Premium Essay

Multi-Layer Security

In: Computers and Technology

Submitted By vainscript
Words 474
Pages 2
For a multi-layered security plan one should start off at the weakest point in the system, this point would be the User Domain, "Employees are responsible For their use of IT assests". This domain is only as strong as its weakest user, meaning one person could possibly cause havoc for the system. The IT department has better things to do than sit and baby sit end users on their machines, so measures should be taken to reduce the chance that a users activity can pull down a system unknowingly or otherwise. The first thing that should be implemented is a mandatory Computer Security training session to educate the users on the proper use of work computers. Teach users to utilize their machine properly and you can effectively cut down on simple mistakes that leave the system open to attacks. Another point of security to look at is the user's ability to bring in and corrupt data using CDs, DVDs and USB drives. Automated virus scanning for files transferred from one of these devices or banning these items and disabling the use of them on the individual computers will fix most occurrences of this type of attack. Aside from the User domain another possible weak point is the Remote Access Domain, Being that the users are off site it is hard to say that the users password information has not been compromised. In such cases when abnormalities are spotted or data is accessed without proper authorization, data should be completely encrypted to prevent any sensitive materials from being sold or presented to the open market. To avoid people logging onto our systems remotely or by brute force attack, password delay and or denial after so many tries should be implemented, similarly real time lock out procedures should be taken in the event of theft of equipment. The workstation domain comes with its own problems such as unauthorized access to the system, the way to fix this

Similar Documents

Premium Essay

Multi-Layer Security Plan

...Ken Hoge System Security Project Multi-layer Security Plan When working in the field of IT we must make sure all data can be accessed to the proper employees when the need it. We would love to know that all of the information we have in our database is safe and secure however the number of hackers online today is skyrocketing. Most of these hackers are from other countries such as China or Russia that are trying to gain access to important information of large corporations and government institutions. Some of these hackers have all the time in the world on their hands and are taking any steps they can think of to try and exploit or gain access to financial assets. The first and for most thing we need to do is setup a multi-layered security plan to be able to deal with any incoming online threats and attacks. Most hackers will start with and end user on a network since they are the leased experienced in technical security measures. An outside attack will typically come from some sort of email sent to the end user attempting to get them to click on some sort of link and have them enter login information or some other security details. We can typically setup security protocols for these employees such as password changes every 30 days and increased password strength techniques. This will prevent attackers from being able to log onto employee accounts. Next we can move to the gateway that is the networks first line of defense. This defense will consist of some...

Words: 367 - Pages: 2

Free Essay

Multi-Layer Security Plan

...AUP. It is your responsibility, and contractual obligation, to ensure that your affiliates, agents, and/or customers (End User(s)) comply with this AUP.  Establish unique logon credentials for each user and require strong passwords. • Assign unique login credentials from the very beginning and have generally been very secure because of this. With the increasing demands of system security to ensure, logins have been made even more secure. This additional security is made possible through the use of Strong Passwords. A strong password is a series of words, letters, symbols and numbers which may be easy for a user to remember but difficult for another person to guess. We will review here the way in which you can implement additional login security through the use of strong passwords, and other advanced security settings.  Grant only the minimum privileges to each user required to accomplish that user’s tasks. • Identifying and influencing user behaviors that affect security are important to ensuring compliance within the User Domain. Behaviors that support or violate compliance with your security goals get the most attention. The following best practices do not guarantee compliance with all goals. However, they will lay the foundation to develop and maintain a secure environment. Workstation Domain:  Require unique user accounts for each person. • Only a user with administrator...

