Project Part 1
Multi-Layered Security Plan
When you create a multi-layered security plan, you must look at all of the domains of the IT infrastructure. Once you look at the security of each you must then increase the security on each of those seven domains. A security increase will help the overall security of the system and create a multi-layered security plan. For the systems/application domain, we must lessen chances for attacks on our servers. This shall be done by figuring out which ports and services are not being used and shutting them off. This gives hackers less ways onto our system. Also needed is to make sure all servers have the latest patches and updates. These updates provide the latest security patches with less likelihood of vulnerabilities. For the remote access domain, we need to make sure the VPN in use is secure so that our employees are not exposing sensitive data to anyone outside the network. In order to do so we will ensure everyone is using a VPN to access the network which has to authenticate to the system to get authorization. In the WAN domain, we need to make sure that all firewalls are set up on the network to filter all traffic. A firewall can stop all traffic coming on to our system that is not meant or not wanted on the network. For the LAN domain, we need to have annual training about fictitious emails. Most users know not to access unknown emails when on our system but a brief training course will assist in this matter. Also, adding spam filters will help rid of most junk email, so there is less risk of employees opening emails which may contain malware. In the LAN-to-WAN domain, we need to power off FTP servers running then switch over to the use of secure FTP servers so that only users allowed on our system can access them. In the workstation domain, we need to make sure that all workstations have antivirus and malware protection installed on them. Laptops and portable devices are very vulnerable to theft as...
Please join StudyMode to read the full document