NT 2580, Guzman
Project Part 1, Multi-Layered Security Plan:
Muliti-Layered Security Plan
1. USER DOMAIN:
A. User awareness/policies.
i. By conducting security awareness training, you can educate the user/employee on the policies and standards. Also make the user/employee aware of the violation consequences if the said policies and standards are broken. To further implement this security awareness plan, follow up by sending out reminder/updates in a bi-weekly email and flyer handout.
B. Restrict user access.
i. By restricting user access, only allowing the user/employees enough access to successfully do and complete their job/tasks; you can prevent user destruction.
A. Enable password protection and system lockout.
i. By enabling password protection on all workstations and implementing a three try timeout/lockout on an un-successful entered password, you can protect your company from unauthorized users trying to gain access by password hacking.
B. Protect all CD, DVD’s, and USB ports.
i. Deactivate all CD, DVD, and USB ports; then enable an automatic antivirus scan for the CD’s, DVD’s, and USB ports to prevent any harmful, or malicious files that may be on the drives.
A. Define strict access control policies, standards, procedures, and guidelines.
i. By implementing a second level identity check to gain access to sensitive systems, applications, and data; you can protect from unauthorized access to the systems, applications, and data.
B. Implement encryption between workstations and WAP to maintain confidentiality.
i. By implementing the encryption between workstations and WAP you can protect the confidentiality of data transmissions.
A. Apply strict security monitoring controls for intrusion detection and prevention.
i. With this security plan being implemented, you can monitor inbound IP traffic anomalies and prevent malicious-intent traffic that may try to intrude and harm your system.