Implementation of an Organization-Wide Security Plan

  • Uncategorized

ORGANIZATION-WIDE SECURITY PLAN 8

Implementationof an Organization-Wide Security Plan

Implementationof an Organization-Wide Security Plan

  1. Relevant IT infrastructure domains to envision, design, and develop access controls.

Therelevant IT infrastructure domains needed to develop the accesscontrols include the WAN (Wide Area Network), workstation domain, LAN(Local Area Network) domain, remote access domain, user domain, andsystem/application/storage domain (Chapple,2013).The design will integrate antivirus, internet restrictions,firewalls, usernames, and passwords to provide selective restrictionsto all the identified domains (Peltier,2013).

  1. An Organization-Wide Access Control Plan.

Theorganization-wide access control plan will integrate appropriateaccess controls to the different part of the system. With regards tostorage and equipment areas, the system will integrate restrictedaccess as well as secondary locks to enhance security, especially ondatabase servers (Peltier,2013).Additionally, the system will include encryption policies to protectsensitive data. A strong password policy will be implemented thepassword used must include a combination of capitalized and lowercaseletters, numbers, as well as special characters (Chapple,2013).Technology being used in protecting confidential and personal datamust quickly adapt to mitigate the current risks and threats.Furthermore, a network-based access control system will be integratedthat can tackle the failures of present technological solutions toensure the privacy and confidentiality of data are promoted.Similarly, the access control system must ensure security and safetyof the network (Chapple,2013).Furthermore, user accounts will be integrated into the system theusers will have necessary privileges as well as defined roles.

Smartcards, firewalls, keypads, passwords, intrusion detections systems,and tokens are some of the devices that will also be included in theaccess control plan (Peltier,2013).The security plan will integrate the active directory which is aWindow-based authentication system. Additionally, access to fileshares, network, applications, printers, desktop, laptops, scanners,remote access, and wireless access points will be limited to theemployee’s position and role within the organization (Peltier,2013).Besides, the least privilege baseline will be included to make sureno employee has full control of the whole system.

TheActive Directory lets the user authorize and validate other computersand users in allocation and enforcement of security protocols for allcomputers and when updating or installing new software (Chapple,2013).Active Directory will restrict access based on the permission whichis set and assigned to different users. Shared folders will be usedto serve multiple users working on different computers (Hsieh,2015).The structure of the Active Directory will determine theorganizational units specifying where a user belongs and theapplicable permissions given while they access the system (Hsieh,2015). Integrating numerous layers of security in all the domains willensure the whole network is strongly protected especially if a singlelayer of control fails.

Furthermore,the access control plan would entail comprehensive training for allusers to build their capacity in such areas as social engineeringtechniques and protecting user IDs and passwords (Kim,2013).A strong antimalware or antivirus software will be installed andregularly updated on all system devices such as smartphones, tablets,and computers. Additionally, a firewall will be relied on tosafeguard the LAN-to-WAN and WAN domains from any unsanctionedaccess. Besides, the firewall and switches will be used as intrusiondetection and deterrence systems to alert administrators of anyinternal or external attacks to protect the LAN-to-WAN and LANdomains.

Allauthorized users will use a unique ID and password while they log oninto their devices they will also be required to verify theiridentity to safeguard the LAN and workstation domain further. Theirlog-in credentials will give them access privileges which areexclusive to the resources or information they require to performtheir jobs (Chapple,2013).Such control while help minimizes the damage that might likely beexperienced especially if their log-in credentials are compromised toprotect the workstation and LAN domains further.

3.Detailed implementation procedures and plans to help in the executionof the organization-wide access control plan.

Theimplementation plans and procedures will include proper proceduresfor identification and verification through enforcing the passwordpolicy. Secondly, they will be accessed/account control that willrestrict access to different parts of the network or system (Kim,2013).The system will include controlled sessions functionalities torestrict users from access more than a single workstationsimultaneously. The plan will consider security products likeintrusion detection system, firewalls, and encryption. Additionally,virus protection will be considered to safeguard against phishing,virus, spyware, and malware attacks (Chapple,2013).Lastly, the network maintenance will integrate suitable securitypatches.

Employeesmust have a responsibility to safeguard the availability, integrity,and confidentiality of data generated, stored, accessed, transmitted,changed, or utilized by the company (Chapple,2013).Different departments will implement all technical, physical, andoperational access controls according to the policy to protect publicdata, official use only data, and confidential data (Peltier,2013).

AccessControl Descriptions:

User Accounts

Physical Access

Necessary Privileges

User Roles

Access Mechanisms

Chief Executive Officer (CEO)

All

Administrator

Author role

Badge, System Authentication (Username/Password)

Executives

All

Administrator

Author role

Badge, System Authentication (Username/Password)

General Manager

All

Administrator

Author role

Badge, System Authentication (Username/Password)

Manager

All

Log-in, Create, delete, as well as manage user accounts.

Author role

Badge, System Authentication (Password/Username)

Employees

Relevant work station

Log-in locally, Files and directories.

Contributor role

Badge, System Authentication (Password/Username)

Receiving/ Shipping Department

Shipping Receiving /All employee stations

Log-in locally, Receiving files.

Author role

Badge, System Authentication (Password/Username)

Sales Department

Sales Department Station

Log-in locally, Sales files.

Advanced Author

Badge, System Authentication (Password/Username)

Customers/Clients

Guest/ Lobby Access

Guest

Browser

Guest (temp) Badge, Guest System Authentication when needed (Password/Username)

Information Technology Systems Admin

ALL

Administrator

Badge, System Authentication (Password/Username)

Information Technology Network Admin

ALL

Administrator

Badge, System Authentication (Password/Username)

References

Chapple,M., Ballad, B., Ballad, T., &amp Banks, E. (2013).&nbspAccesscontrol, authentication, and public key infrastructure.Jones and Bartlett Publishers, Inc.

Hsieh,C. H., Lai, C. M., Mao, C. H., Kao, T. C., &amp Lee, K. C. (2015).AD2: Anomaly detection on active directory log data for insiderthreat monitoring. In&nbspSecurityTechnology (ICCST), 2015 International Carnahan Conference on&nbsp(pp.287-292). IEEE.

Kim,D., &amp Solomon, M. G. (2016).&nbspFundamentalsof information systems security.Jones &amp Bartlett Learning.

Peltier,T. R. (2013).&nbspInformationsecurity fundamentals.CRC Press.