Richman Investments |
Richman Internet Infrastructure Security Management Upgrade |
ITT Technical Institute NT2580 Course Project |
Jason R Spitler |
Based on the premises that Richman has 5000 employees throughout the main office and several branch offices, this document dictates research solutions and details the appropriate access controls including policies, standards, and procedures that define who users are, what they can do, which resources they can access, and which operations they can perform on a system. |
I. Richman Internet Infrastructure Security Management Upgrade
Based on the premises that Richman has 5000 employees ...view middle of the document...
1. Biometric Identification - Biometrics is the science of identifying someone from physical characteristics. A user’s fingerprint is one of the strongest authenticators available. Never lost during a commute or forgotten at home, has fingerprint authentication introduced a new plateau of convenience for fast, secure access all users will have, Desktop USB add on, laptops and Iphone6 with biometric fingerprint scanners. This will be level one security. The log records will show GPS coordinates of the scanned process as well.
2. Device Authentication- Entrust IdentityGuard software leads the industry as one of the most robust authentication. We can use Entrust for device authentication, biometrics, digital certificates, mobile soft tokens, and IP Geolocation. 3M Cogent provides the highest-quality fingerprint authentication technology to government, border services and security- conscious organizations across the globe. “Entrust has partnered with 3M Cogent to integrate its world-class fingerprint enrollment and verification technology into the Entrust IdentityGuard software authentication platform.”(2) These are all available through Entrust.
3. Windows Basic Authentication-User ID and password. This is the most common, and typically the simplest, approach to identifying someone because it is fully software-based.
B. Strong Password Resolution
Make no mistake: An eight-character password could be very secure, even if attacked by today's high-speed computers. This method will soon be antiquated. Fortune 100 corporations, small firms and even Internet service providers with strong security have an Achilles heel; users who pick easily guessable passwords. Many who think themselves clever place a digit or two on the end of their chosen word. Such feeble attempts at deception are no match for today's computers, which are capable of trying millions of word variations per second and often can guess a good number of passwords in less than a minute. Richman must stay one step ahead and have a torn Achilles tendon no more
1. SFSP - Simple Formula for Strong Passwords
SFSP is a simple way for all users to grasp the idea of good password creation methods. This will be taught to all Richman users by corporate video training followed by password reset script for users to change their passwords to the new method. SFSP works on a three part method.
a. Input Rules are static procedures dictating where certain information is to be typed
b. Secret Code is a static number that a user secretly chooses that is easy to remember.
c. Memory Cue is a an easy to remember word the user secretly selects
2. This is an example of the new password method for Richman employees. You can make as many input rules as the company deems necessary. For this password example there are two rules. The static number is the first number before the rule changes the number. The memory cue is the easy to remember word.
a. R1 = Add doubling numbers...