Huffman Trucking Information Systems Security Review and Upgrade Background and Statement of Need
An increasing growth of the Huffman network infrastructure and architecture requires review of existing network security hardware and software/application resources. This review will help to determine requirements for new systems and possible upgrades to protect Huffman Information Systems from exploitation and ensure security features are in place to combat increasing threats to customer information bases, industry information, technology and assets, and existing and increasing identity theft threats. Negative consequences of neglecting these information security issues can be measured in predictable loss of revenue due to identity theft, network sabotage, legal and liability fees, and commercial espionage. Without any changes, impact to operations can be catastrophic. Critical customer and business information may be vulnerable to Denial of Service (DoS) and other malicious attacks. In these days of increasing identity theft, the legal consequences if customer information is not effectively protected could be extremely detrimental to Huffman business objectives. Goal Statement / Project Objectives
The goal of the Huffman Information System Security Upgrade is to successfully implement sufficient and required security applications, processes, and measures identified in the following analysis. The Information System Security Review will identify existing and required levels of security measures across Huffman's Information Systems and recommend appropriate modifications and upgrades. The security features will eliminate DoS attacks on Huffman Networks and secure Huffman Information Systems and eliminate all identified vulnerabilities. Existing security functionality will be measured by comparing performance parameters currently available in/on the existing security applications with current global standards. A determination of how much security required for the type of operations and data will help determine the type of security to be implemented. Mission and Goals & Project Plan
The Plan will start with an examination of current network architecture and components and then identify security features that might be implemented in this network. The project plan will begin with analysis of existing security processes and identify specific vulnerabilities. The vulnerabilities will then be addressed to ascertain the specific level of security and applications required for acceptable protection. Firewalls, cryptographic algorithms, software applications will be implemented on an as-need basis as vulnerabilities are identified. A schedule will be developed with the evolvement of the Work Breakdown Structure (WBS), but generally the team should try to stay ahead of the draft project schedule. Opportunity Statement
Delays in network operations, frequent pop-ups, latency across networks, SPAM, and a constant threat of exploitation of business information will be addressed as well as unauthorized use of proprietary and confidential information. Solutions will be designed and implemented as countermeasures. Other operational issues such as the need to block pop-ups with current browsers and firewall features will be addressed and prioritized as budget concerns. Vulnerability management systems, Intrusion Detection Systems (IDS), Identity Management, Authentication (IDA), and web access control are not in place leaving Huffman information systems very vulnerable to malicious attacks and network disruption.
Network availability statistics
Denial of Service Attacks
Network monitoring capabilities
Network availability statistics after
Denial of Service Attacks after
Network monitoring capabilities
Authorization to proceed will be granted from the company CIO who will provide an official corporate review of the project's...
Please join StudyMode to read the full document