Thursday, June 6, 2019
Multi-Layered Security Plan Essay Example for Free
Multi-Layered Security Plan EssayProtecting sensitive or confidential info is predominant in many businesses. In the event such information is made public, businesses may face legal or financial ramifications. At the very least, they result suffer a loss of customer trust. In most cases, however, they can recover from these financial and other losses with appropriate investment or compensationHaving information of different certificate levels on the same computer systems poses a real threat. It is not a straight-forward matter to isolate different information trade protection levels, even though different users log in using different accounts, with different permissions and different access controls (Red Hat, Inc. 2006).Below I have listed the IT infrastructure of Richman Investments on with recommendations in each infrastructure on levels of security that should be implemented for a more secure network.IT Infrastructure Affected1. User Domain The pack who access an organ izations information system.* The first thing that should be implemented is a mandatory Computer Security training session to get up the users on the proper use of work computers.2. Workstation Domain Users (most) connecting to the IT infrastructure.* The workstation domain comes with its own problems such as unauthorized access to the system, the way to fix this problem would be to implement access policies and guidelines.3. LAN Domain A collection of computers connected to one another or to a common connection medium.* Implement sulphur or third level identity check to gain access to sensitive systems, applications, and date. Keep all hardware in a secure post with access only with proper ID.4. LAN-to-WAN Domain Link between the Wide Area Network (WAN) and the Internet.* Conduct post configuration penetration tests of the layered security solution within the LAN-to-WAN Domain. Test inbound and outbound traffic and fix any gaps. Also, apply e-mail server and attachments antiviru s and e-mail quarantining for unknown file types. bump domain-name Web site access based on content-filtering policies.5. WAN Domain Wide Area Network (WAN) connects remote locations to the Local Area Network (LAN).* encrypt confidential data transmissions through service provider WAN using VPN tunnels.6. Remote penetration Domain Connects remote users to the organizations IT infrastructure.* Remote Access Domain, Being that the users are off site it is hard to say that the users password information has not been compromised. In such cases when abnormalities are spotted or data is accessed without proper authorization, data should be completely encrypted to prevent any sensitive materials from being sold or presented to the open market.7. System/Application Domain- Holds all the mission-critical systems, applications, and data.* bring out a business continuity plan for mission-critical applications providing tactical steps for maintaining availability of operations. Perform regu lar rigorous software and Web-application testing and penetration testing front to launch.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.