Call/WhatsApp: +1 914 416 5343

Implementing Network and Personnel Security Measures

Implementing Network and Personnel Security Measures

The security consulting firm that you work for has been awarded a contract to implement a new IT Security Infrastructure to secure the Information Technology data assets of a local government agency. This agency has many remote workers that are in the field and need to connect back to the agency’s system servers. The remote workers use a wireless network infrastructure to connect their electronic pads to servers located within the local government’s facility. The remote workers have needs to access property records, cite zoning violations electronically, and validate building permits. The public demand to expand IT services has grown faster than its ability to provide an adequately secured infrastructure. In fact, this government entity was previously featured on the news for having minimal security controls and methods for accessing property tax information of citizens. The inadequate security allowed many construction trade businesses to illegally access
property records and zoning violations. Your role in this project is to enhance and optimize the security mechanisms for accessing these systems.
Write a four page paper in which you:
1. Create an information flow diagram, using Visio or Dia, which:
A. Illustrates how remote users will securely connect to the government agency’s network.
B. Illustrates the patch of network devices that data packets must travel to get from server to remote user’s device and back to server.
Note: The graphically depicted solution is not included in the required page length.
2. Provide an equipment list of network security devices that would be needed to ensure the integrity and sensitivity of private information. In this list:
A. Propose at least two (2) vendor brands per each device and the associate costs required to procure these items.
B. Identify the functionality each device serves and the expected benefits the government agency should experience up on the successful installation of this equipment.
3. Develop a maintenance plan that should be recommended to the government agency to ensure having the   latest security measures available within the network in which you:
A. Describe the risks associated with not fulfilling the activities outlined within your maintenance plan.
B. Indicate specific activities, personnel / resources required, and frequency of execution.
4. Recommend at least four (4) physical security measures that could be developed to ensure the electronic perimeter of electronic assets.

As computers and other digital devices have become essential to business and commerce, they have also increasingly become a target for attacks. As personal computers as well as other electronic digital units have grown to be necessary to organization and trade, they also have increasingly turn into a objective for strikes. In this section, we will look at the fundamental principles of information systems protection and discuss a few of the measures which can be taken up minimize safety risks. We shall begin with a synopsis focusing on how organizations can stay protect. A number of different steps that a company might take to boost stability is going to be discussed. We will then follow up by analyzing stability safeguards that folks can take in order to secure their private computing atmosphere. When protecting information and facts, you want in order to reduce use of those people who are able to look at it all the others should be disallowed from studying something about its materials. This is the fact of secrecy. For example, government legislation necessitates that colleges restrict usage of personal college student information and facts. The university or college must make sure that only individuals who are authorized gain access to observe the quality records. Sincerity is the confidence that the details being accessed has not been modified and truly signifies exactly what is planned. Equally as somebody with reliability signifies what they says and will be trustworthy to consistently represent the truth, info sincerity implies details truly shows its planned meaning. Details can drop its integrity through destructive intention, such as when somebody that is just not approved will make a switch to intentionally misrepresent anything. An illustration of this this would be every time a hacker is appointed to enter the university’s program and change a quality.

Integrity can also be lost accidentally, for example whenever a personal computer power spike corrupts a file or a person authorized to generate a modify accidentally deletes a file or gets into inappropriate information and facts. Information and facts access is the next part of the CIA triad. Supply implies that information and facts can be used and modified by any individual permitted to do so within an correct timeframe. Depending on the sort of details, correct timeframe could mean different things. For example, a stock investor requirements information and facts to become readily available right away, whilst a sales person may gladly get revenue figures for the day within a record the next morning. Businesses such as Amazon.com will require their web servers to be readily available twenty-four hours a day, a week per week. Other manufacturers may well not endure if their internet machines are down for a couple of minutes occasionally. The most common way to determine an individual is thru their looks, but exactly how do we identify someone resting behind a computer display screen or on the Atm machine? Tools for authentication are utilized to ensure that the man or woman accessing the information is, in fact, who they promote themselves to get.

Authorization can be achieved by identifying a person through more than one of three factors: anything they know, anything they may have, or something they can be. For example, the most common type of authentication right now will be the user ID and pass word. In this instance, the authorization is carried out by affirming something which an individual knows (their ID and password). But this type of authorization is not difficult to give up (see sidebar) and stronger forms of authorization are often necessary. Discovering an individual only by something they have, say for example a important or possibly a greeting card, can also be difficult. When that figuring out token is misplaced or stolen, the identity can be easily thieved. The final factor, something you are, is much harder to compromise. This element determines an individual by using a physical characteristic, for example an eyes-scan or fingerprint. Discovering somebody through their actual physical qualities is referred to as biometrics.

A much more protect approach to verify an end user is to do multiple-aspect authentication. By incorporating two or more in the aspects in the above list, it might be much more challenging for a person to misrepresent themselves. A good example of this may be the usage of an RSA SecurID expression. The RSA device is some thing you have, and can produce a new access rule every sixty secs. To log on to an details resource utilizing the RSA product, you merge some thing you already know, a four-digit PIN, with the computer code created through the system. The best way to properly authenticate is actually by both learning the rule and achieving the RSA device. As soon as a consumer continues to be authenticated, the next phase is to ensure that they may only gain access to the information sources which are appropriate. This is done by making use of entry management. Access managing can determine which users are allowed to discover, alter, set, and eliminate information and facts. A number of different entry manage designs are present. Here we are going to go over two: the gain access to manage list (ACL) and function-centered gain access to handle (RBAC).

For each info source of information that the business desires to deal with, a long list of end users who have the ability to acquire specific measures can be accomplished. It is really an access control collection, or ACL. For every user, certain abilities are given, like go through, compose, eliminate, or put. Only consumers with those functionality may execute those capabilities. When a customer will not be on the list, they have no power to have any idea that the info source of information is present.

ACLs are simple to comprehend and keep. Nevertheless, they may have many negatives. The key drawback is the fact each information useful resource is handled independently, in case a security manager wanted to add more or get rid of a user to your huge pair of details sources, it would be very difficult. And as the number of users and sources increase, ACLs turn out to be more challenging to keep. It has generated an improved means of gain access to control, referred to as position-dependent accessibility handle, or RBAC. With RBAC, as an alternative to supplying particular consumers entry proper rights to a information and facts source, consumers are allotted to functions then those tasks are designated the access. This gives the managers to manage users and functions as a stand alone, simplifying supervision and, by extension, boosting safety.