...Project: Access Control Proposal * Phase I: Risk mitigation plan to identify critical IT assets * Phase II: Policies and procedures for protecting the IT assets Contents I. Introduction 2 II. Diagram of the proposed solution 3 III. Phase I:Access Control Risk Mitigation 3 1. Identified Treats and vulnerabilities 3 2. IT assets 4 3. Treats and vulnerabilities per IT Domain 4 4. The System Security Team 5 5. Access Control Plan 5 IV. Phase II: Policies and procedures for protecting the IT assets 6 1) General Security Practices for VPN Remote Access 6 2. Protecting Cyber Assets: Secure Interactive Remote Access Concepts 7 2. How Employee Accesses the Corporate Network 9 3. How external Partners (Vendor) Access the Corporate Network 9 V. Conclusion 13 I. Introduction Access control mechanisms operate at a number of levels in a system, from applications down through the operating system to the hardware. Higher-level mechanisms can be more expressive, but also tend to be more vulnerable to attack, for a variety of reasons ranging from intrinsic complexity to implementer skill levels. Most attacks involve the opportunistic exploitation of bugs; and software that is very large, very widely used, or both (as with operating systems) is particularly likely to have security bugs found and publicized. Operating systems are also vulnerable to environmental changes that undermine the assumptions used in their design. The main function of access control...
Words: 2458 - Pages: 10
...Network Infrastructure Proposal Per the request of (CUSTOMER) I have written the following proposal in order to clearly depict the benefits and steps required to install a computer networking infrastructure within the hospitals main building. Summary of requirement Fifty new workstations have recently been delivered to the IT staff for new employees. The (CUSTOMER) staff continues to grow at a phenomenal rate, and now needs a common storage area for sensitive patient information, and administrative data. Instant access to critical or time sensitive information is vital to operations. Searching through various local directories, on fifty plus different machines to locate one file is no longer acceptable. Security, data integrity, and administrative control all must be considered with any solution that is implemented. Project Analysis The scope of this project will be: To install infrastructure, plenum grade Multimode fiber optic cabling (MMF), plenum grade Category six copper cabling (Cat6), and wireless access points (WAP) throughout the main building in order to build a Windows Active Directory domain. We will then network all consumable resources, storage shares, and printers together, then control access with role-based access permissions. User groups will consist of Admin (IT), HR, Staff, and Medical according to (CUSTOMER)'s internal employee divisions, users will be dropped into appropriate group(s). Proposed Solution Aside from purchasing cabling and termination...
Words: 909 - Pages: 4
...with restricting physical access by unauthorized people (commonly interpreted as intruders) to controlled facilities, although there are other considerations and situations in which physical security measures are valuable (for example, limiting access within a facility and/or to specific assets and controls to reduce physical incidents such as fires). Security unavoidably incurs costs and, in reality, it can never be perfect or complete - in other words, security can reduce but cannot entirely eliminate risks. Given that controls are imperfect, strong physical security applies using appropriate combinations of overlapping and complementary controls. For instance, physical access controls for protected facilities are generally intended to: • deter potential intruders (e.g. warning signs and perimeter markings); • distinguish authorized from unauthorized people (e.g. using pass cards/badges and keys) • delay and ideally prevent intrusion attempts (e.g. strong walls, door locks and safes); • detect intrusions and monitor/record intruders (e.g. intruder alarms and CCTV systems); and • trigger appropriate incident responses (e.g. by security guards and police). It is up to security designers to balance security controls against risks, taking into account the costs of specifying, developing, testing, implementing, using, managing, monitoring and maintaining the controls. Physical access control is a matter of who, where, and when. An access control system determines who is allowed...
Words: 2097 - Pages: 9
...SMash: Secure Component Model for Cross-Domain Mashups on Unmodified Browsers Frederik De Keukelaere, Sumeer Bhola, Michael Steiner, Suresh Chari, Sachiko Yoshihama {eb41704, sachikoy}@jp.ibm.com, {sbhola, msteiner, schari}@us.ibm.com IBM Tokyo Research Laboratory, Kanagawa, Japan; IBM T.J. Watson Research Center, New York, USA ABSTRACT Mashup applications mix and merge content (data and code) from multiple content providers in a user’s browser, to provide high-value web applications that can rival the user experience provided by desktop applications. Current browser security models were not designed to support such applications and they are therefore implemented with insecure workarounds. In this paper, we present a secure component model, where components are provided by different trust domains, and can interact using a communication abstraction that allows ease of specification of a security policy. We have developed an implementation of this model that works currently in all major browsers, and addresses challenges of communication integrity and frame-phishing. An evaluation of the performance of our implementation shows that this approach is not just feasible but also practical. The technology discussed in this paper allows mutually mistrusting client-side components to communicate safely without any modifications to current browsers, and hence has the potential to achieve immediate and widespread adoption. Categories and Subject Descriptors: D.2.0 [General]: Protection...
