...Project: Information Security Project 1 Name: Ashiqul Abir Class: NT2580 Date: 02/28/2013 Information security best practice project: The information security best project was housed within the Oxford University computer emergency response team. The project sought build on the knowledge, commentary and information gathered during the 2009 self-assessment exercise. One of the main objectives of the project was to develop an information security toolkit, which includes the policies, guidelines, documentation and education and awareness programmers. Information security: In a devolved environment, such as a collegiate university, it is imperative that policy should not go into retail about how those objectives should be met. It also defines the scope of the policy and identifies roles and responsibilities for security. Information security toolkit: The example polies can be tailored to suit the individual needs of your department, college or hall. The toolkit focuses on some areas like, IT management Operations Network Management Physical Security Building on the 2009 self-Assessment: The 2009 Self-Assessment exercise asked unit within the collegiate university to assess their current approach to IT operations, management and security against recommended best practice guidelines. The information gathered helped the advisory group to understand where further attention, resource, and best practice...
Words: 280 - Pages: 2
...Allen & Bose Insurance Services Firewall Security Project Business Requirement and proposed Solution Report CIS 343 July 10, 2013 Dr. Table of Contents Executive Summary 3 Introduction/Background and History 4 Issues faced and specific needs to be solved by installing upgrades 5 Projects Assumptions and Constraints 7 Business Requirement ….………………………..………………………………………..8 Definition of Terms ….……………………………..……………………………………..9 Project Scope...……………………………………..……………………………………10 References…………………………………………..……………………………………13 Executive Summary The objective of this paper is to educate both the senior management of Allen & Bose Insurance Inc. on the network security threats that exist with our current network design. The enclosed report presents an analysis on Allen & Bose Insurance Services current security posture and highlights the issues we have face over the past year as well as industry best practices and recommended updates we should make to our network security design that will protect the organization from the myriad of security threats that are out there. Introduction/Background and History Allen & Bose Insurance Services has become a dynamic and intricate player in the automotive and home insurance market. The company has grown from 25 employees in one office to over 225 employees in 3 offices. In the early days the computer systems that were used were on a close network of networked computing...
Words: 1848 - Pages: 8
...business, internal and external threats are also evolving to counter the security protocols you have in place. You will need to update and change with the times. By securing your network with software, appropriate adjustments to strengthen them and equipment is called is called "network hardening." True hardening must be done on the inside as well as the outside. Remember, many attacks occur internally so equal consideration must be given to that possibility. At the heart of the network hardening concept is the need to be consistent in evaluating your network layout and configuration. Consistency also implies staying ahead of the curve so to speak. Ensuring that you're never in a position where you're struggling to keep up with current security trends or technologies. Security threats thrive on exploiting the vulnerabilities of environments with out-of-date hardware, software, and security protocols. The proper evaluation of your current network requires detailed research and a sense of urgency. You must be purpose-driven and methodical as you determine which components and/or practices need to be "hardened." It would not be cost effective to use a shotgun approach and upgrade everything at once. This approach would not only be inefficient but extremely risky as proper testing is essential before you implement new components or practices into your environment. A botched upgrade could actually weaken security rather than harden it. Don't be hasty and skip the testing phase! Since...
Words: 401 - Pages: 2
...Project Deliverable 5: Infrastructure and Security This assignment consists of two (2) sections: an infrastructure document and a revised Gantt chart or project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment. The infrastructure which encompasses the network solution and security considerations is a major consideration for your company. Considering that the company will be expanding from one (1) floor to three (3) floors in the very near future you, as the CIO, are responsible for the design of the infrastructure and security protocols. You have been tasked with designing a network that is stable, redundant, and scalable. In addition, speed and reliability are important considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the established criteria that were set at the onset should be adhered to within your plan. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. In addition, access paths for Internet access should be depicted. Additionally...
