NT2580
Project Part 1: Multi-Layered Security Plan
When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan.
In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year.
In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has antivirus and malware protection installed on them. Laptops are very vulnerable for loss or theft, so all company laptops should have an encrypted hard drive so that if they are stolen, the data contained on them is not recovered by anyone but the owner.
For the LAN domain, we need to have training about email scams. Most users know not to access suspicious emails when on our system but a quick training course will help. Also, adding spam filters will help get rid of most of the junk email, so there is much less risk of employees opening emails containing malware.
In the LAN-to-WAN domain, we need to shut down the FTP server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server.
In the WAN domain, we need to make sure that we have firewalls set up on our network to filter all incoming traffic. A firewall will stop all traffic coming on to our system that is not meant or not wanted on the Richman Investments network.
For the remote access domain, we need to make sure the VPN we use is secure so that our employees are not exposing sensitive data to anyone outside of our network. In order to do this we will make sure that everyone using a VPN to access our network has to authenticate to the system to get authorization.
For the systems/application domain, we need to lessen chances for attacks on our servers. This will be done by figuring out which ports and services are not being used and shutting off access to those ports. This will give hackers less ways onto our system. Also we need to make sure all servers have the latest patches and updates. These updates provide the latest security patches and keep our servers running at their full potential with less likelihood of vulnerabilities.
Applying all these security measures will ensure a much safer environment, technically speaking. This multi-layered security approach will help keep our network secure and running smoothly.
You May Also Find These Documents Helpful
-
Access to the company network will be secured by multiple firewalls set up with our routers. Firewall filters will be set up with a specific list of allowed users and programs. All other traffic will be blocked by default until it has been approved by IT. There will be a limited number of wireless access points around the building, with password access. These passwords will be changed on a regular basis. Access to the local network will be secured by user authentication passwords. Users will be limited to only the system resources that they absolutely need to complete their work. Users’ passwords must be changed every 90 days.…
- 348 Words
- 1 Page
Satisfactory Essays -
In addition to the already existing security layers, there should be an added layer specifically for incoming and outgoing emails.…
- 409 Words
- 2 Pages
Satisfactory Essays -
This MLS Plan will describe how the IT department will improve the security of each domain and how to protect the company’s information. The IT department will update all firewalls on the infrastructure and make sure to secure all ports that are open. This will help stop incoming traffic that is malicious. Another protection utilized will be anti-virus software,…
- 1234 Words
- 5 Pages
Better Essays -
When creating a multi-layered security plan, I would look at all seven domains of the IT infrastructure and then increase the security on each of those domains because that will increase the security for the whole plan. In the user domain, this is the quickest way for the system to be compromised the users. So I would implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will also need to be changed every 90 days and the same password cannot be used again for three calendar years. In the workstation domain, I would make sure that each workstations, whether desktop or laptop has some security on it like antivirus and malware protection installed. Laptops can be very vulnerable for loss or theft, which would make me install an encrypted hard drive so if it is stolen the data can only be retrieved by the owner. For the LAN domain, just train all users about email scams. I would guess that most users know not to access suspicious emails when on our system but I would still implement to the users a quick training course. Then I we should add spam filters this will help get rid of most of the junk email. In the LAN-to-WAN domain, we need to shut down the File Transfer Protocol (FTP) server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server. In the WAN domain, we need to make sure that we have firewalls set up on our network that will filter all incoming traffic. This firewall will stop all traffic coming on to our system that is not meant or not wanted our network. In the Remote Access Domain, we need to establish strict user password policies, as well as lockout policies to defend against brute force attacks, require the use of authorization tokens have a real-time lockout procedure if token is lost, or stolen. The last domain is System/Application domain we need to…
- 449 Words
- 2 Pages
Satisfactory Essays -
Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…
- 439 Words
- 2 Pages
Satisfactory Essays -
Scope this policy applies to all Richman Investments employees, contractors, vendors and agents with a Richman Investments-owned or personally-owned computer or workstation used to connect to the Richman Investments network. This policy applies to remote access connections used to do work on behalf of Richman Investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to: frame relay, DSL, ISDN, SSH, VPN, dial-in modems, and cable modems, etc.…
- 438 Words
- 2 Pages
Good Essays -
Identify any hardware or programming that may be basic – Ultimately the security of the framework will be a basic segment to keep up business and individual records guaranteed. There are a considerable measure of programming choices available, for instance, McAfee or Symantec that offers a framework protection bundle that consolidates Anti-disease security, Network Firewall, Password organization, Anti-Spam Technology, data encryption and data fortification. The last will be a major instrument to setup remembering the true objective to keep up supervision of data in case of hard plate crash or any emergency that requires a structure restore.…
- 605 Words
- 3 Pages
Good Essays -
I can understand your concern with your network security and better securing your information without losing productivity. You can set up your users to have their passwords be changed at a certain time and I would recommend a short amount of time in-between. And also you can have the passwords be in a certain context or to be made a certain way and make sheer that the security levels are high on them so that a hacker has a harder time to get in to the network. I recommend you use the following format; using capital and lower case letters the first letter of their name, their whole last name and their employee number, ex. “JVentura10415867@Domain*%$.Local” if someone tried to hack the account and all that they knew was the person name and the domain name they could not get in because it is very unlikely that they would know that person employee number and if they do then you have a spy in your company. Can also buy better security items to better your network things like smart card, finger print scanners, retinal scanners, and others. But I only recommend these for really sensitive information and only for certain users in your company. I hope that this has helped you in any way and I wish the best of luck to you.…
- 327 Words
- 1 Page
Satisfactory Essays -
The Workstation Domain is also another domain infrastructure that has great reason to be affect by internal use only data because this is where the user connects to the our network. The reason that this can cause security threats and other problems is because this domain can be connected via a personal laptop or even a cell phone or other mobile device.…
- 285 Words
- 2 Pages
Satisfactory Essays -
The next feature that I will suggest to Richman Investment would be Access control. Access control restricts access to network resources and would require the user to have privileges to the resources. This would go hand and hand with the first feature that I suggested. You will need this for the first feature that I picked to give the users proper permissions to resources and this will help keep users out that should not have access to the resource.…
- 444 Words
- 2 Pages
Satisfactory Essays -
Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.…
- 331 Words
- 2 Pages
Satisfactory Essays -
In the LAN-to-WAN domain the internal network is connect to a wide area network. This domain contains routers, firewalls, email content filters, and other similar devices. Routers will route the traffic leaving and coming into the network strict security ACLs will be applied to these devices. Hardware firewalls will be implemented into the network for further packet filtering. Intrusion prevention/detection systems will be on the network to protect against attacks to our network. The email is subject to scanning and filtering to prevent spam, malware, and viruses. (Kim & Solomon, 2012)…
- 539 Words
- 3 Pages
Good Essays -
So how do you secure your connection and block unwelcome visitors and stay away? It doesn’t require you to become IT professionals but simple things will secure your system.…
- 367 Words
- 2 Pages
Good Essays -
A layered security strategy will encompass Rouge protocols such as Bit mining and P2P, Unauthorized network scanning and probing, and unauthorized access to the network.…
- 928 Words
- 3 Pages
Good Essays -
Every time we have to change our index page htmls for an assignment, we have to log into our personalized servers with passwords. The reason for these passwords is because the information and permissions we have access to should be given to everyone, and therefore the information we have is encrypted from others. As it has become increasingly apparent, our everyday cyber footprint involves many interactions with some sort of encryption. Because of this, most of everything we discuss in class can be considered relevant to the importance of cryptography and/or…
- 773 Words
- 4 Pages
Better Essays