Words: 821 - Pages: 4

Premium Essay

Project 1

...Project Part 1: Multi-Layered Security Plan Loren Miller NT2580 Monday PM Introduction: Describe each layer of the Open System Interconnection (OSI) Model. List a security feature of each layer if it applies. List the protocol of each layer if it applies. List types of attacks that are you protecting against in each layer. Your goal is to be able to protect a web hosting company that has a global presence. This web hosting company supports customers in the following industries: Medical, Financial, and Governmental. Physical Layer: The Physical Layer defines the physical properties of the network, such as voltage levels, cable types, and interface pins (Baker). Any attack on the Physical Layer would have to be some type of physical action, like disrupting a power source, changing of interface pins, or cutting the actual cables. Simply tampering with someone’s fuse box outside their office can cause a disruption of service. Faulty power is a problem that can be caused accidentally by the power company, or intentionally by your competitor tampering with the fuse box. A smaller business may consider installing an Uninterrupted Power Supply (UPS) which may help avoid many unrecoverable power associated problems. The addition of a UPS to your critical system will give you time to perform an orderly shutdown when power is interrupted. An abrupt termination of power to any electrical equipment has potential for great damage. Much in the same way you might protect your home...

Words: 1467 - Pages: 6

Premium Essay

The Internet of Things

...See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/263893131 TruSMS: A trustworthy SMS spam control system based on trust management Article in Future Generation Computer Systems · July 2014 Impact Factor: 2.79 · DOI: 10.1016/j.future.2014.06.010 CITATIONS READS 4 2,022 4 authors, including: Zheng Yan Raimo Kantola Xidian University Aalto University 88 PUBLICATIONS 588 CITATIONS 91 PUBLICATIONS 298 CITATIONS SEE PROFILE All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately. SEE PROFILE Available from: Zheng Yan Retrieved on: 12 April 2016 This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and education use, including for instruction at the authors institution and sharing with colleagues. Other uses, including reproduction and distribution, or selling or licensing copies, or posting to personal, institutional or third party websites are prohibited. In most cases authors are permitted to post their version of the article (e.g. in Word or Tex form) to their personal website or institutional repository. Authors requiring further information regarding Elsevier’s archiving and manuscript policies are encouraged to visit: http://www.elsevier.com/authorsrights Author's personal copy ...

Words: 18072 - Pages: 73

Premium Essay

Is3230

...Design a Multi-factor Authentication Process Assessment Worksheet Design a Multi-factor Authentication Process Lab Assessment Questions & Answers 1. In an Internet Banking Financial Institution is Single Factor Authentication acceptable? Why or why not? Yes it can be acceptable because you can buff up security elsewhere. 2. Explain the difference between Positive Verification and Negative Verification? Negative verification is the opposite of positive verification. The customer must contact the bank to verify that the information is correct. 3. What vulnerabilities are introduced by implementing a Remote Access Server? Could Allow Remote Code Execution, two heap overflow, cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. 4. What is a recommended best practice when implementing a Remote Access Policy server user authentication service? Using multi-factor authentication. 5. Name at least 3 remote access protections or security controls that must be in place to provide secure remote access. Authorized secure remote access, Traffic inspection and Coordinated Threat Control, Centralized security management and enterprise-wide visibility and control. 6. When dealing with RADIUS and TACACS+ for authentication methods, what protocols are used at Layer 4 for each...

Words: 1143 - Pages: 5

Free Essay

It255 Project

...Richman Investments. As part of the general security plan of the organization the IT department puts together a proposal to provide multi-layered security strategies that can be applied at every level of the IT structure. The plan will lay out the importance of improving and safeguarding the levels of each domain and the process of protecting the information of the organization. User Domain At Richman Investments the personnel is accountable for the appropriate use of IT assets. Therefore, it is in the best interest of the organization to ensure employees handle security procedures with integrity. It is essential to create a strong AUP (Acceptable Use Policy) procedure and as part of the process, require employees sign an agreement to guarantee they understand and conform to implemented rules and regulations. In addition, the company will conduct security awareness training, annual security exercises, notices about securing information, and constant reminders security is everyone’s responsibility. Workstation Domain The plan to secure the workstation domain enforces a strong password policy on each workstation and also enables screen lockout protection for inactive times. Keeping all workstations with an up to date antivirus is essential. Furthermore, content filtering features will arrange access of specific domain names according to AUP definitions. In addition, workstations will have up-to-date application software and security patches conferring to company guide lines...

