Keeping information assets secure is challenging for any business, regardless of its size. It seems there's no limit to the ingenuity and maliciousness of today's cybercriminals, hackers and identity thieves. In fact, hackers have become so sophisticated and organized that their operational methods are similar to those of traditional software development and business practices. When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of users passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. Project Part 1 Multi Layered Security Plan Richman Investments 1) General This MLS plan will give a brief overview of the security strategies that will be implemented at each level of the IT infrastructure. 2) User Domain a. The usage of security awareness training to instruct employees of Richman Investments security policies b. Auditing of user activity
Nt2580 Project 1 Multi Layered Security Plan
3) Workstation Domain a. The usage of antivirus and antimalware programs on each user computer b. Strict access privileges to corporate data c. Deactivation of media ports 4) LAN Domain a. Utilizing network switches b. WPA 2 encryption to wireless access points c. Securing server rooms from unauthorized access 5) LAN to WAN Domain a. Closing off unused ports via a firewall to reduce the chance of unwanted network access b. Monitor inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent c. Run all networking hardware with up to date security patches, and operating systems 6) WAN Domain a. Enforce encryption, and VPN tunneling for remote connections b. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks c. Enforce antivirus scanning of email attachments i. Isolate found malicious software (virus, Trojans, etc.) when found d. Deployment of redundant internet connections to maximize availability
Nt2580 Project 1 Multi Layered Security Plan
7) Remote Access Domain a. Establish strict user password policies, as well as lockout policies to defend against brute force attacks b. Require the use of authorization tokens, have a real-time lockout procedure if token is lost, or stolen c. Encrypt the hard drives of company computers, laptops and mobile device to prevent the loss of sensitive data. Works Cited Kim, D., & Solomon, M. G. Part 1: The Need for Information Security. In Fundamentals of Information Systems Security. Jones & Bartlett Learning.
Evaluation of Some Websites that Offer Virtual Phone Numbers for SMS Reception and Websites to Obtain Virtual Debit/Credit Cards for Online Accounts Verifications
TikTok Algorithms 2024 $15,000/Month Guide To Escape Your Job And Build an Successful Social Media Marketing Business From Home Using Your Personal Account, Branding, SEO, Influencer
Branding: What You Need to Know About Building a Personal Brand and Growing Your Small Business Using Social Media Marketing and Offline Guerrilla Tactics
Summary of Traffic Secrets: by Russell Brunson - The Underground Playbook for Filling Your Websites and Funnels with Your Dream Customers - A Comprehensive Summary