IT 200: Milestone Three
Network security is one of the most important aspects of implementing a fully functional working network, downtime caused by poor network security can cause major economic loses. The two matters that need to be addressed is the User and Physical equipment.
Network security begins with the user. As such would implement a Network Use policy that the employee must sign and adhere to. The company network is to be used for work purposes only. All activity will be monitored and subjected to review by upper management. All users will use strong passwords that are at least 8 characters with upper case and at least one number and not to be shared not even to their immediate supervisors unless OK by IT and or upper management such as a VP or higher. All passwords will be monitored and subject to a monthly ...view middle of the document...
The wireless password will be at least WEP level with a strong password that is not to be shared among employees. All servers will have the latest software updates and patched accordingly to the application software recommendations. All devices on the network that have access to the internet and network will be physically placed behind a standalone physical firewall such as a Cisco ASA or SonicWALL firewall. All ports unless justified for opening will be closed. If a trading partner is connected to the Swagger network the same principles must apply a strong encryption between the two networks. Only upper management or sales will have VPN network access from the outside. No personal smartphone\laptop will be allowed to the company network unless approved by VP or higher.
Why such drastic measures, as I mentioned earlier network downtime or a data breach can cause major losses that could be devastating to any company. We can take the example of the Target data breach incident of 2013 where millions of customer’s credit and debit card information was stolen by a data breach. A simple task such as keeping a contractors password secured or a monthly password change could have kept this from ever happening. Not only did it cause millions in damage but target has to now invest millions in network security. Such a data breach at a smaller business such as Swagger distribution would be devastating that could result in the company going bankrupt.
1. Internet Security; Reference for Business, Encyclopedia of Business 2nd edition. http://www.referenceforbusiness.com/small/Inc-Mail/Internet-Security.html
2. OpenDNS; https://www.opendns.com/enterprise-security/solutions/web-filtering/
3. Target Data Breach happened because of a basic network segmentation error. Computerworld, Feb 6, 2014. Vijayan, Jaikumar. http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.html