The marketing department is crucial to the operation of the business. Therefore, computers in the marketing department will be secured through deployment of anti-malware programs, intrusion detection and prevention systems, firewalls and use of security policies. Access policies will be tailor made to control who uses the computers. Sales force comprises of the sales department personnel. Because most of the time these users are telecommuting, their computers and laptops must be secured. External users will be authenticated before they are allowed to connect to the company resources. The administrator will check external laptops given to the sales force to ascertain company approved patches and antivirus. As part of the configurations, the administrator will determine the public facing IPs of the server or the Fully Qualified Domain Name of the server. All the mobile telecommuters will be registered and allowed direct access through the DirectAccess settings in the Group Policy Object. In case of theft, personal computers will not be useful because they require authentication privileges held by the certified user only.
The organization is recommended to set up a VPN connection to support internal and external users. Intranet based VPNs connects the organizational diverse locations with the headquarters. Connectivity is essentially for file and application sharing. IPSec is mostly used to create this kind of networks. For remote connections, telecommuters are enabled to access the organizations pool of resources through a dial up service via a local internet connection. Remote users will be required to dial up a local internet connection which will initiate a secure IPSec-based VPN connection to the organization.
Workstations within the building and the server will be secured by use of host based intrusion detection and prevention system. Host intrusion detection systems are security methods used in computers and network management. In HIDS, anti-threat applications such as spyware-detection programs, antivirus software’s and firewalls are installed on every networks computer. This is applicable in two-way access platforms such as the internet and gathers information from various sources and analyses it to identify possible areas of attacks. HIDS is, therefore, suitable for business critical hosts and servers in a DMZ that are compromised more frequently . Demilitarized zones add an additional layer of security to the organizations network because any attacker can only access the external-facing components of the network instead of the whole network. Data in the external facing layer require lowest security while those on the inside require first priority protection. Thus, DMZ is worth implementing.
The data in the company’s databases is crucial for continued business operations and should be protected. Different types of users have got access to this data. Sales force, administrators, and managers will access information at different levels of access. Sales force will be granted access to associated functions such as updating the sales tables among others. However, they will be denied editing or deleting user information. Administrators will have the overall duty of creating accounts for each user and updating their details. Managers will oversee the sales departments operations, targets, and related functions. Thus their access rights are higher than those of the sales team.
OS hardening
OS hardening is done to eliminate all the possible threats.
For server hardening, the guest accounts are disabled while administrator accounts are changed regularly.
In the same way, unneeded services should be turned off to protect the network from possible attacks. For Cisco routers, the following services can be disabled; tcp small-servers, udp small-servers, no ip source-route, finger protocol and no ip identd.
The implementation of this security features is expected to take a period of three months. The company will set up a VPN network to accommodate telecommuting users. This will take a month. Second, host based intrusion and prevention systems will be installed on all the workstations. This will proceed one department after the other. It is expected to take approximately one month until completion. Finally, testing of the systems will be conducted to determine their efficiency. The testing process will take two weeks.
Testing will determine effectiveness of the systems put in place. Remote access functionalities will be tested via the use of wrong credentials to determine if access and authentication will be granted. If denied on the network, the system is effective. Likewise, network traffic to the internal workstations and servers will be tested. The process will utilize known malware to try to intrude into the system. If the attack in unsuccessful, the system will be considered up to date in terms of security.
References
Brian Caswell, J. B. (2008). Snort 2.1 Intrusion Detection, Second Edition. Syngress.
Kizza, J. M. (2009). A guide to computer network security. Springer.
Mansfield-Devine, S. (2011). DDoS: threats and mitigation. Network Security. Springer .
