Preview

Project Part 1

Better Essays
Open Document
Open Document
1209 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Project Part 1
Detailed Proposal
NT2580 – Introduction to Information Security
15 March 2014

Detailed Proposal

Detailed Proposal
This Proposal is to assess the situation at the Richman Investments Company. The offices have a total of 5,000 employees, and the office technology inventory includes desktops, mobile computers, and wireless devices. There is a mix of computers running Windows XP, Windows Vista, Windows 7, and Mac OS X. Most of the managers have BlackBerry devices for instant communication, and all employees are provided cell phones. A Windows Active Directory forest with domains is set up for each office, and seven file and print servers are located in the Phoenix office. The Phoenix office also contains two proxy servers, configured as an array, that provide Web cache services and Internet access control for the organization. The majority of applications are Web-based and hosted from the Phoenix office. There are a lot of systems on this network with a lot of different software and operating systems. This is alone is a high vulnerability because it makes it harder to keep each system up to date as opposed to having one main operating system and being able to push down updates and patches to assure that the network is safe. The Seven file and print servers are ok but like I stated before, now you have to make sure whatever that is running on the servers have to be compatible with each operating systems. If not you can designate the file and print server to only be in charge of all the computers with a certain operating system on it. That will make it more difficult still and require more man power than what you would want on your network. I didn’t see mentions of firewalls, they will be needed since you have most of the applications are web-based. We need to ensure that our employees are the only ones that have access to the information in our network. There should be firewalls to detect outside intruders and a


References: Firewall management. (2014). In Dell Secure Works. Retrieved March 15, 2014, from http://www.secureworks.com/it_security_services/firewall/ Data encryption on removable media guideline. (2014). In Berkeley Security. Retrieved March 15, 2014, from https://security.berkeley.edu/content/data-encryption-removable-media-guideline?destination=node/379 Guil, F. (2003, April). Computer rooms-meet the physical security measures . In GIAC.com. Retrieved March 15, 2014, from http://www.giac.org/paper/gsec/2892/computer-rooms-meet-physical-security-measures/104866 Bradley, T. (2014). Password policy: password must meet complexity requirements. In about.com. Retrieved March 15, 2014, from http://netsecurity.about.com/od/secureyourwindowspc/qt/complexpw.htm
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    NT2580 Project Part 1 Multi Layered Security Plan
    • 449 Words
    • 2 Pages

    NT2580 Project Part 1 Multi Layered Security Plan

    When creating a multi-layered security plan, I would look at all seven domains of the IT infrastructure and then increase the security on each of those domains because that will increase the security for the whole plan. In the user domain, this is the quickest way for the system to be compromised the users. So I would implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will also need to be changed every 90 days and the same password cannot be used again for three calendar years. In the workstation domain, I would make sure that each workstations, whether desktop or laptop has some security on it like antivirus and malware protection installed. Laptops can be very vulnerable for loss or theft, which would make me install an encrypted hard drive so if it is stolen the data can only be retrieved by the owner. For the LAN domain, just train all users about email scams. I would guess that most users know not to access suspicious emails when on our system but I would still implement to the users a quick training course. Then I we should add spam filters this will help get rid of most of the junk email. In the LAN-to-WAN domain, we need to shut down the File Transfer Protocol (FTP) server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server. In the WAN domain, we need to make sure that we have firewalls set up on our network that will filter all incoming traffic. This firewall will stop all traffic coming on to our system that is not meant or not wanted our network. In the Remote Access Domain, we need to establish strict user password policies, as well as lockout policies to defend against brute force attacks, require the use of authorization tokens have a real-time lockout procedure if token is lost, or stolen. The last domain is System/Application domain we need to…

    • 449 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Riordan Section Three Paper
    • 893 Words
    • 4 Pages

    Riordan Section Three Paper

    First and foremost all files need to be encrypted and password protected. The Playstation Network was taken down easily because routers were left unprotected and the data belonging to users was not encrypted. Everything needs to be locked down digitally. Riordan conducts business in many places and hackers are everywhere. Finance and accounting use outdated systems and manually enter information. Integration of the systems through a secure pipeline will decrease the security risks but the files still need to be encrypted to secure ensure that all security holes are no longer open.…

    • 893 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Project part 6
    • 406 Words
    • 2 Pages

