Project part 1
When developing a multi-layered security plan you need to look at all seven domains of a typical IT infrastructure and check if they need to be increases.one of the weakest link in IT infrastructure In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has antivirus and malware protection installed on them. Laptops are very vulnerable for loss or theft, so all company laptops should have an encrypted hard drive so that if they are stolen, the data contained on them is not recovered by anyone but the owner. For the LAN domain, we need to have training about email scams. Most users know not to access suspicious emails when on our system but a quick training course will help. Also, adding spam filters will help gets rid of most of the junk email, so there is much less risk of employees opening emails containing malware. In the LAN-to-WAN domain, we need to shut down the FTP server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server. In the WAN domain, we need to make sure that we have firewalls set up on our network to filter all incoming traffic. A firewall will stop all traffic coming on to our system that is not meant or not wanted on the Richman Investments network. In the remote access domain, we need to should that all mobile devices are up to date firmware, operating system and patch according to policies. All mobile devices need to have passwords.
Please join StudyMode to read the full document