The security mechanism that should be used to ensure that users who log into the system is identification and authentication. Identification is where the user provides security ID to the security system in the computer lab in order to access to the computers. This means that before the user can access the system, there should be a system where users provide their details. For instance, the office door should require that each user has ID card. The user is then identified by the user ID provided to the security system. After this process authentication should also be done. This is the process where users should be able to prove that they are who they are before logging into the computer. A person my get user ID in a fraudulent way and present it to the security system. The security system will indentify the user as valid and real owner of the ID. However, there must be another step where the user can actually prove to be the holders of the user ID. Credentials are presented to the system and there are many ways of presenting the credentials. The authentication can be something like secrete question that only the user and the system knows, tickets are certificates.
The files in the accounts office can only be accessed by the employees in the office by ensuring that the file server is not connected with other departments. This means that have a dedicated file server meant only for accounts employees. Create privileges and unique access credentials from other department.
The server operating system that will be selected for this system is the Linux operating system. This is because of the price; there are free server operating systems to those that can be purchased. This means that the organization can use a free version then upgrade to a paid or licensed Linux server operating systems. Ubuntu Linux for instance offers the same services as professional or licensed server operating systems. The work stations will also use Ubuntu operating systems this means that the process of patching will be easier. There will be no cross platform configuration of security features. Ubuntu has a lot of support and development ideas because it is an open source OS this means that it has a strong security features (Aydın, Zaim, & Ceylan, 2009).
The process of implementing security measures should be done starting from the server systems to the workstations. Implementation should be done in phases where one department is installed with security system before moving to the next department. This will make sure that there is no security gap in the system. The department will be secured before moving to the next department. The implementation process should take three months with each department taking one week to install and test.
Testing is the process of ensuring that the security systems are working as intended. The process of authentication can be done by users using other people’s details to log into the system and providing wrong credentials. The testing process will be successful if the security system detects such cases. The biometric scanners will also be tested and ensure that only people with the right details are allowed into the accounts department.
References
Aydın, M. A., Zaim, A. H., & Ceylan, K. G. (2009). A hybrid intrusion detection system design for computer network security. Computers & Electrical Engineering, 35(3), 517-526.
Gollmann, D. (2010). Computer security. Wiley Interdisciplinary Reviews: Computational Statistics, 2(5), 544-554.
