TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents

The Research Paper Factory

Free Essay

Richman Investments Security Outline

In:

Submitted By Jedimaster0
Words 1016
Pages 5
Richman Investments Security Outline Welcome to Richman Investments (RI) where we strive to bring you the most secure, reliable, and available resources that we can offer. We know that work needs to be done and that most of you aren’t aware of the security procedures taking place behind the scenes. We have devised a summary of the seven domains of the company and its security model. Please take the time to read this over and understand the implications of not following company guidelines, procedures, and policies.
The user domain contains the users and/or employees that will be accessing resources within the organizations information system. A user can access systems, applications and data within the rights and privileges defined by the AUP (acceptable use policy). The AUP must be followed or the user may be dismissed or have their contracts terminated. With the user domain being one of the most vulnerable aspects of any organization, there are a wide variety of user related threats ranging from lack of awareness to blackmail and extortion. Employees are responsible for their own actions when using company assets and the HR department will be doing background checks on all employees within the company to ensure integrity within the workforce. Enforcement of the user level domain will include the use of RFID badges and pins for all areas of the facility and rooms that require special access. The workstation domain is where most users connect to the organizations infrastructure. That means that tight security and access controls will be enforced on company assets and users must authenticate themselves before access will be granted. This authentication process may be accomplished with smart cards and pins on some devices. Strong passwords or passphrases meeting password requirements will be used all other devices. A company asset can be a desktop, laptop, tablet, or smartphone device that has been approved on the network. These assets will be equipped with antivirus software and have all security patches. Data used on the assets within the company will have data restrictions ensuring data integrity. The LAN domain, or Local Area Network, is the collection of computers and devices that allows our organization to function. This includes data closets, physical network equipment, and the logical configurations of the equipment. There will be many security measures and restrictions applied to the configuration of the medium in which data travels through our organization. These rooms will have a physical layer and a logical layer of security. The logical layer of security may include but is not limited to, VPN, SSL, PPTP, and MAC enforcement (Port Security). The LAN-to-WAN domain contains the infrastructure links to the wide area network. This domain contains routers, firewalls, Intrusion detection/prevention systems, proxy servers, email content filters, and other similar devices. Routers will route the traffic leaving and coming into the network strict security ACLs will be applied to these devices. Hardware firewalls will be implemented into the network for further packet filtering. IPS and IDS systems will be present on the network as well fending off incoming attacks to our network. Proxy servers will be used for all internet access as a central point of administration and security. Also, all email will be subject to harsh scanning and filtering to prevent spam, malware, and viruses. The WAN domain contains the devices and connections between sites. The wide area network is a very complex part of the network infrastructure and will be under strict security as well. VPNs, PPTP, and other methods of encrypting traffic coming and leaving our network will take place. Firewalls will be implemented on this domain as well and will filter traffic between sites to ensure prevention of malicious attacks. Also, all WAN equipment will be subject to the high availability model, along with other domains, ensuring constant access to your data. The Remote Access domain helps our users and administrators stay connected to the network away from work. This domain includes services like email, cell phone service, VPN for home work, and secure remote access for infrastructure administrators. This domain is very important to secure because it can have the largest security footprint. Most malicious attacks come from insecure remote access services or by mistakes made by users. Risks to this domain may include brute force user ID and password attacks, multiple logon or password retries, unauthorized remote access, data compromised remotely, stolen mobile devices, stolen authentication device (smart card/token). To mitigate these risks RI will be taking measures to encrypt traffic to ensure secure data over remote access services. Also, enforcing machine lockout procedures such as timeouts and locking of the device when the smart card/token is removed will mitigate unauthorized personal using the assets. The System/Application domain holds all mission-critical systems, data, and applications. This domain is the seventh layer of defense in the model. Risks to this domain may include unauthorized access to data centers, computer rooms, and wiring closets. Policies, standard, company procedures and guidelines will prevent many of the risks associated with this domain. Also, following the data classification standards and use of second-level authentication will prevent unauthorized access to the systems. At this level, data corruption or loosing data is a large issue. A strict backup and recovery plan will be in effect and maintained at all times to ensure optimal resource availability. Backed up data will then be copied once a week to an offsite location until it is needed or no longer valid. When it comes to our systems we cannot afford them to be down for too long and having a recovery plan will ensure that RI maintains strict availability standards for its customers. Thank you for reading this summary. RI appreciates its senior members and thanks you for reading this material. Please be ever vigilant and aware of the security risks and countermeasures within RI and its systems. The users are the first step in security and often the weakest link. We must strive to keep security and procedures/policies in the front of our minds and keep them from being an afterthought.

