Rajiv Nelvoy

D40297481
02/15/2015

NeuroGimmicks Network Security
Policy and Practices

General Security Policy
1. Secure Internal network and Cloud Services
NeuroGimmicks’ network will be separate from the public Internet by strong user
authentication mechanisms and policy enforcement systems like firewalls and web
filtering proxies. Additional monitoring and security solutions, such as anti-virus software
and intrusion detection systems, should also be employed to identify and stop malicious
code or unauthorized access attempts.
Internal Network
The boundary points on NeuroGimmicks’ network will be identified and each boundary
will be evaluated to determine what types of security controls are necessary and how they
can be best deployed. Border routers should be configured to only route traffic to and
from NeuroGimmicks’ public IP addresses, firewalls should be deployed to resist traffic
only to and from the minimum set of necessary services, and intrusion prevention
systems should be configured to monitor for suspicious activity crossing your network
perimeter.
Cloud based services
NeuroGimmicks will consult the terms of service with all cloud service providers to
ensure that its information and activities are protected with the same degree of security
that we want. It will also enquire about additional services.

Develop strong password policies Adopt two-factor authentication methods as they are much more secure than static passwords for authentication.2. 3. that are changed regularly. including networking equipment. Technical functionality . complex and long (at least 10 characters). 4. NeuroGimmicks encourages employees to use the strongest passwords possible without creating the need or temptation to reuse passwords or write them down. in addition to meeting applicable regulatory requirements on information safeguarding. Use automatic updating services whenever possible. However. One common example is a personal security token that displays changing passcodes to be used in conjunction with an established password. should be updated in a timely fashion as patches and firmware upgrades become available. Encrypt sensitive company data Encryption should be employed to protect any data that NeuroGimmicks considers sensitive. applications that comply with the OpenPGP standard. web filtering tools and intrusion prevention systems. However. especially for security systems such as anti-malware applications. and that are closely guarded by those who know them. such as PGP and GnuPG. That means passwords that are random. two-factor systems may not always be secure. provide a wide range of options for securing data on disk as well as in transit. Regularly update all applications All systems and software. Different encryption schemes are appropriate under different circumstances.

from http://www. (n. Wireless NIC: All PCs and laptops that need to connect to the wireless network require a Wireless Network Interface Card (NIC).).d. from http://www. 2.NeuroGimmicks has chosen L-com Connectivity Products to provide as a solutions service for our network. 2015. 3.0.gov/cyberplanner [2] SOHO Network Design.d. The Wireless AP is usually connected to a wired network switch or router.stepwise. Retrieved February 16.hk/npwiki/Lecture/HomeNetworkDesign . (n. References [1] FCC Small Biz Cyber Planner 2. They allow for the computer to communicate with the access point.). Retrieved February 16. Wireless Router: It is used to connect multiple wireless computers or laptops to a single Cable/DSL modem so that all wireless clients can share one Internet connection.fcc. 2015. Wireless AP: This is the Wireless Access Point that acts as the central receiver for all the wireless PCs and laptops. The three basic components that we will be needing are: 1. It is an Ethernet card and an antenna built into one and is present in computers and laptops.