Keeping information assets secure is challenging for any business, regardless of its size. It seems there's no limit to the ingenuity and maliciousness of today's cybercriminals, hackers and identity thieves. In fact, hackers have become so sophisticated and organized that their operational methods are similar to those of traditional software development and business practices. When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of users passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. Project Part 1 Multi Layered Security Plan Richman Investments 1) General This MLS plan will give a brief overview of the security strategies that will be implemented at each level of the IT infrastructure. 2) User Domain a. The usage of security awareness training to instruct employees of Richman Investments security policies b. Auditing of user activity
Nt2580 Project 1 Multi Layered Security Plan
3) Workstation Domain a. The usage of antivirus and antimalware programs on each user computer b. Strict access privileges to corporate data c. Deactivation of media ports 4) LAN Domain a. Utilizing network switches b. WPA 2 encryption to wireless access points c. Securing server rooms from unauthorized access 5) LAN to WAN Domain a. Closing off unused ports via a firewall to reduce the chance of unwanted network access b. Monitor inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent c. Run all networking hardware with up to date security patches, and operating systems 6) WAN Domain a. Enforce encryption, and VPN tunneling for remote connections b. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks c. Enforce antivirus scanning of email attachments i. Isolate found malicious software (virus, Trojans, etc.) when found d. Deployment of redundant internet connections to maximize availability
Nt2580 Project 1 Multi Layered Security Plan
7) Remote Access Domain a. Establish strict user password policies, as well as lockout policies to defend against brute force attacks b. Require the use of authorization tokens, have a real-time lockout procedure if token is lost, or stolen c. Encrypt the hard drives of company computers, laptops and mobile device to prevent the loss of sensitive data. Works Cited Kim, D., & Solomon, M. G. Part 1: The Need for Information Security. In Fundamentals of Information Systems Security. Jones & Bartlett Learning.