Similar Documents

Premium Essay

Security Plan Outline for Richman Investments

...Security Plan Outline for Richman Investments User Domain • Restrict access to data and applications that is not required for employee to do their job. • Review and Revise user conduct and security polices every six months. • Conduct annual security training seminars with system users and staff. Conducting annual security training for the user in the user domain will cover the Acceptable Use Policy (AUP) for which users will be informed of what is and what is not acceptable use of the system. Workstation Domain • In house testing of operating system updates prior to user workstation deployment. • Strict access control policies and procedures for user access to system and data. • 72 Day password renewal for workstation and 180 day user password renewal. • Content filtering and anti-virus scanning of all incoming data. Quarantine of unknown file types. Securing a user workstation with approved updates will help prevent potential system corruption and in house data from being exposed. LAN Domain • Proper identification and two key turners to be granted access to Data Centers and wiring closets with 24/7 CCTV monitoring. • Periodic LAN vulnerability assessments. Keeping our LAN under lock and key prevent tampering of with the networks hardware. Access to the LAN devices is the easiest way to compromise a network. LAN to WAN Domain • Disable ping, probing, and port scanning of exterior devices. • Strict monitoring for intrusion detection on inbound IP...

Words: 501 - Pages: 3

Premium Essay

Meow Investments Meow Documents

...Unit Plans Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and availability (CIA) concepts  Layered security solutions implemented for the seven domains of a typical IT infrastructure  Common threats for each of the seven domains  IT security policy framework  Impact of data classification standard on the seven domains Reading  Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work:  Data Classification Standard  Information System  Information Systems Security  Layered Security Solution  Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes  You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions...

Words: 1409 - Pages: 6

Premium Essay

Impact of a Data Classification Standard

...Following are three important “Internal Use Only” data classification standards of Richman Investments: 1. User Domain – This layer is by far the most vulnerable portion of any IT infrastructure. Without restrictions and education a user would have free rein to expose a network to a myriad of security risks. Richman Investments is not immune to this blight. For this reason, special attention is given to precautions for and education of users. Domain administrators have processes in place to monitor user activity and limit access to portions of the domain. These rules are defined under the acceptable use policy. This policy outlines what users are allowed to do with the company data that they have access to. Above all, users are accountable for their own actions. They are expected to secure their physical and virtual environment to the best of their abilities. 2. Workstation Domain – Another integral part of the overall security of any network. This domain is the access to the local area network via something like a NIC card. It is accomplished through some type of verification as a deterrent to hackers. Here is Richman Investments we have a multi-level security system in place. First, to access any area that contains a workstation at least one door requiring a key card will need to be entered. Next, at the workstation your username has been replaced by biometrics via your thumbprint. With the print you will have to enter your password. Password requirements include: at least...

Words: 454 - Pages: 2

Premium Essay

Internet and Email Aups

...E-mail Acceptable Use Policy Purpose E-mail is a critical mechanism for business communications at Richman Investments. However, use of Richman Investments’ electronic mail systems and services are a privilege, not a right, and therefore must be used with respect and in accordance with the goals of Richman Investments. The objectives of this policy are to outline appropriate and inappropriate use of Richman Investments’ e-mail systems and services in order to minimize disruptions to services and activities, as well as comply with applicable policies and laws. Scope This policy applies to all e-mail systems and services owned by Richman Investments, all e-mail account users/holders at Richman Investments (both temporary and permanent), and all company e-mail records. Account Activation/Termination E-mail access at Richman Investments is controlled through individual accounts and passwords. Each user of Richman Investments’ e-mail system is required to read and sign a copy of this E-mail Acceptable Use Policy prior to receiving an e-mail access account and password. It is the responsibility of the employee to protect the confidentiality of their account and password information. All employees of Richman Investments will receive an e-mail account. E-mail accounts will be granted to third-party non-employees on a case-by-case basis. Possible non-employees that may be eligible for access include: • Contractors. • Employees. • Interns. Applications for these temporary...

