You are on page 1of 3

Nt2580 Project 1 Multi Layered Security Plan

Nt2580 Project 1 Multi Layered Security Plan


Keeping information assets secure is challenging for any business,
regardless of its size. It seems there's no limit to the ingenuity and
maliciousness of today's cybercriminals, hackers and identity thieves. In
fact, hackers have become so sophisticated and organized that their
operational methods are similar to those of traditional software
development and business practices.
When developing a multi-layered security plan, you must look at each of
the seven domains of the IT infrastructure and increase security on each of
those domains. Increasing the security on each of those seven domains will
increase the overall security of the system and create a multi-layered
security plan. In the user domain, one of the easiest ways for the system to
be compromised is through the users. Simplicity of users passwords can
be a major problem so we need to implement complex passwords including
eight or more characters, both upper and lower case, and use of at least
one special character. Passwords will need to be changed every three
months and the same password cannot be used again for one calendar
year.
Project Part 1
Multi Layered Security Plan
Richman Investments
1) General
This MLS plan will give a brief overview of the security strategies that will
be implemented at each level of the IT infrastructure.
2) User Domain
a. The usage of security awareness training to instruct employees of
Richman Investments security policies
b. Auditing of user activity

Nt2580 Project 1 Multi Layered Security Plan


3) Workstation Domain
a. The usage of antivirus and antimalware programs on each user
computer
b. Strict access privileges to corporate data
c. Deactivation of media ports
4) LAN Domain
a. Utilizing network switches
b. WPA 2 encryption to wireless access points
c. Securing server rooms from unauthorized access
5) LAN to WAN Domain
a. Closing off unused ports via a firewall to reduce the chance of unwanted
network access
b. Monitor inbound IP traffic, more specifically looking for inbound
transmissions that show signs of malicious intent
c. Run all networking hardware with up to date security patches, and
operating systems
6) WAN Domain
a. Enforce encryption, and VPN tunneling for remote connections
b. Configure routers, and network firewalls to block Ping requests to reduce
chance of Denial of Service attacks
c. Enforce antivirus scanning of email attachments
i. Isolate found malicious software (virus, Trojans, etc.) when found
d. Deployment of redundant internet connections to maximize availability

Nt2580 Project 1 Multi Layered Security Plan


7) Remote Access Domain
a. Establish strict user password policies, as well as lockout policies to
defend against brute force attacks
b. Require the use of authorization tokens, have a real-time lockout
procedure if token is lost, or stolen
c. Encrypt the hard drives of company computers, laptops and mobile
device to prevent the loss of sensitive data.
Works Cited
Kim, D., & Solomon, M. G. Part 1: The Need for Information Security. In
Fundamentals of Information Systems Security. Jones & Bartlett Learning.