    Project part 6

    The senior management has been advised by the legal department that the organization will need to become PCI DSS compliant before using online applications that accept credit cards and customer personal information. The management isn’t familiar with PCI DSS compliance; therefore, the management asked you to prepare a recommendation explaining PCI DSS compliance, how the organization can move through the compliance process, and the consequences of noncompliance.…

    • 406 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    project 2
    • 394 Words
    • 2 Pages

    project 2

    TAX 4001 Project 2 Due Date Handed in to class on November 5, 2014 Your assignment is to individually prepare a memorandum to the tax file (see Chapter 2, Figure 2-6, page 2-27 in the 2015 Edition of the text for an example). The relevant facts are Carol is a successful physician who owns 100 of her incorporated medical practice. She and her husband Dick are considering the purchase of a commercial office building located near the local community hospital. If they purchase the building, Carol would move her medical practice to the new location and rent space at an arms length price. The rent income that Carol and Dick receive will be available to absorb passive losses generated by other passive activities they own. The net effect of this arrangement is a reduction in their income tax liability. Will Carol and Dicks plan work Explain. Your memorandum should include the Facts, Tax Issue(s), Conclusion, and Analysis. Use the UCF library website to search a database (CCH Internet Tax Research Network, RIA Checkpoint, or LexisNexis Academic database can be used). Hint - you will find guidance from the following sources of tax law. These sources should provide you with adequate information to come to a definitive conclusion regarding whether or not Carol and Dick will achieve the results they are hoping for. You will find guidance from the regulations under Reg. 1.469-2. Locate the specific section of Reg. 1.469-2 that applies to this fact pattern, and be sure to cite this specific section in the memorandum. After you have located the section of the regulation that applies to this fact pattern, review the following court cases that are relevant to this issue to help you in your analysis and conclusion (be sure to cite all three in the memorandum) Fransen v. U.S., 98-2 USTC 50,776…

    • 394 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Project Part 1 Task 1
    • 295 Words
    • 2 Pages

    Project Part 1 Task 1

    The LDAP server will be utilized as the central authentication server so that the involved users have a login that is unified and covers all console logins (LDAP NExt, 2010).…

    • 295 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    Business Continuity Plan for Riordan Manufacturing Paper
    • 2693 Words
    • 10 Pages

    Business Continuity Plan for Riordan Manufacturing Paper

    Riordan Manufacturing is in need of a new network, this plan will develop a network that will benefit the business, the employees and the customers in a manner that will provide all of them with a smooth operating experience as well as to future proof the entire network. The Network will handle all incoming and outgoing traffic for both the employees on the intranet, as well as the customers on the external internet web site. Quality of Service (QoS) will be implemented to assist in data tracking for use of the bandwidth to determine and plan how much bandwidth is needed and to determine where congestion issues are as they arise. The plan is to implement all of the locations into one wide area network (WAN). The locations are in San Jose, California; Albany, Georgia; Pontiac, Missouri and Hangzhou, China. All of these locations will be backed up and implemented to run together as one unit while maintaining the flexibility of the local area networks (LAN’s) that they are. All access will use VPN’s for the added security layer using the client CITRIX. Security measures will also be implemented to ensure that the network is secure for the business, its employees and of course, the customers. This plan will outline and identify the information team, from the Chief Information Officer (CIO), to the programmer analyst to show the order of the IT team and the roles they are currently in.…

    • 2693 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Good Essays

    Project1 1

    • 1151 Words
    • 4 Pages

    Project1 1

    1: A management meeting for 12 section managers is due to be held on Tuesday, 24 November commencing at 9.30am and finishing at 4.00pm. The CEO of the company will attend.…

    • 1151 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    Introduction to Network Implementation
    • 6041 Words
    • 25 Pages

    Introduction to Network Implementation

    Over four months, a very short period of time, a small accounting firm grew from five employees to fifty. The existing network architecture could no longer support the exponential growth. Peer-to-Peer networks work very well in a small office environment. Once the ratio of employees exceeds around five employees resources, file storage and a plethora of other network disasters begin. The obvious solution was to recommend a change. As explained in the proposal the proposed upgrade from a peer-to-peer network architecture to client/server was an imminent necessity.…

    • 6041 Words
    • 25 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    A Project That Involves Upgrading Hardware and Software
    • 433 Words
    • 2 Pages

