Friday, February 22, 2019
Multi-Layered Security Plan Essay
Protecting nociceptive or confidential selective study is prevalent in many businesses. In the event such(prenominal) information is make public, businesses may face legal or financial ramifications. At the in truth least, they will suffer a loss of customer trust. In well-nigh cases, however, they can recover from these financial and other losses with appropriate investing or compensationHaving information of different security levels on the aforesaid(prenominal) computer systems poses a real threat. It is not a straight-forward matter to discriminate different information security levels, even though different users put down in using different accounts, with different permissions and different gate controls (Red Hat, Inc. 2006). under I have listed the IT radical of Richman Investments along with recommendations in each infrastructure on levels of security that should be implemented for a more inviolable network.IT Infrastructure Affected1. User Domain The people who acc ess an make-ups information system.* The first thing that should be implemented is a mandatory Computer Security training session to educate the users on the proper use of work computers.2. Workstation Domain Users (most) connecting to the IT infrastructure.* The workstation domain comes with its own problems such as unauthorized access to the system, the way to fix this problem would be to implement access policies and guidelines.3. LAN Domain A collection of computers affiliated to one another or to a common connection medium.* fulfill second or third level identity check to discover access to sensitive systems, applications, and date. Keep every(prenominal) hardware in a secure location with access only with proper ID.4. LAN-to-WAN Domain unite between the Wide Area profit (WAN) and the Internet.* Conduct post constellation brainstorm tests of the layered security solution within the LAN-to-WAN Domain. Test incoming and outbound traffic and fix any gaps. Also, apply e-m ail horde and attachments antivirus and e-mail quarantining for unknown file types. Stop domain-name Web site access based on content-filtering policies.5. WAN Domain Wide Area Network (WAN) connects remote locations to the Local Area Network (LAN).* Encrypt confidential entropy transmissions through service provider WAN using VPN tunnels.6. Remote adit Domain Connects remote users to the organizations IT infrastructure.* Remote Access Domain, organism that the users are off site it is hard to say that the users password information has not been compromised. In such cases when abnormalities are spotted or data is accessed without proper authorization, data should be completely encrypted to prevent any sensitive materials from being sold or presented to the open market.7. System/Application Domain- Holds all the mission-critical systems, applications, and data.* Develop a business continuity plan for mission-critical applications providing tactical steps for maintaining availabil ity of operations. Perform regular rigorous software and Web-application testing and penetration testing prior to launch.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment