Quality Web Design
SE571 Principles of Information Security and Privacy
Submitted: September 21, 2011
This report was commissioned to inspect and recommend solutions for Quality Web Designs (QWD) hardware equipment and software security concerns. QWD is a small local company concerned about the continual losses of hardware by employees travelling and stationary. The review of software solutions for the company revealed that they were lacking in several areas, the backup and recovery process, as well the lack of an antivirus solution. Hardware solutions were described as weak and require upgrade from the controls at the home and remote offices as well ...view middle of the document...
Laptops connecting from outside the network provide added risk, ample security measures are needed to ensure security is not breached. No antivirus software was noted in either the home or remote offices or in the software inventory. It is well known that virus protection is vital in all aspects of computing. Having a solid antivirus/anti-spam solution would diminish the probability of users local and remotely being infected and protect the network from would be attacks against them. An effective backup/recovery plan would prevent the loss of data from either structure failure or acts of nature and provide the company with a way to continue business while recuperating.
Software Recommended Solutions
Deployment of a VPN firewall that employs packet filtering to allow or disallow the flow of very specific types of network traffic should be put in place. Checkpoint can provide wired and wireless firewall security for the entire enterprise as well as a single office. The Firewall solutions provide comprehensive network security, rapid deployment, and excellent price / performance.
Symantec Backup Exec 2010 delivers reliable backup and recovery designed a growing business. Easily protect more data while you reduce storage and management costs through integrated reduplication and archiving technology. Reduce business downtime, ensure critical information on virtual or physical systems is always protected and restored in seconds.
Data Loss Prevention (DLP) systems identify, monitor, and protect data in use (e.g., endpoint actions), data in motion (e.g., network actions), and data at rest (e.g., data storage), through deep content inspection and contextual security analysis of transactions. The systems are designed to detect and prevent the unauthorized use and transmission of confidential information.
Encryption software should be used to protect the equipment from unwanted plug and play devices. This prevents unwanted data being placed onto media from the equipment owned by the company. The Checkpoint Blade server can protect mobile devices by providing a 100% encryption protection solution that for Hard Disk Drives. The software also protects against data being transferred from devices onto external media (i.e. thumb drives, CD/DVD ROMs).
Product | Purchase price | Life expectancy | Annual maintenance |
VPN Firewall | Included w/blade | 4 years | N/A |
Symantec Backup Software | $550 | 3 years | $300 |
Checkpoint Certification Training | $3000 | N/A | N/A |
Keeping the firmware updated on the servers PCs, handheld devices, printers and switches to avoid exploits and vulnerabilities being exposed should be consistent and managed centrally. A hacker could pray on the weakness discovered and put the company at risk by planting viruses or other mischievous worms. The Physical security to keep assets from being misplaced or stolen should be put in place to protect them. There are no safe...