Is3440 Project Part 1

Topics: Database management system, Password, Basic access authentication Pages: 10 (3157 words) Published: April 14, 2014

Project: Project Part 1: Executive Summary

First World Savings and Loan is a financial institution that processes credit card transactions and loan applications online. We are currently considering implementing an open source infrastructure. This could potentially save us over $4,000,000 per year in licensing fees for the software we are currently using. However, due to our business needs; we must still comply with the Sarbanes-Oxley Act (SOX), Payment Card Industry - Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA). We must comply with SOX, because we are a publicly-traded financial institution; PCI-DSS, because we process online credit card transactions; and GLBA, because we are a financial institution. All of the regulations of these three compliancy laws must be met, while still maintaining the Confidentiality, Integrity, and Availability (CIA) triad. All security requirements for SOX, PCI-DSS, and GLBA can be achieved using Linux and open source infrastructure. Some examples of open source software that we might use are: Web Server - Apache Web Filtering - DansGuardian Network Firewall - Turtle Firewall VPN - Endian Firewall Community IDS/IPS - Suricata Database - MySQL File Server - Samba SMTP Server - hMailServer I would recommend that we use a "Defense in Depth" strategy, having multiple layers of access protection. We need to have an IDS/IPS on both sides of our edge firewall. The inside IDS/IPS will be used as additional protection for our network and the outside IDS/IPS will serve as an early warning system from attacks. We will also use the outside IDS/IPS for additional protection and to monitor what types of attacks are occurring. Our web server and mail server should be completely separated from the rest of our network in a de-militarized zone (DMZ). We need to have a network firewall between our DMZ and our internal network, between the outside world and our internal network, and between our DMZ and the outside world. There should also be a local firewall enabled on each local machine. Also, since our physical servers will be hosted at a third party location, we must have VPN access to these servers to manage them. All private data will need to be encrypted, as well as all data transitions. To go along with the previously mentioned physical and software based security measures, we will also apply multiple policies to maintain this security. Acceptable Use Policy - This policy will describe how the companies IT assets should and can be used. As well as what is not acceptable to do on company assets. Password Policy - This policy will explain what parameters a password must meet to be accepted. For example; a password must be at least 15 characters long have at least on capital letter, have at least one lower case letter, have at least one number, and have at least on symbol. Privacy Policy - This policy describes what information must remain confidential. Training employees on the proper way to use (and how NOT to use) company assets is a major key to ensuring the CIA triad remains intact and our network secure. In this part of the executive summary, I am going to be explaining, and making recommendations on what the best options are for the open source software that is needed for the management of the First World Savings and Loan financial institute's various web and application servers. For each of the servers, I recommend using the Red Hat Enterprise Linux operating system for a number of reasons. The main ones being that it is one of the most secure, It's backed by years of technical support, It's supported by a vast number of different hardware, and It is one of the most, if not the most, popular and used server OSs that one can get today. I would rather go with software that has been vigorously tested to its breaking point and still remains at the top tier of server software options that's readily available today, than one that has just come out with all of the bells and...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Essay on Unit 9 Project Part 1
  • IS3440 project part 1 Essay
  • Project Part 1 Task 1 Essay
  • It255 Project Part 1 Essay
  • Project Part 1 Essay
  • NT2580 Project Part 1 Essay
  • Project Part 1 Research Paper
  • NT2580 Project part 1 Essay

Become a StudyMode Member

Sign Up - It's Free