Words: 724 - Pages: 3
...User Domain: The first layer of security in a multi-layer security plan. It’s also the weakest in the IT Infrastructure. Certain protocols and procedures need to be followed. • Implement and Conduct Security Awareness Training. • Implement Acceptable Use Policy (AUP). • Monitor employee behaviors. • Restrict access to users to certain programs and areas. Workstation Domain: The second layer of security in a MLS plan. This is where most users connect via Workstation computers, PDA’s, Laptops and smartphones. • Admins create a strong password policy, by making a minimum amount of characters with capitalization and numbers • Enable Up to date anti-virus programs. • Implement a mandated Employee Security Awareness Training. • Limit access to company approved devices only. • Disable CD drives and USB ports. LAN Domain: The third layer of security in the MLS plan. This is the collection of computers in an area to one another or to a common connection medium. To prevent the unauthorized access, recommend implementing the following: • Physically secure the wiring closets and data centers. • Implement encryption procedures. • Implement strict access policies and second-level authentication. • Implement WLAN network keys that require a password for wireless access. • Implement LAN server and configuration standards, procedures, and guidelines. LAN-to-WAN Domain: The fourth layer in the MLS plan. This is where the IT infrastructure is linked to a wide area network and the...
Words: 574 - Pages: 3
...* User Domain - defines the people who access the organization’s information system. * User Accountability – the most important measure to be taken in this domain is to make sure that the users are well trained and are aware of the risks that are out there. * Workstation Domain - Any device that users use to connect to your network. * Viruses or malware – to keep viruses and malware at bay it is best to use workstation antivirus software frequently and definitely keep this software up to date. As without the updates antivirus software is almost worthless. * LAN Domain – consists of all machines connected to your network in a local setting. * Unauthorized access to the LAN commonly comes from unlocked wiring closets and data-centers. Simply keep these items under lock and key and well organized and at least the hard lines are secure. * LAN-to-WAN Domain – where the IT infrastructure links to a wide area network and the Internet. * If local users download unknown file type attachments from unknown sources, then you should apply file transfer monitoring, scanning, and alarming for unknown file types from unknown sources. * WAN Domain- connects remote locations to your domain. * If you are vulnerable to eavesdropping, use encryption and VPN tunnels for end to end secure IP communications. Also, follow your data classification standards and guidelines. * Remote Access Domain- connects remote users to your domain...
Words: 299 - Pages: 2
...User Domain Risk, Threat, or Vulnerability Lack of user awareness • Conduct security awareness training display security awareness posters, insert reminders in banner greetings, and send e-mail reminders to employees. User apathy toward policies • Conduct annual security awareness training, implement acceptable use policy, update staff manual and handbook, discuss dring performance reviews. Workstation Domain Risk, Threat, or Vulnerability Unauthorized access to workstation • Enable password protection on workstations for access. Enable auto screen lockout for inactive time. Unauthorized access to systems, applications, and data • Define strict access control policies, standards, procedures, and guidelines. Implement a second-level test to verify a user’s right to gain access. Account Policies | Password, lockout, and Kerberos settings. | Local Policies | Audit, user rights, and security options. ("Security Options" consist primarily of security-relevant registry values.) | Event Log | Settings for system, application, security and directory service logs. | Restricted Groups | Policy regarding group membership. | System Services | Startup modes and access control for system services. | Registry | Access control for registry keys. | File System | Access control for folders and files. | LAN Multilayer Security * Coverage considerations for wireless LAN (WLAN) users in a branch office * Distance considerations from the closet to the...
Words: 726 - Pages: 3
...Project Part 1: Multi-Layered Security Plan when developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has antivirus and malware protection installed on them. Laptops are very vulnerable for loss or theft, so all company laptops should have an encrypted hard drive so that if they are stolen, the data contained on them is not recovered by anyone but the owner. For the LAN domain, we need to have training about email scams. Most users know not to access suspicious emails when on our system but a quick training course will help. Also, adding spam filters will help gets rid of most of the junk email, so there is much less risk of employees opening emails containing malware. In the LAN-to-WAN domain, we need to shut down...
