Multi-layered security Plan Essay

Hardware and software are key pieces of any organizations infrastructure. Components in for each one domain of the septenary domains of the IT infrastructure may connect to a network or to the internet, and lowlife be vulnerable to malicious attacks. malevolent attacks on hardware and software can also lead to to a greater extent widespread problems. These problems can include loss of critical data or theft of financial information or cerebral property.Unprotected IT and network infrastructure assets can offer attackers and cybercriminals the widest opening to ingress sensitive resources. The ease of access makes assets that are connected to the internet the more or less parking area first point of attack. That means those assets should be you first line of defense. Technical failure and human error are the most common ca social occasions of unintentional downtime. Malicious attacks can occur and ca engagement downtime in all seven domains of an IT infrastructure, simply you are more likely to see them in the User, Workstation, local area network, and WAN domains.Opportunity apostrophize is the amount of money a company losses due to downtime. The downtime can be either intentional or unintentional. Some organizations refer to opportunity exist as true downtime cost. It usually measures the loss of productivity experienced by an organization due to downtime. champion of the most important things that information security professionals strain to protect is their organizations reputation and brand image. Companies that suffer from security breaches and malicious attacks that expose any assets are likely to face serious shun consequences in the public eye. In the popular employment and in the media, the term hacker often describes someone who breaks into a computer system without authorization. In most cases that means the hacker tries to take control of a remote computer through a network, or software cracking.The media and the general public also u se the word hacker to describe anyone accused of using engine room for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, or one of many another(prenominal) forms of crime. Protecting an organizations computing resources requires that you have some idea what tools your enemy will be using. Knowing how attackers work makes it possible to defend against their attacks. many another(prenominal) organizations use the same tools that attackers use to help identify weaknesses they need to address and it is better to do so before an attacker does. Computer criminals and malicious individuals use a add of hardware and software tools to help carry out attacks.These tools and techniques include Vulnerability scanners, Port scanners, Sniffers, War dialers, and Key loggers. As with most technology requirements, it is impossible to cover all of your organizational needs with a single machine or program. By the same token, haphazardly bolting together a numbe r of unrelated solutions leaves cracks that only get bigger as time goes on. Whats required is a multi-layered, company-wide approach in which integrated products complement and reinforce each other. In multilayered Network intrusion detection Systems (NIDS) is the first level of protection against remote intruders. NIDS monitor all the communications that come in to and stop those that whole tone suspicious.This prevents hackers from overloading your server with Denial of Server (DOS) attacks and scanning your ports for vulnerabilities. Next comes the firewall which only legitimate communications (e.g. email, password certified remote users) are permitted to go through the firewall. This prevents unauthorised users from logging into or using your network. Then comes Email Scanning, while an email is technically an authentic form of communication, it may contain objectionable content (pornography, mystic information, overly large files, etc.).This software scans the contents of t he email and rejects those that violate your company policies. Internet Security similar to email, a web site is technically an authorized form of communication. However only certain web sites and downloads are appropriate for the workplace. This software uses internal criteria to limit the sites that can be visited, and scans what is downloaded. After that comes Server take Virus Scanning which is a strong anti- virus program with updated signature files checks for viruses on every file that is saved to the server and protects against them. This is particularly important for email servers, much(prenominal) as those running MS Exchange.Workstation Virus Scanning Not every file is saved on the server. Files from a number of sources including those from infected floppy disks or downloaded off the internet are put directly on the local workstation, which therefore requires its own Anti-Virus software. Update Communication Software From time to time, prospective intruders and virus writers find vulnerabilities in popular types of communication software, such as Microsoft Outlook. When those holes are discovered software fixes or patches are made to close the vulnerabilities. It is therefore incumbent to be diligent about being aware of these updates and applying them to the software.THE BEST DEFENSE Attentive Employees and Corporate Policies We can implement many effective technological solutions, but the most essential piece of a secure business is a company of people who understand the various dangers and the role they play in preventing them. One regularly quoted statistic is that 80% of security breaches come from inside the company. Strong security requires strong corporate policies, clear management dedication, and good employee education about risks. 1) ecumenicalThis MLS plan will give a brief overview of the security strategies that will be implemented at each level of the IT infrastructure. 2) User celestial orbita. The usage of security awarenes s training to instruct employees of Richman Investments security policies b. Auditing of user activity3) Workstation Domaina. The usage of antivirus and anti-malware programs on each user computer b. Strict access privileges to corporate datac. Deactivation of media ports4) LAN Domaina. Utilizing network switchesb. WPA 2 encryption to wireless access pointsc. Securing server rooms from unauthorized access5) LAN to WAN Domaina. Closing off unused ports via a firewall to reduce the chance of unwanted network access b. Monitor inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent c. Run all networking hardware with up to date security patches, and operating systems 6) WAN Domaina. Enforce encryption, and VPN tunneling for remote connections b. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks c. Enforce anti-virus scanning of email attachmentsi. Isolate plant malicious sof tware (virus, Trojans, etc.) when found d. Deployment of redundant internet connections to maximize availability 7)Remote Access Domaina. Establish strict user password policies, as well as lockout policies to defend against brute force attacks b. Require the use of authorization tokens, have a real-time lockout procedure if token is lost, or stolen c. enrol the hard drives of company computers, laptops and mobile device to prevent the loss of sensitive data