Multi-Layered Security Plan Outline
MULTI-LAYERED SECURITY PLAN OUTLINE
User Domain
Risk, Threat, or Vulnerability
Lack of user awareness
• Conduct security awareness training display security awareness posters, insert reminders in banner greetings, and send e-mail reminders to employees.
User apathy toward policies
• Conduct annual security awareness training, implement acceptable use policy, update staff manual and handbook, discuss dring performance reviews.
Workstation Domain
Risk, Threat, or Vulnerability
Unauthorized access to workstation
• Enable password protection on workstations for access. Enable auto screen lockout for inactive time.
Unauthorized access to systems, applications, and data
• Define strict access control policies, standards, procedures, and guidelines. Implement a second-level test to verify a user’s right to gain access.
LAN Domain
Risk, Threat or Vulnerability
Unauthorized access to LAN
• Make sure wiring closets, data centers, and computer rooms are secure. Do no allow anyone access without proper ID.
Unauthorized access to systems applications, and data
• Defines strict access control policies, standards, procedures, and guidelines. Implement second-level identity check to gain access to sensitive systems, applications, and data.
LAN-to-WAN Domain
Risk, Threat or Vulnerability
Unauthorized network probing and port scanning
• Disable ping, probing, and port scanning on all exterior IP devices within the LAN-to-WAN Domain. Ping uses the Internet Control Message Protocol
Unauthorized access through the LAN-to-WAN Domain
• Apply strict security monitoring controls for intruustion detection and prevention. Monitor for inbound IP traffic anomalies and malicious-intent traffic. Block traffic right away if malicious
Remote Access Domain
Risk, Threat or Vulnerability
Brute-force user ID and password attacks
• Establish user ID and password policies requiring periodic changes (i.e., every 30 or 60 days). Passwords must be
User Domain
Risk, Threat, or Vulnerability
Lack of user awareness
• Conduct security awareness training display security awareness posters, insert reminders in banner greetings, and send e-mail reminders to employees.
User apathy toward policies
• Conduct annual security awareness training, implement acceptable use policy, update staff manual and handbook, discuss dring performance reviews.
Workstation Domain
Risk, Threat, or Vulnerability
Unauthorized access to workstation
• Enable password protection on workstations for access. Enable auto screen lockout for inactive time.
Unauthorized access to systems, applications, and data
• Define strict access control policies, standards, procedures, and guidelines. Implement a second-level test to verify a user’s right to gain access.
LAN Domain
Risk, Threat or Vulnerability
Unauthorized access to LAN
• Make sure wiring closets, data centers, and computer rooms are secure. Do no allow anyone access without proper ID.
Unauthorized access to systems applications, and data
• Defines strict access control policies, standards, procedures, and guidelines. Implement second-level identity check to gain access to sensitive systems, applications, and data.
LAN-to-WAN Domain
Risk, Threat or Vulnerability
Unauthorized network probing and port scanning
• Disable ping, probing, and port scanning on all exterior IP devices within the LAN-to-WAN Domain. Ping uses the Internet Control Message Protocol
Unauthorized access through the LAN-to-WAN Domain
• Apply strict security monitoring controls for intruustion detection and prevention. Monitor for inbound IP traffic anomalies and malicious-intent traffic. Block traffic right away if malicious
Remote Access Domain
Risk, Threat or Vulnerability
Brute-force user ID and password attacks
• Establish user ID and password policies requiring periodic changes (i.e., every 30 or 60 days). Passwords must be