Words: 1904 - Pages: 8

Premium Essay

It255

...this policy is to define standards to be met by all equipment owned and/or operated by Richman Investments located outside Richman Investment's corporate Internet firewalls. These standards are designed to minimize the potential exposure to Richman Investment from the loss of sensitive or company confidential data, intellectual property, damage to public image etc., which may follow from unauthorized use of Richman Investment resources. Devices that are Internet facing and outside the Richman Investment firewall are considered part of the "de-militarized zone" (DMZ) and are subject to this policy. These devices (network and host) are particularly vulnerable to attack from the Internet since they reside outside the corporate firewalls. The policy defines the following standards: * Ownership responsibility * Secure configuration requirements * Operational requirements * Change control requirement 2.0 Scope All equipment or devices deployed in a DMZ owned and/or operated by Richman Investment (including hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by Richman Investment, must follow this policy. This policy also covers any host device outsourced or hosted at external/third-party service providers, if that equipment resides in the "RichmanInvestment.com" domain or appears to be owned by Richman Investment. All new equipment which falls under the scope of this policy must be configured...

Words: 1219 - Pages: 5

Premium Essay

Nt2580 Unit 4 Assignment 2

...for anyone who utilizes the electronic devices to access information via the internet. Richman Investments is committed to protecting employees, partners and the company from illegal or destructive actions whether knowingly or unknowingly. Internet or Intranet related systems, including but not limited to the World Wide Web, storage media, operating systems, network accounts and electronic mail are intended to be used for business pertaining to Richman Investments. It is the responsibility of each electronic device user to know the guidelines of the Acceptable Use Policy and to adhere to the Acceptable Use Policy of Richman Investments. 2. Purpose To outline and give a clear precise definition of what is and what isn’t acceptable when using the property of Richman Investments. Property including but not limited to computers, internet service, email service, storage media, operating systems or network accounts. Inappropriate use of either of the aforementioned exposes Richman Investments to legal liability and/or risks of damage to company hardware and/or software. 3. Scope The Acceptable Use Policy applies to all employees, contractors, clients, visitors and partners to Richman Investments headquarters and its satellite properties. Each employee, contractor, client, visitor or partner is expected to exercise good judgement and use the property of Richman Investments for business appropriate reasons. All property including but not limited to internet service...

Words: 689 - Pages: 3

Premium Essay

It255 Part 1

...IT-255 Part 1 Multi-Layer Security Outline Task at hand: Richman Investments Network Division has been handed the task of creating a general solutions outline for safety of data and information that belongs to their organization. This following outline will cover the security solutions of the seven domains that the IT infrastructure is made of. User Domain | The User Domain being the weakest link of the seven layers. This is from lack of users not aware of security policies and procedures. | To secure this link to its fullest. The employees should be trained and updated with security policies and procedures. The system should have firewall and antivirus software installed as well. | Workstation Domain | The Workstation Domain can be made up of desktops, laptops, iPods and or personal assisting tools like Smartphone’s. | The common threat to the Workstation is the unauthorized access to the system. The solution would be to enable password protection and automatic lockout during time of inactivity. | LAN Domain | LAN being a collection of computers connected to each other. The links can use several tools direct connected with a switch and wireless with a router being the most common. | Unauthorized access can tap into and work its way into workstations, data centers (servers). To put a block and set-up counter measures a Firewall and OS Security Software installed and monitored. | LAN-TO-WAN Domain | LAN-to-WAN is where the IT infrastructure links to a wide...

Words: 779 - Pages: 4

Free Essay

It255 Project Part 1

...Richman Investments Security Outline Richman Investments has experienced an increase in security breaches that have resulted in the loss of company proprietary information and damage to systems due to many virus and Trojan Horse infections. The following outline contains some of the security mitigation proposals to be implemented shortly. This is just a basic plan for the moment and if security breaches continue, more stringent policies will be installed. The Seven Domains of a typical IT infrastructure are as follows, with the corresponding security proposed for each domain. 1.) User domain proposal: Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on Acceptable use policy (AUP) monitoring and compliance. 2.) Workstation Domain proposal: Use workstation antivirus and malicious code polices, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 3.) LAN Domain (including wireless LANs) proposals: Implement encryption between workstations and Wireless Access Points (WAPs) to maintain confidentiality. 4.) LAN-to-WAN Domain proposal: Conduct post configuration penetration tests of the layered security solution within the LAN-to WAN Domain. Test inbound and outbound traffic and fix any gaps. 5.) Remote Access Domain proposal: Apply first-level (i.e., user ID and password) and...