Words: 10150 - Pages: 41
...PropAdvwork Proposal University of Maryland University College Shiv LLC will greatly benefit from using Windows Server 2012 to manage their network. Windows Server 2012 brings great updates to security and functionality over past editions of Windows. In this proposal, the major areas I will cover are Active Directory, Group Policy, DNS, File Services, Remote Services, and WSUS (Windows Server Update Services). These major roles have features that will make Shiv LLC Company’s infrastructure run smoothly. Active Directory Shiv LLC will have sites across a large geographic location. Because of this, a regional domain model should be used. Domains will be broken down into where users are working. For example, currently Shiv LLC has three locations, Los Angeles, Dallas, and Houston. This means there will be three domains, representing each of these cities. This strategy will make sure the network can be maintained by regional administrators, who will only worry about users in their area of the network. With this style of deployment, it can be difficult to decide what will be the forest root domain. The main staff for the company is in two cities, Dallas and Houston. This makes it difficult to make one of these sites the forest root domain. To make this decision neutral, a dedicated forest root domain can be suggested. This domain will be created only to function as the forest root. It will not contain and users, except for service administrator accounts for the forest root....
Words: 466 - Pages: 2
...Assessment of the Opportunity to Introduce Fingerprint Scanning Identification Technology at Associated Bank Request for Proposal in Assistance in the Project by Your Nam Your Nams A Research Proposal Submitted to in Partial Fulfillment of the Requirements for the Course in Project Procurement Your College 2011 Letter of Transmittal This research report was submitted by Your Nam and Your Nams under the direction of the instructor listed below. It was submitted to Your College and approved in partial fulfillment of the requirements for the course in Project Procurement. ______________________________________ _______________________________ Date Course Instructor Abstract Assessment of the Opportunity to Introduce Fingerprint Scanning Identification Technology at Associated Bank. Your Nam, , A. 2011: Research Proposal, Your College, Project Procurement. Key Terms: access control, biometrics, convenience sampling, customer perceptions, fingerprint identification, in-house research, long-term customer, quantitative research, quota sampling, respondent, security. This research was designed to study the acceptance of fingerprint scanning technology among customers and employees. This project addressed the need for fingerprint scanning technology at Associated Bank to reduce the need for photo identification when receiving...
Words: 4138 - Pages: 17
...Internal Building Security Proposal Internal security or the inner layer of security is an important aspect in any physical protection system and may contain several layers within. The placement of internal security addresses intruders or adversaries who could penetrate the outer and middle layers of the system, also known as the perimeter and external layer. Controls found within this layer include windows, protective lighting, intrusion detection systems, signs, barriers, locks, access control, and surveillance, all of which protect organizational assets (ASIS International, 2008). The value of the assets protected will determine the internal security protection required. An organization’s security plan will primarily address their perimeter security, external security, and access control. During this process internal security is often not addressed and no security measures are put into place (Curtis & McBride, 2011). To ensure an organization has a comprehensive security plan they must implement protective measures into their internal security plan. These protective measures include access requirements, reinforced walls and doors, biometric locks, safes and vaults, closed circuit television, and intrusion detection systems (ASIS International, 2008). Access/Entry Control and Recommendations Access control, just like any other security layer, is an important function of any security plan. It is also important to any business, especially those in the design, development...
Words: 1788 - Pages: 8
...Access Control Project Access Control: IS3230 By Andrew Reed November 20, 2012 TABLE OF CONTENTS 1 INTRODUCTION 1.1 Project Title 1.2 Project Schedule Summary 1.3 Project Deliverables 1.4 Project Guides 1.5 Project Team Members 1.6 Purpose 1.7 Goals and Objectives 2 Risks and Vulnerabilities 2.1 Overall 2.2 Billings, Montana 2.3 Warsaw, Poland 3 Proposed Budget 4 IDI Proposed Solution 4.1 Billings, Montana 4.2 Warsaw, Poland 5 Drawings 6 Conclusion 1 INTRODUCTION 1.1 Title of the project Access Control Proposal Project 1.2 Project schedule summary The project will be a multi-year phased approach to have all sites (except JV and SA) on the same hardware and software platforms. 1.3 Project deliverables • Solutions to the issues that the specifies location of IDI is facing • Plans to implement corporate-wide information access methods to ensure confidentiality, integrity, and availability • Assessment of strengths and weaknesses in current IDI systems • Address remote user and Web site user’s secure access requirements • Proposed budget for the project—Hardware only • Prepare detailed network and configuration diagrams outlining the proposed change • Prepare a 5 to 10 minute PowerPoint assisted presentation on important access control infrastructure, and management aspects from each location. 1.4 Project Guides Course Project Access Control Proposal Guide Juniper Networks Campus...
