File Level Security Solution

This project identifies a two possible issues that can happen during the system operations like hacking or data loss due to improper security provided to the company branches and there is no proper infrastructure of the firewall for the network structure. The aircraft security policy result in failure due to their two year reset program.

The likelihood of an attack or breach dealing with the current infrastructure of the company’s

Rob Pettigrew is the manager of technical systems and help desk center of Wyoming Medical Center in Casper, Wyoming. Protecting networks are getting harder as there are different types of devices being used by companies. An example of this is Wyoming Medical Center has four different classifications of PCs, PCs in the hallways for the staff to use, PCs at the nursing stations, PCs in offices, and PCs on that move between patient rooms. Pettigrew deployed Novell ZenWorks to 850 of the medical centers 900 PCs to ensure each one has the right software. With having multiple applications, medical software systems, and the different machine types, and restrictions make it difficult for Pettigrew to ensure proper protection for the network. Another concern is the

When deciding how to grant access to users, the main concept is limiting access. Users should be granted only based on level of permissions they need in order to perform their job duties. By placing users into groups according to their job titles in an organization, this will provide these users access to company information and resources in the network. These group assignments will allow an organization to give users only what they need to complete their job tasks and ensure that unauthorized access is limited.

There are multiple aspects of security in this network, which I have tried to implement as much as possible. This is where the CIA triangle comes into play, confidentiality, rules and limits to access information; Integrity, making sure the data is accurate and trustworthy; Availability, having reliable access to the information. I am going to talk about each aspect in a list format and explain how it’s used in my network. One thing that will be performed on all network devices is system updates and patches. They will happen on a monthly basis, on a weekend when the networks are not being used.

Team “C” was hired by Riordan Manufacturing management to overhaul the security features currently employed by the company. Management outlined a comprehensive plan that included a complete hardware refresh, security best practices and end user training. Team “C” will devote resources to assess the physical and network security issues and concerns at each Riordan plant. Once those have been identified, Team “C” will identify the data security issues and concerns present at each Riordan plant. Finally, Team “C” will address web security issues and concerns present at each Riordan plant and recommend a way forward for the company.

A group in an organization is used by the employees or users to read wow and share the information. The permissions like read, write, execute and share are provided based on the job roles.

Hospital and health facility administrators face hardened criminals who hack medical records with ever-increasing sophistication. Hackers gain access to critical information, such as medical claims, financial data, Social Security numbers and credit card data that enable identity theft, credit card fraud and other privacy breaches. One of the major security failures in the news was the CareFirst BlueCross BlueShield attack that exposed 1.1 million of its members to thefts of their personal information.[1] Combined with high-profile breaches at Anthem and Premera Blue Cross, the breach illustrates the changing role of medical administrators

When a security principal receives Allow permissions from multiple groups, the permissions are combined to form the effective permissions.

Also, we must look at the physical risks that are in place because of the physical layout of the pharmacy. Since the front of the store faces the mall that means that the person that delivers the drugs or medications is coming from the back door. Which means this puts the server room at risk because the only personnel that need to be in the server room are those that have access to the server room itself. If someone other than IT needs access to this room for any reason, they should get approval at a corporate level. Also, at any point that this server room door should be open for any reason without approval should definitely be monitored to make sure that nothing ends up “walking”. Such computer hardware or cabling are stored here it is an easy target for something to come up missing in this area. There should also be lock on the door that should be a pin code so that no one else knows what that code is. If someone leaves the company for any reason this lock should be changed in order to remain in full security and compliance with company policies.

A small company is using the topology shown below. Minimal security measures have been implemented. Possible vulnerabilities need to be discovered in any of the devices used in the network architecture. This includes routers, switches, and workstations.

Two weaknesses were found in regards to the company 's network security. First weakness is a hardware weakness; and another is IDS which not having a Network-based Intrusion Detection System (IDS) in use. The recommended solutions are to show an AAA server for user authentication and authorization to company resources, and deploy a combination Host and Network-based IDS for overall monitoring of the company 's enterprise.

What should be installed and configured for the offices with limited IT staff and security? How will this be accomplished and deployed?

The first lesson that Halamka learned is do not hesitate to contact experts. This is the most important lesson that the CareGroup’s IT team have to learnt. They waited one day after the systems had collapsed to call in Cisco. And during the day they have tried to fix the network by themselves without knowing what is the main and basic cause of the problem was.

Although the company could operate normally with all of the physical server equipment being located in one of the two locations based on the budget we would recommend having some equipment at both locations. The Los Angeles is clearly the primary location as most of the staff including IT will be located there but by having some redundancy at the New York location we could provide a much higher level of availability. This means that an outage or breach of security at the Los Angeles location could be minimized since we could transition to the New York equipment as the primary. These redundancies are extremely critical in our line of work. We can’t afford to lose creative data that could take weeks