Words: 335 - Pages: 2

Free Essay

It255 Project

...Part I The following outline presents the fundamental solutions for the safety of data and information that belongs to Richman Investments. As part of the general security plan of the organization the IT department puts together a proposal to provide multi-layered security strategies that can be applied at every level of the IT structure. The plan will lay out the importance of improving and safeguarding the levels of each domain and the process of protecting the information of the organization. User Domain At Richman Investments the personnel is accountable for the appropriate use of IT assets. Therefore, it is in the best interest of the organization to ensure employees handle security procedures with integrity. It is essential to create a strong AUP (Acceptable Use Policy) procedure and as part of the process, require employees sign an agreement to guarantee they understand and conform to implemented rules and regulations. In addition, the company will conduct security awareness training, annual security exercises, notices about securing information, and constant reminders security is everyone’s responsibility. Workstation Domain The plan to secure the workstation domain enforces a strong password policy on each workstation and also enables screen lockout protection for inactive times. Keeping all workstations with an up to date antivirus is essential. Furthermore, content filtering features will arrange access of specific domain names according to AUP definitions...

Words: 779 - Pages: 4

Premium Essay

Multi-Layered Security Outline Plan

...RICHMAN FINANCIAL INVESTMENTAND CONSULTING FIRM Multi-Layered Security Outline Plan IT Infrastructure Security Daniel Satterfield 7/1/2014 Identification of Risks, Threats, and Vulnerabilities along with proposed Security measures and controls   MULTI-LAYER SECURITY PLAN (OUTLINE) FOR RICHMAN INVESTMEN The following Multi-Layered Security Plan outline I am submitting for approval and implementation for Richman Investments, will provide a sound security plan for the firms most important mission critical assets, identifying and reducing vulnerabilities, Risks and threats to the firms confidential proprietary intelligence, sensitive customer data and other important assets within each of the Seven Domains that make up the core for the IT infrastructure as a whole. An aggressive approach should be mapped out in a 3-5 year progressive implementation achievement plan starting with one or two security initiatives where success can be clearly demonstrated and evaluated. The FFIEC now has mandated financial institutions mitigate online threats by intergrading endpoint encryption pushing it out to all users in a non pre-boot fashion then using the console to migrate users to pre-boot encryption which would provide immediate protection and increased visibility and control of our overall risk posture. First, indentifying Risk, Threat and Vulnerabilities within each of the seven Domains that make-up the firms IT infrastructure. Secondly, proposed security...

Words: 751 - Pages: 4

Premium Essay

Richman Investment Sscp

...SSCP for Richman Investments Security Plan Outline for Richman Investments User Domain • Restrict access to data and applications that is not required for employee to do their job. • Review and Revise user conduct and security polices every six months. • Conduct annual security training seminars with system users and staff.   Conducting annual security training for the user in the user domain will cover the Acceptable Use Policy (AUP) for which users will be informed of what is and what is not acceptable use of the system. Workstation Domain • In house testing of operating system updates prior to user workstation deployment. • Strict access control policies and procedures for user access to system and data. • 72 Day password renewal for workstation and 180 day user password renewal. • Content filtering and anti-virus scanning of all incoming data. Quarantine of unknown file types. Securing a user workstation with approved updates will help prevent potential system corruption and in house data from being exposed. LAN Domain • Proper identification and two key turners to be granted access to Data Centers and wiring closets with 24/7 CCTV monitoring. • Periodic LAN vulnerability assessments.     Keeping our LAN under lock and key prevent tampering of with the networks hardware. Access to the LAN devices is the easiest way to compromise a network. LAN to WAN Domain • Disable ping, probing, and port scanning of exterior devices. • Strict monitoring for intrusion...