Words: 338 - Pages: 2
...Server Side Security Unit 1 Individual ProjectRunning head: SERVER SIDE SECURITY UNIT 1 IP Server Side Security Unit 1 Individual Project American Intercontinental University IT465-1102B-02: Intrusion Detection and Prevention for Windows Security June 12, 2011 Basic Server Security The four basic necessities of server security include antivirus, strong passwords, firewalls, and critical updates. Antivirus software prevents infiltration and/or stops an attack completely. It will check a set of coding against a database of virus codes. It is important to use a well stocked virus database source. Strong passwords are typically ten to fourteen characters in length, a mix of numbers, symbols, upper, and lower cases lettering. Patterns, names, and identifiable information should be avoided (HostingHelpers, 2008). Critical updates include receiving security updates from an online source. These are done in forms of patches and/or updates that will correct coding, fix exploitable code, and a wealth of other things. These are vital to working with several applications. Firewalls are able to block unwanted traffic. These can help with security and keep random connection attempts form using up server and system resources (HostingHelpers, 2008). Firewalls Firewalls are very resourceful. Depending on the size of the company and users, choosing the correct firewall can be critical. There are many firewalls out there and companies that produce them both freely and paid. You...
Words: 597 - Pages: 3
...UNION NETWORK SECURITY CHECKLIST ___ Make sure that all software and firmware for all appropriate devices are up to date and configured correctly. ___Operating system and server configuration: All operating systems should be up to date and all passwords should be sufficient and not weak, and proper configurations of all directories. This also includes making sure that the network administrators have the knowledge and experience. ___Make sure that there is a log of equipment being placed in and removed from the facility must be kept at both locations (branches), listing what equipment was removed, when and by whom. ¬¬¬¬___There SHOULD be signs at the door(s) marking the room as restricted access and prohibiting food, drink, and smoking in the computer room. ___Each computer room SHOULD have redundant access to power, cooling, and networks. There should be at least an 18" access floor to provide for air flow and cable management. Computer rooms should have air filtration. Computer rooms should have high ceilings to allow for heat dispersal (Heare, 2011) ___There MUST be regular offsite backups of essential information. There must be a backup policy in place listing the procedure for restoring from backup and allowing for the scheduling of practice runs to test that the backups work ___There should be at least one security guard posted at near the computer rooms in each branch and should also be trained to follow and enforce physical security policy strictly...
Words: 1689 - Pages: 7
...IS4560 Week 4 Project Part 1: Current Security Threats The three top security threats I have chosen for Aim Higher College are malware, exploit vulnerabilities, and social networking. Malware in another term that means malicious software. It is used to infiltrate and damage computers without the user’s permission. Some examples of malware are viruses, spyware, worms, Trojans, and rootkits. This is a top security threat because a computer can easily get infected. While students or staff members use the schools computers, they can download music or pictures, and a virus can be attached to those and the computer will get infected right away. Another security threat is exploit vulnerabilities. An exploit is an attack on a computer system, and this exploit will take advantage of vulnerabilities that exist on a system. This is why vulnerabilities need to be mitigated and taken care of right away. If not, attackers will always find a way to get on a system and steal data and personal information. This will affect students because there personal information but be out there to the public without their knowledge. The third threat that I believe is a main concern for this college is social networking. Nowadays everyone uses social networking such as Facebook, Twitter, and etc. The scams on Facebook include cross-site scripting, clickjacking, survey scams, and identity theft. Cross-site scripting is when the site tricks you to go to another webpage and this has hidden malware that...
