Multi-Layered Security Outline Plan

759 Words4 Pages
RICHMAN FINANCIAL INVESTMENTAND CONSULTING FIRM Multi-Layered Security Outline Plan IT Infrastructure Security Daniel Satterfield 7/1/2014 Identification of Risks, Threats, and Vulnerabilities along with proposed Security measures and controls MULTI-LAYER SECURITY PLAN (OUTLINE) FOR RICHMAN INVESTMEN The following Multi-Layered Security Plan outline I am submitting for approval and implementation for Richman Investments, will provide a sound security plan for the firms most important mission critical assets, identifying and reducing vulnerabilities, Risks and threats to the firms confidential proprietary intelligence, sensitive customer data and other important assets within each of the Seven Domains that…show more content…
Unauthorized access to Applications, Data and Systems. User violates (AUP) and creates security risk for the organization’s IT infrastructure. Enable password protection for workstation access. Define strict “Access Control” policies, standards, and procedures. Annual mandated Security Awareness & Prevention Training. LAN DOMAIN Risk Threats and Vulnerabilities Security measures and controls Unauthorized access to LAN, LAN server operating systems software and applications vulnerabilities, compromise of confidentiality of data transmission via VLAN connection. Improperly secured wiring closets, data centers and computer rooms, Unauthorized access to systems, applications and data Maintain strict proper ID access control policies, standards, and guidelines. Implementation of second-level identification authorization testing procedures for sensitive applications, data and systems LAN TO WAN DOMAIN Risk Threats and Vulnerabilities Security measures and controls Unauthorized Network probing and port scanning. Unauthorized access through the LAN-WAN domain. IP router firewall and Network applications, operating systems, software, configuration errors and weakness. Conduct strict security monitoring controls for Intrusion deception solutions, distributed denial-of-service prevention & Protection. Disabling ping and port scanning on all
Open Document