Words: 779 - Pages: 4

Premium Essay

E-Commerce Evolution

... E-commerce has become one of the most prevalent changes in the way we do business today. Businesses, before the creation of the web, were typically at a physical location where customers could come, browse, try-on, and purchase goods and services. Some of the disadvantages of this business model were: customers restricted by location, the need for larger amounts of inventory, larger retail space, and more employees to cover customer-service. E-commerce began with the advent of the Internet and started as billboards for information and advertisement purposes. Then as technology developed through the early 1980s, it grew into e-mail purchasing (Compuserve). From there, the World Wide Web, internet browsers (Netscape) and the first security protocol (SSL) were invented. These technologies, combined together, allowed for the safe transmission of data over the Internet and many entrepreneurs looked at new ways to take advantage of these technologies to grow and develop the way they did business. In 1994, the first services for processing online credit card sales were developed along with digital IDs and certificates to verify the identity of online businesses. Then by 1995 Amazon was selling their first products on-line and their customers were from all 50 states and over 45 countries breaking down some of the restrictions of a traditional retail store. With the development of Web 2.0, broad-band services and more affordable and easy-to-use e-commerce solutions, the e-commerce...

Words: 2003 - Pages: 9

Free Essay

Technology Project

...NET 210 WAN TECHNOLOGY PROJECT ANALYSIS ON HOW TO SECURE REMOTE ACCESS FOR ENTERPRISE NETWORK SYSTEM Submitted to: Jacky Chao Min By: MARTHE M. NSABA 300682552 TABLE OF CONTENTS INTRODUCTION | 3 - 6 | PROTECTION OF CPE DEVICES | 7 - 9 | SECURE REMOTE ACCESS THROUGH DIFFERENT AUTHENTICATION | 10 - 15 | SECURE REMOTE ACCESS FOR MOBILE UTILIZATION | 16 - 17 | BIBIOGRAPHY | 18 | INTRODUCTION In this developing environment, we note that varying business utilise different kinds of networks according to the business structures and policies, so managing access to all those networks can be complicated and security threatening. It is a key objective that for an enterprise to operate efficiently, its accessibility should be unlimited and this is when remote access is introduced. As the volume of enterprise information and data is increasing exponentially, it is an expectation that this data is easily accessed and shared among each other. To enable this, smarter network access called Remote access was introduced to deliver various degrees of data efficiently through mobile devices, applications and machines in order to stimulate productivity. There are three main types of remote access, namely Basic, Advances and Enterprise. In this paper, we will focus on Enterprise Remote access. Some of the advantages of Enterprise Remote access are; Increased high availability required for different and high volume application Remote access maintains and controls...

Words: 3060 - Pages: 13

Premium Essay

Global Pharmaceutical Industry

...SA SERIES SSL VPN APPLIANCES PRODUCT LINE PRESENTATION Submitted by: RADIUS Consulting Ghana Limited AGENDA 1. SSL VPN Market Overview 2. SSL VPN Use Cases 3. Access Control and AAA 4. End-to-End Security 5. Junos Pulse 6. Secure Meeting 7. Business Continuity with SSL VPN 8. Hardware, Management and High Availability 2 www.radiusconsultingghana.com Copyright © 2010 Juniper Networks, Inc. www.juniper.net BUSINESS CHALLENGE: GRANT ACCESS VS. ENFORCE SECURITY Maximize Productivity with Access...  Allow partner access to applications (Extranet portal)  Increase employee productivity by providing anytime, anywhere access (Intranet, E-mail, terminal services) …While Enforcing Strict Security  Allow access only to necessary applications and resources for certain users  Mitigate risks from unmanaged endpoints  Customize experience and access for diverse user groups (partners, suppliers, employees)  Enable provisional workers (contractors, outsourcing)  Enforce consistent security policy  Support myriad of devices (smartphones, laptops, kiosks) …And the Solution Must Achieve Positive ROI  Minimize initial CAPEX costs  Lower ongoing administrative and support OPEX costs 3 www.radiusconsultingghana.com Copyright © 2010 Juniper Networks, Inc. www.juniper.net THE SOLUTION: JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES Mobile User – Cafe  Secure SSL access to remote users from any device or location  Easy access from Web-browsers – no client software to manage...

