Multi Layered Security Plan Essay

Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has antivirus and malware protection installed on them. Laptops are very vulnerable for loss or theft, so all company laptops should have an encrypted hard drive so that if they are stolen, the data contained on them is not recovered by anyone but the owner. For the LAN domain, we need to have training about email scams. Most users know not to access suspicious emails when on our system but a quick training course will help. Also, adding spam filters will help get rid of most of the junk email, so there is much less risk of employees opening emails containing malware. In the LAN-to-WAN domain, we need to shut down the FTP server we have running and switch it over to use secure FTP so that only users allowed on our system can access our FTP server. In the WAN domain, we need to make sure that we have firewalls set up on our network to filter all incoming traffic. A firewall will stop all traffic coming on to our system that is not meant or not wanted on the Richman Investments network. For the remote access domain, we need to make sure the VPN we use is secure so that our employees are not exposing sensitive data to anyone outside of our network. In order to do this we will make sure that everyone using a VPN to access our network has to authenticate to the system to get authorization. For the systems/application domain, we need to lessen chances for attacks on our servers. This will be done by figuring out which ports and services are not being used and shutting off access to those ports. This will give hackers less ways onto our system. Also we need to make sure all servers have the latest patches and updates. These updates provide the latest security patches and keep our servers running at their full potential with less likelihood of vulnerabilities. Applying all these security measures will ensure a much safer environment, technically speaking. This multi-layered security approach will help keep our network secure and running smoothly.