Network security
Dalton, Walton, & Carlton, Inc. have security issues that need to be considered. The issues that are found in this company are both external and internal. This paper will analyze the internal security issues that are found within the company.
Internal security issues
The router and the gateway in the company have been set without a DMZ. This mechanism is used to filter access requests so that the requests that are suspect are avoided and denied access to the network. This mechanism is lacking in the company. Another security issue is that of access control. There is no control of who accesses the network of the company. This is the reason as to why the vendors of Dalton, Walton, & Carlton, Inc. still access the network from whichever place they are. This is a security issue that should be corrected. This is because these vendors can breach the data integrity agreement and access critical data from the company network and show the competitors. There should be an access control policy in the company so that vendors access the network by using passwords of administrators. After the vendors finish with what they are doing, the administrators can then change the password. This way the network is always safe. In the current state, there is no safety and thus it is a security issue that should be considered. One of the goals in our design is to make sure that the management traffic will be kept away from the production network so that the chances of being intercepted when on transit are eliminated by all means. The ideal way that this could be achieved is that we could make sure that each device should have a physical port on the management VLAN.
Another security issue that is still lacking is that the network design still lacks is the framework/infrastructure that we will use to manage the network. For this to be achieved, we will need to have in place at least one management workstation, one tftp servers, and at least one syslog server. It is evident that we also need to have a password management server that will be used to manage the passwords that will be used for authentication purposes.
Another internal issue is that of account passwords and . One evident issue is that of using one password in resetting the passwords that have been lost. What should be done is have the system generate the password automatically. This way, the password reset process is secure and the password is known by the users alone.
External security issues
One external security issue that is common in the case is that of an unsecured wireless network. There is no security measure that has been taken to protect intruders to the wireless network that is used by the human resource personnel. The wireless network is one access point that intruders can use to access the system. There should be the use of one security policy for the wireless network like the WPA2 security mechanism.
Another external security issue that is evident within the company is that of unsecured doors and entry points. There is no enough physical security in the company. This is the reason why computers were stolen with much ease from the company. There should be strong locks and security personnel manning the premises of the company all times of the day. This way, physical loss of the hardware would not have occurred.
References
Bosworth, S. (2009). Computer security handbook (5 ed., Vol. 2). New Jersey: John Wiley and Sons.
Goodrich, M., & TamassiaRachel. (2011). Introduction to computer security. New Jersey: Keberos.