Words: 1198 - Pages: 5
... Ordering system throughout the world has relied on pens and papers. Problems such as missing orders and information sent to the wrong place arise. Furthermore, some could not be able to handle the massive volume of orders. Under the old manual ordering systems, it takes up too much time to process. Real time ordering and improved efficiency has been the focus of entrepreneurs. As with many business scenarios, getting rid of paper improves efficiency, reduces human error and allows information to flow to an infrastructure without a time consuming data input process. There is also less chance of handwritten orders being misread and a higher customer turnaround as customers will be served faster. In accordance to this, this system is a proposal on computerized ordering system for Pizza, other foods and beverages. The system is developed specially to meet the needs of Seafront. Point-of-Sale Inventory System is one of the essential components of a successful business. It is a modern replacement for the cash register in retail applications. It can help to record securely all the sales and customer’s orders, track products which are poor on business’ sales and of course manage inventory. This particular system can improve the way, the small and mid-sized businesses do their inventory and sale transactions. It will aid some of the common problems facing by business industries, that in this era of modernization, still using a manual process of inventory. Common problems...
Words: 570 - Pages: 3
...GROUP 2 PROJECT PART 1: DESIGNING A NETWORK PART 2: TYPES OF EQUIPMENT PART 3: PROTOCOL CHOICES PART 4: COMPANY PHONE SYSTEM PART 5: SECURITY PROPOSAL Project scenario: ABC Company with worldwide offices in the U.S. (San Francisco, Detroit, Washington, Indianapolis, and Tampa), Europe (Paris, Liverpool), Japan (Tokyo), and South America (Sao Paulo), is engaged in the development of audio and video special effects for the entertainment and advertising industry. The main design centers are in San Francisco, Detroit, Paris, Tokyo, and Sao Paulo. Corporate Headquarters are in San Francisco. The remaining offices are sales offices. Consider the company to operate on a 24x7 basis, because it is global. To meet the goals of this scenario, Group 2, made up of the members below, have been assigned the following tasks in designing a network structure for this project: 1. Sean Dillon: Project Manager, Contributor; Editor Parts 1, 2, 3, 4 and 5; Submitter. 2. Denzel Chatman: Project Contributor; Section 3. Parts 1, 2, 3, 4 and 5. 3. Christopher Foster: Project Contributor; Section 1-A. Part 1; Part 2; Part 3; Part 4; Part 5. 4. William Collado Cancel: Project Contributor; Section 1-E. Part 1; Part 2; Part 3; Part 4; Part 5; Microsoft Project Editor. 5. Alex Graves: Project Contributor; Section 1-B. Part 1; Part 2; Part 3; Part 4; Part 5. 6. Mark Fortune: Project Contributor; Section 1-C. Part 1;...
Words: 10833 - Pages: 44
...Joe Bailey ITS-2120 Network Security Proposal Introduction Fixem Orthopedic Therapy is a physical therapy facility that treats people who are recovering from various musculoskeletal surgeries. The company is based in Southern Maryland and consists of three separate offices: one in Brandywine, one in Indian Head, and an office that was recently built in Waldorf. These offices connect to each other through WAN links, and they are also capable of connecting to local doctors’ offices which allows patient records to be easily sent from a patient’s doctor to the facility that needs them. Fixem Orthopedic must ensure that only authorized individuals, mainly the receptionists and physical therapists, can have access to these sensitive records. These files contain information that malicious people can take advantage of such as Social Security numbers and credit card and billing information. The lack of a proper security policy can result in severe penalties for Fixem Orthopedic under the HIPAA Security Rule (“HIPAA Security Rule”). Measures must also be taken to protect the network from malware, including worms and viruses. These are very serious security threats that can slow or bring down the network as well as pose a threat to data stored on the computers. Finally, the employees can pose a risk to the network’s security if they have not been properly trained to handle social engineering tactics. Improvement The security of this business’s network is vital to its continued operation...