Words: 3503 - Pages: 15

Free Essay

Benefits of Using Ipv6 in Distributed Virtual Private Networks (Vpns)

...Benefits of using IPv6 in Distributed Virtual Private Networks (VPNs) Introduction The many advantages of improving and corporation's network, particularly its Virtual personal Networks (VPNs) from IPv4 to IPv6 create the expenses related to the move recoverable from increased network steadiness, auto-configuration, security, mobility, increase and quality-of-service and multicast capability (Cisco 2007). First, in phrases of quantitative, address varies for an IPv6-based network is 128-bits, providing the company lots higher security, likewise (Fink, 1999). Secondly, the safety concerns with regards to utilizing DHCP to assign information science addresses victimization IPv4 these days will be mitigated with the homeless reconfiguration capability of IPv6 (Lehtovirta, J 2006). With several of the systems throughout the company administered remotely exploitation IPsec-based VPNs, the opportunity to maneuver to more secure VPNs attributable to IPsec-mandated end-to-end security exploitation IPv6 also adds in greater levels of security moreover. The increasing use of wireless connections by members among the IT employees to observe and maintain IT systems also can currently be potential exploitation Mobile IP with Direct Routing (Cisco 2007). The redoubled support for protocols specifically for multicast routing are also supported in IPv6, that may build marketing’s’ several webinars and on-line initiatives additional expeditiously delivered, moreover. Most vital concerning...

Words: 3876 - Pages: 16

Premium Essay

Automate Inventory System

...Abstract This paper describes the Inventory Management System sufficiently to determine the feasibility and usability of a finished system. The core concept is to track the sale of items from the cash registers with additional features for interpreting the data. It uses a client-server model with a connected database to allow multiple stores and warehouses to be connected. This allows for later expansion while still supporting the targeted small businesses. The core features and final framework should be completed within 2 weeks, leaving 5 weeks to implement additional features and testing. 1. Operational Concepts The Inventory Management System is a real-time inventory database capable of connecting multiple stores. This can be used to track the inventory of a single store, or to manage the distribution of stock between several branches of a larger franchise. However, the system merely records sales and restocking data and provides notification of low stock at any location through email at a specified interval. The goal is to reduce the strain of tracking rather than to handle all store maintenance. Further features may include the ability to generate reports of sales, but again the interpretation is left to the management. In addition, since theft does occasionally occur, the system provides solutions for confirming the store inventory and for correcting stock quantities. 2. System Requirements The Inventory Management System uses a web-based interface...

Words: 1331 - Pages: 6

Premium Essay

Blank

...Interested in learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. SSL Man-in-the-Middle Attacks TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. The advent of Dug Song's 'webmitm' in late 2000 demonstrated the feasibility of mounting an MITM attack on the protocol, but a properlyconfigured client SSL implementation would warn the user about problems with the server certificate. This paper examines the mechanics of the SSL protocol attack, then focuses o... Copyright SANS Institute Author Retains Full Rights AD SSL Man-in-the-Middle Attacks Peter Burkholder February 1, 2002 (v2.0) Abstract TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. The advent of Dug Song's 'webmitm' in late 2000 demonstrated the feasibility of mounting an MITM attack on the protocol, but a properlyKey fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 configured client SSL implementation would warn the user about problems with the server certificate. This paper examines the mechanics of the SSL protocol attack, then focusses...