Words: 308 - Pages: 2

Premium Essay

Nt2580- Project Part 1

...Project Part 1 Multi-Layered Security Plan Outline The following outline is to document the general security solutions for Richman investments, for all locations including head-quarters, for the safety of data and information that belongs to Richman Investments. This plan will be updated and submitted, every month by the networking division, to senior management along with a security plan for the month. 1. User Domain a. This Domain includes Individuals within an organization who access its information. b. An acceptable use policy to define what users can and cannot do with company IT information will be created. c. Managers should review security awareness training and review acceptable use policies with employees periodically. d. Internal CD drives and USB ports will be disabled. e. Content filtering and antivirus scanning on any downloaded media, and emails will be setup. f. Restrict access for users to only applications, data and systems needed to perform their job. g. Monitor and track employee behavior and their use of IT infrastructure during off hours. 2. Workstation Domain a. Systems where most users connect to the IT infrastructure. i. Workstations can be any desktop, laptop, or other device that connects to an organizations network. b. Password protection on all workstations. c. Auto screen lockout for inactive times. d. Strict access control procedures, standards, policies, and guidelines. e. All CD, DVD, and USB ports will be disabled. ...

Words: 779 - Pages: 4

Premium Essay

Part 1it255

...Multi-Layered Security Outline Task The Networking Division for Richman Investments, has been tasked with creating a general solutions outline for safety and data information that belongs to the organization. The following outline will discuss security solutions for each of the seven domains of the IT infrastructure. User Domain The User Domain is the weakest. The most common vulnerability is the lack of user awareness and user apathy toward security policies. This risk is avoided by conducting security awareness training and consistent reminders of the security policies via emails or banner greetings. Conducting annual training and updating the staff manual will go a long way to help avoid this risk. User media, as well as, personal USB’S are another security risk to the User Domain. This risk is protected by disabling the internal CD drives and USB ports, and enabling automatic antivirus scans for inserted media drives, files, and email attachments. Content filtering network devices are configured to permit or deny specific domain names in accordance with AUP definition. The last way to protect the User Domain will be to restrict access to only those systems, applications, and data needed to perform the employee’s particular job requirement, this will help protect user destruction of systems. Workstation Domain The Workstation Domain consists of desktops, laptops, and or personal data assistants (smartphones). The following will list some...

Words: 992 - Pages: 4

Premium Essay

Richman Investments Part 1

...Richman Investments Multi-Layered Security Plan By Elssie Farnes Objective To outline an implementation plan for security strategies over all levels of the IT Infrastructure 1) User Domain a) Personal user log in procedures will be enforced, e.g. password log in b) User activities will be monitored c) Richman Investments will deploy a Security Awareness Program to educate its employees on proper usage and all company security policies 2) Workstation Domain d) Media Ports will be disabled unless explicitly authorized. e) Access to corporate data will be managed with strict permissions f) All workstations will have Antivirus and Antimalware programs installed and kept updated 3) LAN Domain g) Network switches will be used h) Access to server rooms will be secured to authorized personnel only i) Wireless Access Points will be secured with WPA2 encryption 4) LAN to WAN Domain j) All networking equipment will be up to date, as will all operating systems k) Monitor all inbound traffic for possible malicious intent l) Unused ports should be closed off with a firewall to reduce the chance of unwanted access 5) WAN Domain m) Remote connections will have encryption and VPN tunneling enforced n) Routers and firewalls will be configured to block ping requests to reduce the risk on DoS attacks o) Scanning of email attachments for viruses will be enforced ...

Words: 340 - Pages: 2

Premium Essay

Nt2580 Project Part 1

...PART 1 The following document outlines Richman Investments security measures for IT infrastructure. There are many components that make up the Richman Investments network, and so there should be a multi-layered security solution to protect it. The server room has been located in the central part of the building, and will be physically protected by electronic door locks with keypad combination access. There are a limited number of personnel who will have access to this room in order to decrease the potential for tampering. Each of these personnel will have their own access code, and a digital log will be kept of all access. All of the servers will be virtual, and a backup of each server will be refreshed weekly and saved to cloud storage. All company data will be backed up and saved to cloud storage daily. All users requiring remote access will have a VPN set up with strict login requirements. These users will also have their laptops checked by the IT department on a monthly basis to ensure that they are in compliance with company security policy. Access to the company network will be secured by multiple firewalls set up with our routers. Firewall filters will be set up with a specific list of allowed users and programs. All other traffic will be blocked by default until it has been approved by IT. There will be a limited number of wireless access points around the building, with password access. These passwords will be changed on a regular basis. Access to...

Words: 353 - Pages: 2

Popular Essays

Business Ethics Reflection Essay
Creating Your Dream Job Essay
Business Essay
Natural Law Essay
Abortion: Why It Should Be Not Be Banned Essay
Globalization of Accounting Standards Essay