Words: 1725 - Pages: 7
...expects top-secret methods for safeguarding proprietary information on its recipes and product lines Note to Proponents: Please be sure to review the RFP document in its entirety before submitting proposals. Submission Format 1. Letter of Introduction • Preferably a one page document introducing the proponent and proponent’s submission. • It should include a brief history of your company and how long you have been in business. 2. Proposed Approach, Project Resources, Costs • An outline of the proposed project approach, process, procedures and timelines in other to meet the objectives of the project. If you have a lengthy document please provide a summary no more than 3 pages. • Performance measures for each of the key result areas (objectives.) • One of the key roles and equipment that needs to be monitors is our servers that monitor our security software on it. This would detail a 24 hours monitoring. • To provide 24 hours support in our Data Center on the QDX servers and threads. • Identification of the project manager and key project support personnel. Include a brief resume of the persons providing the services. • Identify and subcontractors that you would engage to assist in project completion. • An outline of anticipated time requirements and total cost of the proposal. • An outline of proposed hourly/daily rates including a breakdown by activity. 3. Qualifications and References To move to the next stage in the selection process, the proponent must demonstrate...
Words: 1200 - Pages: 5
...Conclusion……………………………………………………………………………..… 7 References……………………………………………………………………………….. 8 Outline I. Introduction a. Briefly discuss the background of GDI. b. Also, discuss about the given problem of the IT security, infrastructure, cost, etc. II. Discuss the important assets of the company that need protection c. Asset identification: “Identity and quantify the company’s assets” (Meyers, 2009, p. 215) i. Important assets include: 1. Computer network equipment (Meyers, 2009, p. 215) 2. Data (Meyers, 2009, p. 215) 3. Servers, printers 4. Routers, firewalls, switches, wireless devices, etc. d. Access control methods: sensitivity, integrity, availability (Meyers, 2009, p. 157). e. Risk and threat assessment: “Identify and access the possible security vulnerabilities and threats” (Meyers, 2009, p. 215). f. Identify solutions and countermeasures: “Identify a cost-effective solution to protect assets” (Meyers, 2009, p. 215). III. Security architecture for the company g. “The IT department should always have current diagrams of your overall network architecture on hand” (Meyers, 2009, p. 381). IV. A list of 20-30 possible policies that could be applied to this situation h. User Account Policy (Meyers, 2009, p. 170) i. Audit Security Policy (SANS) j. Email Security Policy (SANS)...
Words: 573 - Pages: 3
...Case Study 1: Access Control System Antonicia Holmes Course: CIS 210 Instructor: Bagus Adiyanto Strayer University November 5, 2015 Project Scope Statement: The scope of this project is to install an access control system in a dormitory. The ACS (Access Control System) will enable the dormitory door to unlock mechanically by the use of a proximity reader and combine with an existing security camera. The camera is programmed to spin around to point at him/her and video tape the person while he/she use their identification card to unlock the dormitory door. The Five Tasks The project can be carried out in 5 major tasks and each main task can be sub-divided into the following sub-tasks. 1.) Preparation of the Project It is the initial major task; the steps that have to be taken before the system is built. a) Creating a team to help perform with other tasks. b) Surveying the College Dormitory to study the location. c) Creating the design consisting of the dorm’s visual diagrams. d) Examine the current dormitory’s security system to integrate with ACS. e) Preparing proposals to management f) Estimating total cost. 2.) Installation It is the second task; the steps that include manually putting on the hardware required for the ACS, including its cameras and readers. a) Making the Control Panel b) Wiring c) Putting readers on the walls and doors. d) Repositioning the camera to point towards the readers on the external...
Words: 449 - Pages: 2
...Enterprise Security Network Access Control: User and Device Authentication August 2005 Intel IT is piloting new security methods to provide network access control by authenticating devices as well as users. Since networking has evolved to support both wired and wireless access, securing corporate networks from attack has become ever more essential. Therefore, to effectively enforce network access control policies in a proactive manner, we are developing a method to authenticate users and devices before they connect to the network. Network Access Control at Intel • Over 90,000 employees worldwide • 80 percent of knowledge workers are mobile and unwired • Over 50,000 remote access users Background As a global corporation, Intel IT supports more than 90,000 employees and contractors all over the world, and 80 percent of our knowledge workers are mobile and unwired. Network access depends more and more upon wireless LANs and WANs, as well as virtual private network (VPN) remote access. All of these technologies have the potential to open our network perimeter to threats. When we considered the threat of viruses and worms, it was evident that we needed additional controls to secure the enterprise network and its information assets from unauthorized devices and unauthorized people. Figure 1 shows how we could authenticate devices and users as part of the authentication pyramid. Figure 1. Authentication pyramid Info Use Auditing Access Control User Device Authentification...
Words: 1319 - Pages: 6
