Security Domain and Strategies

1171 WordsApr 15, 20125 Pages
Security Domain and Strategies The Richman Company is a successful and prosperous firm with branches in eight locations throughout the country and Canada. To support its growth, the company uses both an intranet and an extranet network. These networks are essential to the successful operation of the company because they provide the means of communicating with all employees, who use the intranet to enroll in company benefit programs. These networks also allow all of the company’s business partners, vendors and privileged customers to gain information about the company. In recent years, the company has been expanding rapidly. As one of the company’s interns, I have been asked to analyze the company’s vulnerabilities and make a plan…show more content…
• procedures that discuss the systematic action to accomplish a security requirement, process, or objective and covering such things as changing passwords, responding to incidents, and creating backups. • baseline workstation requirements that list the components and configuration settings which will make it easy to ensure all new workstations are the same. • baseline settings for each of the different operating system used by Richman such as Windows Vista, Windows 7, Windows XP, Windows 2000, and Mac OSX. • a defined plan for auditing to include how security controls will be verified. Also, as a means of non-repudiation, once an employee participates in training to ensure knowledge of the company’s policy, the employee must sign a statement verifying agreement with and acceptance of the company policy. Finally, after investigating several systems on the market and in order to best protect Richman from the vulnerabilities discussed above, I propose that the company contract with the Cisco Corporation for the acquisition of the Cisco 5580. According to the Cisco 5580 Data Sheet, this system has market-proven security capabilities. The Cisco ASA 5500 Series integrates multiple full-featured, high-performance security services, including application-aware firewall, SSL and IPsec VPN, IPS with Global Correlation and guaranteed coverage, antivirus, antispam, antiphishing, and web filtering
Open Document