inbound IP traffic.
• Apply file monitoring and scanning of traffic from unknown sources.
Monitoring traffic will help for see intrusions into the network. Any traffic that is out of the ordinary will



References: David Kim., and Michael G. Solomon. Fundamentals of Information Systems Security , 2012: Sudbury, MA 2012 Pyle, N. (2009, September 01). Designing and implementing a pki: Part i design and planning. Retrieved from Symantec. (2008, August 28). How to: Set up multi-layered security. Retrieved from http://www.pcworld.com/article/141361/article.html

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.…

    • 290 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    I can understand your concern with your network security and better securing your information without losing productivity. You can set up your users to have their passwords be changed at a certain time and I would recommend a short amount of time in-between. And also you can have the passwords be in a certain context or to be made a certain way and make sheer that the security levels are high on them so that a hacker has a harder time to get in to the network. I recommend you use the following format; using capital and lower case letters the first letter of their name, their whole last name and their employee number, ex. “JVentura10415867@Domain*%$.Local” if someone tried to hack the account and all that they knew was the person name and the domain name they could not get in because it is very unlikely that they would know that person employee number and if they do then you have a spy in your company. Can also buy better security items to better your network things like smart card, finger print scanners, retinal scanners, and others. But I only recommend these for really sensitive information and only for certain users in your company. I hope that this has helped you in any way and I wish the best of luck to you.…

    • 327 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    Agree to proper use of their devices when working with company data both on-site and off-site…

    • 319 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    This domain needs strict security controls given the risks and threats of connecting to the internet. This domain is where all data travels into and out of the IT infrastructure. A security solution for unauthorized access through the LAN-to-WAN domain is to apply strict security monitoring controls for intrusion detection and prevention.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    The Workstation Domain is also another domain infrastructure that has great reason to be affect by internal use only data because this is where the user connects to the our network. The reason that this can cause security threats and other problems is because this domain can be connected via a personal laptop or even a cell phone or other mobile device.…

    • 285 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    It255 Assignment 8

    • 309 Words
    • 2 Pages

    The more time you spend hardening your network, the safer it will be for not only your customers but your employees as well. Your Human Resources department will undoubtedly have confidential personal information on file for every employee. This could include social security numbers, information on dependents, emergency contacts, home addresses and telephone numbers, etc. That information will most likely be stored in an electronic format somewhere on your network. Keeping that information safe and secure from prying eyes should be a…

    • 309 Words
    • 2 Pages
    Good Essays
  • Good Essays

    MIS 320 Midterm

    • 3629 Words
    • 12 Pages

    A firewall is a combination of hardware and software that controls the flow of incoming and outgoing network traffic. Firewalls prevent unauthorized users from accessing internal networks. They protect internal systems by monitoring packets for the wrong source or destination, or by offering a proxy server with no access to the internal documents and systems, or by restricting the types of messages that get through, for example, e-mail. Intrusion detection systems monitor the most vulnerable points or “hot spots” in a network to detect and deter unauthorized intruders. These systems often also monitor events as they happen to look for security attacks in progress. Sometimes they can be programmed to shut down a particularly sensitive part of a network if it receives unauthorized traffic.…

    • 3629 Words
    • 12 Pages
    Good Essays
  • Better Essays

    Bloom Design Group’s

    • 2994 Words
    • 12 Pages

    References: Merkow, M., & Breithaupt, J. (2006). Information security: Principles and practices. Upper Saddle River, NJ: Pearson/Prentice Hall.…

    • 2994 Words
    • 12 Pages
    Better Essays
  • Powerful Essays

    [6] Pfleeger, Charles P., and Shari Lawrence. Pfleeger. Security in Computing. Fourth ed. Upper Saddle River, NJ: Prentice Hall, 2007. Print.…

    • 5810 Words
    • 24 Pages
    Powerful Essays
  • Powerful Essays

    Aix Audit Check List

    • 3519 Words
    • 15 Pages

    B. Determine whether the user access is controlled through the operating system, the database management system, or the application front-end menu system.…

    • 3519 Words
    • 15 Pages
    Powerful Essays
  • Satisfactory Essays

    Virtual Private Network (VPN) technology provides a way of protecting information being transmitted over the Internet, by allowing users to establish a virtual private tunnel to securely enter an internal network, accessing resources, data and communications via an insecure network such as the Internet. This research project give the overview of virtual private network (VPN), some VPN technologies and how to implement it in small business organization using some software.…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Intrusion Detection Software – features full-time monitoring tools that search for patterns in network traffic to identify intruders…

    • 839 Words
    • 4 Pages
    Satisfactory Essays
  • Good Essays

    Access Control Policy

    • 703 Words
    • 3 Pages

    Merkow, M., & Breithaupt, J. (2006). Information Security: Principles and Practices. Upper Saddle, NJ: Prentice Hall.…

    • 703 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Internet Disadvantages

    • 1255 Words
    • 6 Pages

    The main reason that people watch the news, and look through various sources of information is to make sure that their homes are safe from possible nuisances in the neighborhood or from severe weather. When working with a network, a series of computers tied together, there are new and dangerous hazards that can go unnoticed. Viruses and security breaches by hackers are a few of the hazards that they may encounter.…

    • 1255 Words
    • 6 Pages
    Good Essays