    A Project That Involves Upgrading Hardware and Software

    The project will consist of Hardware and software refreshes. Currently there is a network workgroup in place. All of the computers are running Windows 2000. One of the computers is being utilized as a “server” for the clinic software Medisoft. A Small Business Server utilizing Microsoft SBS 2008 will be implemented. This server will host the domain, active directory services, security policies, clinic software and be a central point for network storage and backup. All of the client computers will be replaced with new ones running Windows 7. These computers will be joined to the domain enforcing password requirements, security policies and ensuring that all computers are backed up and protected from viruses.…

    • 433 Words
    • 2 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    How Not To Get Hooked By A Phishing Scam
    • 3034 Words
    • 13 Pages

    How Not To Get Hooked By A Phishing Scam

    Internet security is a division of actions aimed at securing information based on computers and in transit between them. In the modern environment the two subjects are intimately linked. Neither computers nor the networks that connect them are inherently secure. Computers were subject to attack before the Internet became a public utility—because illegitimate software hidden on commercial diskettes could be fashioned to load itself on a computer and play havoc with data in memory or placed on a fixed drive. The Internet, by its very nature—initially conceived of as an open network to facilitate free exchange of ideas and information—is vulnerable. According…

    • 3034 Words
    • 13 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Why Establish an Acceptable Usage Policy?
    • 2473 Words
    • 10 Pages

    Why Establish an Acceptable Usage Policy?

    For the Past 15 years, I have been supporting small businesses with computer problems, ranging from desktop support to network and server integration. I have been a Microsoft® Certified Professional since 1999, and a Microsoft® Certified Small Business Specialist for over a year. I ran my own company, Lyons Den Computer Services, Inc., from 1992-2007. I exclusively serviced businesses with 3-25 workstation and servers. I recently started a new position where I am working with even larger organizations, with over 100 computers per location. One thing most of these companies have in common is a great dependence on technologies such as the internet, email and network connections to the world. Unfortunately, another thing they have in common is a lack of understanding of the depth of security concerns they create by taking advantage of these technologies. One of the largest security holes is often not a missing piece of hardware or software, but a missing piece of documentation that should be in place to protect their investment in all their equipment, personnel and good company name. I am referring to an Acceptable Use Policy for their network and Internet usage.…

    • 2473 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Good Essays

    Cis333 Assignment 1
    • 987 Words
    • 4 Pages

    Cis333 Assignment 1

    With any network organization you want to make sure that you keep on top of vulnerabilities of anything that reaches out to the internet. Computers and servers that touch the internet are ones that must be scanned. As a company you have to make sure that you configure the security settings for the operating system, internet browser and security software. As a company you also want to set personal security policies for online behavior. There also needs to be an antivirus installed on the network like Norton or Symantec which blocks threats targeting the vulnerabilities.…

    • 987 Words
    • 4 Pages
    Good Essays
    Read More
  • Good Essays

    Disaster Plan
    • 1162 Words
    • 3 Pages

    Disaster Plan

    The way in which XYZ Computers has their IST Department set up currently is susceptible to many threats. The lack of a firewall is an open invitation for data to be stolen by prying eyes, and the vulnerability of placing the payroll database is in the same server as the email service. The geographic and weather conditions of the location of the company have a high risk of flooding, yet the Servers were installed on the first floor. Lastly, the backup method in place is sort of outdated and there is no mention on how often the backup takes place; additionally, the backup tapes themselves could be damaged, lost, or stolen. These recommendations are an attempt to improve XYZ Computer’s network data security, prevention of data loss, protection against network failure, and contingencies for natural disasters.…

    • 1162 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    Visual Code Authentication Schemes
    • 7714 Words
    • 29 Pages

    Visual Code Authentication Schemes

    with their smartphone, which is a convenient alternative to passwordbased login. We find that many schemes in the literature (including,…

    • 7714 Words
    • 29 Pages
    Powerful Essays
    Read More
  • Good Essays

    Bus 2202 Unit 7 Information Security Case Study
    • 803 Words
    • 4 Pages

    Bus 2202 Unit 7 Information Security Case Study

    Access Control: Physically limiting access to the area is a simple and effective way to protect. Devices like key pads, locking device, biometrics readers are some options that company could apply (MSTech Solutions, 2017). Inappropriate control is the key factor of information leakage and limiting access is effective protection method.…

    • 803 Words
    • 4 Pages
    Good Essays
    Read More

Related Topics