IT255 Friday, 6pm
Multi-Layered Security Plan
When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. The seven domains are user domain, workstation domain, LAN domain, LAN to WAN domain, WAN domain, and remote access domain. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Easiness of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has to have antivirus and malware protection installed on them. Express strict access control polices and standards. And mandate annual security awareness training for all employees For the LAN domain, Make sure wiring closets, data centers, and computer room are secure. Use a WLAN network keys that require a password for wireless access. And implement encryption between workstation and WAP to maintain confidentiality. In the LAN-to-WAN domain, closing off unused ports thru a firewall to reduce the chance of unwanted network access. Monitor inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent. And run all networking hardware with up to date security patches, and operating systems. In the WAN domain, enforce encryption, and VPN tunneling for remote connections. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks. Deployment of...
Please join StudyMode to read the full document