Words: 326 - Pages: 2
...Project Part 1 Task 1: Outline Security Policy Scenario To stay competitive in the financial institution market, the First World Bank Savings and Loan wishes to provide all banking services online to its customers. These services also include the online use of credit cards for loan applications. The organization estimates over $100,000,000 a year in online credit card transactions for loan applications and other banking services. A task team has been formed to study the cost, performance, and security of maintaining a Linux and open source infrastructure. According to rough estimates, annual cost savings in licensing fees alone can be up to $4,000,000. At the same time, the confidentiality, integrity, and availability (CIA) triad perspective needs to be taken into account for infrastructure maintenance. The task team has engaged a network engineer with the network and routing design. The team has determined the following server services that would be needed to support the online transaction infrastructure: * A database server * A Web server * A file server * A Simple Mail Transfer Protocol (SMTP) server * A Lightweight Directory Access Protocol (LDAP) server All servers would be physically located in a third-party data center. Tasks You need to: Understand the business need of First World Bank Savings and Loan. Point out specific legislation and regulations that meet the statutory compliance criteria. Assess the feasibility of Linux and open...
Words: 780 - Pages: 4
...Multi-Layered Security Outline To: Richman Investments Senior Management Outline includes: Security solutions for each of the seven domains. User Domain: This is where the first layer of defense starts for a layered security strategy. We will conduct security awareness training, restrict access for users to specific systems and programs, create an acceptable use policy, and track and monitor employee behaviors. Workstation Domain: Start by creating strong passwords to protect workstation access, then enable antivirus protections, and mandate security awareness training to all employees. This domain is almost as vulnerable as the user domain and also needs constant monitoring. LAN Domain: To prevent unauthorized access we can physically secure wiring closets and data centers, implement encryption protection, define strong access control policies and strong second-level authentications. LAN-to-WAN Domain: Disable ping, probing and port scanning, apply strict security monitoring controls, and update devices with security fixes and software patches right away are excellent measures to take. WAN Domain: Use encryption and VPN tunnels for end-to-end secure IP communications, and scan all e-mail attachments for type, antivirus, and malicious software. Back up and store data in off-site data vaults. Remote Access Domain: Establish user ID and password policies requiring periodic changes, set automatic blocking for attempted logon retries, and encrypt all data within the...
Words: 257 - Pages: 2
...Information Security Project This assignment is designed to help you understand how an incident response plan is put into place. In an IT environment, it is typical for multiple members of the IT Department to be part of the planning and response efforts for many security incidents. Because of this, it will be helpful that you understand how the process works. Please be sure that your response to the incident make sense and are developed by your own research on how to respond to the incident. Details on what should be included in the Incident Response Plan are below. For the deliverable, use Calibri font, Size 14. This should be in your own words. Plagiarism goes against school policy and will result in a zero for the assignment. Please note that this is 21% of your grade for the class; take the time to be detailed and I expect questions from you about it. After all, this project is all about you learning how the process works. Phase 1: Week 5 Step 1: Choose an incident type to create a response plan with. I’ve supplied a list for you below. Step 2: Find supporting materials on how to respond to the incident. You should be able to use a common search engine and find this. Phase 2 Step 3: Develop a summary of the incident that occurred; recommended 1-2 paragraphs; can be brief. If you can find an incident online that matches your project choice, you can use this summary. Make up a business name of the company that you work for. The sky is the limit in terms...
Words: 625 - Pages: 3
...Information Security in Pharmacies Introduction Information security is vital in many firms especially pharmacies and other sensitive fields. Security officers are, therefore, necessary to ensure both physical and logical safety. The Information Security Officer/Manager (ISO) will have different duties such as managing the information security functions in according to the firm’s established guidelines and provisions/policies, providing reports to the firm’s management at reasonable intervals, establishing and ensuring implementation of information security procedures and standards, according to the state’s provisions regarding risk management policies, consulting and recommending to the pharmacy on issues of security enhancement, conducting information security analysis and assessment programs and many others. Protecting medication, funds and health information According to statistics, many health firms such as pharmacies and hospitals have adopted the electronic health records (EHR) model to store their information. However, these firms still use physical records such as filing to store their information. In adopting the EHR, pharmacies usually aim at improving the coordination with patients, reducing disparities, improving public health and enhancing privacy of information through secure data protection. Medication, funds and also information have to be protected to encourage quality service deliverance to the firms. Access to the pharmacy According to the Joint Commission...
Words: 2989 - Pages: 12