Words: 6154 - Pages: 25

Free Essay

Remote Desktop

...Remote Desktop Project ====================== (Work In Progress) Mark McLoughlin (mark@skynet.ie) December 1st, 2003 1. Problem Description ====================== In enterprise installations system administrators typically have to deal with a large number of pretty basic problems on users' machines. Remotely taking control of a user's desktop to fix the problem while at the same time training the user as to how to resolve the problem for themselves is an effective and simple way to handle these types of support scenarios. Currently there is no way to do this with GNOME. 2. Overview =========== The basic requirement for such a tool is some method of sharing a desktop session between multiple users. The sysadmin sees what the user sees and the user sees what the sysadmin sees. However, the technology behind this is obviously useful in other ways. Here in Sun, for example, we make widespread use of VNC for some basic collaboration. Targetting this project purely at the Remote Assistance use case will leave some users wondering "why ... why on earth did you make it impossible for us to use this like VNC?". This project, therefore, also encompasses the use case of a simple form of collaboration by sharing access to a desktop session. There are various existing technologies in this area which all work in very similar ways. This project will follow...

Words: 7447 - Pages: 30

Free Essay

Dfdgfg

...Build Your Report | Symantec http://www.symantec.com/threatreport/print.jsp?id=highlights... BOOKMARK THIS PAGE | PRINT THIS PAGE | CLOSE Internet Security Threat Report Volume 17 Custom Report SHARE THIS PAGE Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010. Web based attacks increased by 36% with over 4,500 new attacks each day. 403 million new variants of malware were created in 2011, a 41% increase of 2010. SPAM volumes dropped by 34% in 2011 over rates in 2010. 39% of malware attacks via email used a link to a web page. Mobile vulnerabilities continued to rise, with 315 discovered in 2011. Only 8 zero-day vulnerabilities were discovered in 2011 compared with 14 in 2010. 50% of targeted attacks were aimed at companies with less than 2500 employees. Overall the number of vulnerabilities discovered in 2011 dropped 20%. Only 42% of targeted attacks are aimed at CEOs, Senior Managers and Knowledge Workers. In 2011 232 million identities were exposed. An average of 82 targeted attacks take place each day. Mobile threats are collecting data, tracking users and sending premium text messages. You are more likely to be infected by malware placed on a legitimate web site than one created by a hacker. Introduction Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network, which is made up of more than 64.6 million attack sensors and...

Words: 44470 - Pages: 178

Premium Essay

Software Requirements Specification Document

...Software Requirements Specification for Mountain Bank Cell Phone App Version 5.0 approved CS455/Techs2ATee May 11, 2015 Table of Contents 1. Introduction 1 1.1 Purpose 1 1.2 Document Conventions 1 1.3 Intended Audience and Reading Suggestions 2 1.4 Project Scope 2 1.5 References 3 2. Overall Description 6 2.1 Product Perspective 6 2.2 Product Features 6 2.3 User Classes and Characteristics 7 2.4 Operating Environment 7 2.5 Design and Implementation Constraints 7 2.6 User Documentation 8 2.7 Assumptions and Dependencies 8 3. System Features 9 3.1 Establish Secure Session 9 3.1.1 Description and Priority 9 3.1.2 Stimulus/Response Sequences 9 3.1.3 Functional Requirements 9 3.1.4 Secure Session Test Script 10 3.2 Login 12 3.2.1 Description and Priority 12 3.2.2 Stimulus/Response Sequences 12 3.2.3 Functional Requirements 12 3.3 View Balances 13 3.3.1 Description and Priority 13 3.3.2 Stimulus/Response Sequences 13 3.3.3 Functional Requirements 13 3.4 View Transaction History 14 3.4.1 Description and Priority 14 3.4.2 Stimulus/Response Sequences 14 3.4.3 Functional Requirements 14 3.5 Transfer Funds 15 3.5.1 Description and Priority 15 3.5.2 Stimulus/Response Sequences 15 3.5.3 Functional Requirements 15 3.5.4 Funds Transfer between Accounts Test Script 16 3.6 Deposit 20 3.6.1 Description and Priority 20 3.6.2 Stimulus/Response Sequence 20 3.6.3 Functional Requirements 20 3.6.4 Successful Deposit Test Script 21 4. External...

Words: 13282 - Pages: 54