NT2580 Project Part 1
ITT Technical Institute
NT2580 Introduction to Information Security
Multilayered Security Strategy: Richman Investments
This multi-layered security plan for Richman Investments will provide a short overview of the security tactics that will be applied at each level of the IT infrastructure.
This MLS Plan will describe how the IT department will improve the security of each domain and how to protect the company’s information. The IT department will update all firewalls on the infrastructure and make sure to secure all ports that are open. This will help stop incoming traffic that is malicious. Another protection utilized will be anti-virus software, which will be systematically updated throughout the company. All IT employees will be knowledgeable of the MLS Plan that will be put into effect once senior management approves it for implementation.
User Domain defines the people who access an organization’s information system. This domain is the fastest way for the system to be compromised. I would implement an AUP (acceptable use policy) that will be understood and signed by all employees with access to the network. The employees will also have to go through initial information security training before gaining access to the network. This training will also be required annually in order to maintain their access to the network. The AUP will dictate the requirements for passwords. The requirements will include an eight character alphanumeric password, two uppercase letters, two lowercase letters, two special characters, and two numbers. This will make it more difficult for the password to be breached. The AUP will also state that the company systems will only be used for work related purposes. All social networking sites and many other miscellaneous sites will be blocked. The user will also have to consent to monitoring when signing the AUP.
Passwords will also need to be
References: David, K., & Solom, M. (2012). Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning. Fundamentals of Information Systems Security/Information Security and Risk Management. (2014). Retrieved from http://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Information_Security_and_Risk_Management Granger, S. (2002). The Simplest Security: A Guide to Better Password Practices. Retrieved from http://www.symantec.com/connect/articles/simplest-security-guide-better-password-practices Pradhan, P. L., Meher, P. K. Risk Assessment on IT Infrastructure. Retrieved from http://www.infosecwriters.com/text_resources/pdf/Risk_asst-Infra.pdf Routing and Switching Case Study: How Cisco Uses VPN Solutions to Extend the WAN. (n.d). Retrieved from http://www.cisco.com/web/about/ciscoitatwork/network_systems/wan_vpn_solutions_web.html