Project Part 2: Security Domain and Strategies Now that Richman Investments has expanded with more offices, locations and clients, the need for protection of assets are greater. We have decided to implement the following policy for removable media: Richman Investments staff may only use Richman Investments’ removable media in their work computers. Richman Investments removable media may not be connected to or used in computers that are not owned or leased by the Richman Investments without explicit permission of the Richman Investments IT manager. Sensitive information should be stored on removable media only when required in the performance of your assigned duties or when providing information required by other state or federal agencies. When sensitive information is stored on removable media, it must be encrypted in accordance with the Richman Investments’ Acceptable Encryption Policy. Security assurance and user-friendly sites are required if Richman Investments is to be successful at attracting customers to their Internet sites. It is therefore important to be able to understand the business requirements and be able to translate these into a public network presence with security in mind. The Digital revolution of the 21st Century has not been achieved without its consequences. Real time business requirements and economic drivers have forced rapid changes to the methods used to conduct business-to-business and business to client communication. The Internet has now become a convenient and economic deployment medium for global business.
Richman Investments Computer users’ policy: Although employees are given PCs so they can deliver the task that they are assigned, it must be understood that these PCs are property of Richman Investments and must not be abused for personal use. Computer resources are expensive and so offensive material must not be downloaded and stored on business PCs. Richman Investments provided email systems should only be used for business purposes and care needs to be taken of any material sent via email. The company is liable for an employee’s action. Spam, mass mailing lists, playing games or engaging in online chat groups should be prohibited. Desktop and laptop users must make use of business loaded antivirus software to check all data on their PCS, downloaded data or data transferred via disks. Data loaded onto the network servers or sent outside the company must be virus checked.
Users must not be allowed to disable such software. Administrators can maintain better control of PC’s by implementing group policies as per departmental functions so that users cannot tamper with configurations. Always make sure that the latest updates/patches for all operating systems and application have been installed thus ensuring any known vulnerabilities are taken care of. Software and tools provided by Systems Management Servers can be used to audit all PCs. It is important to make users aware of the security policy and the risks that a business can run into if they are not followed correctly. Richman Investments will continue to educate users by regularly sending emails, holding awareness sessions and putting posters on notice boards. User education cannot be taken lightly, after the ”ILOVEYOU” virus (2000), which only required one user to open that email message and attachment to flood email servers and gateways. With the added number of employees, office expansion and crossing of the U.S. borders, Richman Investments will be implementing virus and malware programs to thwart malicious code and activity with the following countermeasures and prevention techniques.
The following is a list of countermeasure suggestions and brief description for implementation that Richman Investments will be implementing companywide.
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful guest management options, 802.1X support, layer-2 isolation of problematic devices. PacketFence can be used to effectively secure networks small to very large heterogeneous networks and can be tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.
ADMINISTRATION SOFTWARE
Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network.
AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats (e.g. dump and/or GNU tar) and can back up a large number of servers and workstations running multiple versions of Linux or Unix. Amanda uses a native Windows client to back up Microsoft Windows desktops and servers.
AUDIT AND MONITORING SOFTWARE
Spiceworks, a free network monitoring software with network management tools, help desk ticketing app, network mapper and more. The latest version of the software, Spiceworks v6.2, is the complete network monitoring & management, help desk, PC inventory, and software reporting solution to manage Everything IT in small and medium businesses.
Nagios is a powerful monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes.
CRYPTOGRAPHY SOFTWARE
7-Zip is open source software under the GNU LGPL license. 7-Zip has ZIP container-based AES-256 encryption. You can easily create a compressed archive of files and add a password to it.
AxCrypt: an open source file encryption software that lets you compress, encrypt, decrypt, store, send, and work with individual files. It works with the Windows shell and it uses AES-256 encryption.
Cryptext allows you to decode and encode files with a combined technology of SHAa1 and RC4. It locks files with a 160-bit password-protected keyword.
DATA COMMUNICATIONS SOFTWARE
JITSI is a VoIP, videoconferencing and instant messaging application for Windows, Linux and Mac OS X. It supports several popular instant messaging and telephony protocols.
FreeSWITCH, is a scalable open source cross-platform telephony platform designed to route and interconnect popular communication protocols using audio, video, text or any other form of media. MALICIOUS CODE AND MALWARE SOFTWARE ClamAV, is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. Gateway Anti-Virus, a Vermont Department of Taxes project, allows applications across the enterprise to check files for viruses by providing a SOAP-based virus scanning web service. Client applications submit files to the web service and the web service uses ClamAV to scan them for viruses. DATA RECOVERY SOFTWARE BackTrack is a distribution based on the Debian GNU/Linux distribution aimed at digital forensics and penetration testing use. It is named after backtracking, a search algorithm. Hiren's BootCD (HBCD) is a bootable software CD containing a number of diagnostic programs such as partitioning agents, system performance benchmarks, disk cloning and imaging tools, data recovery tools, MBR tools, BIOS tools, and many others for fixing various computer problems. JITSI is a VoIP, videoconferencing and instant messaging application for Windows, Linux and Mac OS X. It supports several popular instant messaging and telephony protocols. FreeSWITCH is a scalable open source cross-platform telephony platform, designed to route and interconnect popular communication protocols using audio, video, text or any other form of media.
SOFTWARE
WireShark: to browse the traffic running on the network.
Spiceworks: for network monitoring and management.
CCleaner: to find any issues users may find suspect on their own workstations and removable media.
Spybot - Search & Destroy for finding malware on any Windows machines.
AxCrypt will be used for file encryption and decryption across the network. In conclusion the aforementioned countermeasures can protect all domains from the user to the remote access domain. However, hackers are no longer trying to guess someone’s password, they are attempting to reach into the data and create havoc. Not having a plan or security measures in place IS a plan for failure. Richman Investments believes we are on the right path with the higher security measures and with user education.

Works Cited
""Cisco Catalyst 2950 WS-C2950G-48-EI 48-Ports External Switch Managed." EBay. N.p., n.d. Web. 02 Mar. 2013. <http://www.ebay.com/itm/Cisco-Catalyst-2950-WS-C2950G-48-EI-48-Ports-External-Switch-Managed-/290849826375?pt=US_Network_Switches>.
"Lenovo Ideacentre B305 AMD Quad-core 2.2GHz 4GB 1TB Desktop All-in-one Windows 7." EBay. N.p., n.d. Web. 02 Mar. 2013. <http://www.ebay.com/itm/Lenovo-Ideacentre-B305-AMD-Quad-core-2-2GHz-4GB-1TB-Desktop-All-in-one-Windows-7-/251195957648?pt=Desktop_PCs>.
Web. 02 Mar. 2013. <http://www.axantum.com/>.
"Optimize Your Home PC." RSS. N.p., n.d. Web. 02 Mar. 2013. <http://www.piriform.com/>.
"Safe Downloads and Expert Advice." Softonic. N.p., n.d. Web. 02 Mar. 2013. <http://spybot-search-destroy.en.softonic.com/>.
"Where IT Goes to Work." Free IT Community, Help Desk, and Network Monitoring. N.p., n.d. Web. 02 Mar. 2013. <http://www.spiceworks.com/>.
"Wireshark." · Go Deep. N.p., n.d. Web. 02 Mar. 2013. <http://www.wireshark.org/>