Professional Documents
Culture Documents
Project Part 1
Project Part 1
PROJECT PART 1
This Multi-Layer Security Plan for Richman Investments will give a brief overview of
the security strategies that will be implemented at each level of the IT infrastructure.
The User Domain is the most vulnerable because of the lack of user knowledge and overall
understanding of what attacks might look like, and may be easily tricked into releasing important
information.
Auditing of user activity will help ensure that users are following correct procedures
according to the security policy.
All users will be updated with the newest policies within a timely fashion.
The Workstation Domain is susceptible to unauthorized access and out of date Anti-Virus
software.
Passwords policies should be enabled though the GPO, and be set to a strict level.
PROJECT PART 1
Make sure that all server rooms are secure from unauthorized access. (Access lists, signin sheets for contractors and tech-reps working in the server room, coded or un-replicable
locks on doors)
Run all networking hardware with up to date security patches, and operating systems
Monitor inbound IP traffic, more specifically looking for inbound transmissions that
show signs of malicious intent
Closing off unused ports via a firewall to reduce the chance of unwanted network access
Install IDS/IPS on the network to monitor and combat network anomalies; also use a
proxy server such as ISA or TMG to filter unknown or malicious traffic
WAN Domains must have a secure way communicating over remote access.
PROJECT PART 1
VPN tunneling should be used for remote connections, Encryptions should be enforced.
Configure routers, and network firewalls to block Ping requests to reduce chance of
Securing mobile access is the main concern for the Remote Access Domain
Encrypt the hard drives of company computers, laptops and mobile device to prevent the
loss of sensitive data.
Require the use of authorization tokens, have a real-time lockout procedure if token is
lost, or stolen
Establish strict user password policies, as well as lockout policies to defend against brute
force attacks
For the System Application Domain, having business continuity and disaster recovery are the
main concerns for this domain.
Solutions:
Develop a backup policy for all critical and sensitive data to maintain daily operation.
A DRP and BCP should be developed for maintaining availability and continuity of
operations.
PROJECT PART 1
References
http://en.community.dell.com/dell-groups/small-business/b/smb/archive/2011/11/16/10-ways-toimplement-multi-layered-security. (n.d.).
http://www.afcea.org/content/?q=layered-approach-security-planning-offers-best-defenseagainst-attacks. (n.d.).
http://www.pcworld.com/article/141361/article.html. (n.d.).
PROJECT PART 1