In the New Converged World Are We Secure Enough - Essay Example

LAN AND LAN TO WAN INFRASTRUCTURE LAN and LAN to WAN Infrastructure Introduction Security is often easier to define when it is broken down into parts and sections. An information system is made up of the operating system, application software and hardware that seamlessly work together to store, process and collect data for organizations and systems. King (2007) stated that it is the sole responsibility of organizations and businesses to protect their data in addition to ensuring that there customer information and privacy is safe. Subsequently, the paper will analyze a security problem, a proposed technical chang4e to address the problem and an estimated budget of the proposed solution. The problems to be discussed in the paper revolve around improving the security domains of the organization, more specifically the LAN domain and LAN to WAN domain. Body The Current Problem and Its Significance Adequate internet security is one of the major challenges faced by businesses in today’s economy and the world at large. Vital information transferred over internet applications and networks on which governments and businesses depend on is usually facing unauthorized access. The process of organizing, gathering, finding, analyzing and managing of vital business information is crucial to the survival and success of a business. In 2003, computer viruses caused a whopping 55 billion dollars in loss to businesses worldwide. In 2011, a solitary instance of unauthorized access cost Sony more than $170million. On the other hand, Google suffered a $500000 loss in 2005 as a result of hacking. According to King (2007), single hacking instances can cost a firm or organization as much as $7million a day. However, this also depends on the company’s revenue. In addition to the financial cost, hacking leads to time wastage. This is because employees remain idle while the systems are down. King (2007) implied that while big organizations have the financial capacity to absorb the costs emanating from such events /attack, loss of employee time and revenue can be quite detrimental to operations of small firms. In this regard, a firm or business is often faced with a lot of vulnerabilities. Design flaws, incorrect implementation, poor security management, social engineering, and IT vulnerability are among the major sources of security weakness in an organization. The organization has a weak and outdated LAN and LAN to WAN infrastructure. This exposes the company to a lot of risks. As a result, Personal, intellectual and private data handled by the organization can be easily accessed by unauthorized personnel A Technical Solution The LAN domain is an amalgamation of computers which are interconnected to one another or to a common medium. Mediums include radio waves, wires or fiber optic cables. The organization’s LANs are organized by department or organization. The network interface card (NIC) is the first component of our new setup. The NIC is the interface in between the physical media and the computer. The NIC possesses a 6 byte media access control which acts as its unique identifier. Ethernet LAN is the second physical component. This component will be based on the 10/100/1000 mbps’s IEEE 802.3 CSMA/CD Ethernet networking. An unshielded cabling with RJ-45 jacks and connectors will be the third component. This will help in connecting physically to the LAN switch. King (2007) defined a LAN switch as a device which connects the relevant workstations with the Physical Ethernet LAN. Additionally, the system will have wireless access points within the network. Since the organization is small, a single access point will be enough. However, more access points can be introduced as the organization grows. The access point will act as radio Trans receivers. As such, it will transmit IP packets to a WAP from a WLAN NIC. WLAN signals are transmitted by the WAP to mobile laptops. Unshielded pair cabling will connect the LAN switch back to the WAP. LAN and Router Layout The major part of the LAN domain is made up of system administration and file and directory services. The latter consists of directories, folders and servers to which a user can get access while system administration is made up of user accounts with the relevant log in and password controls. In order to tackle LAN vulnerabilities, data centers, computer rooms and wiring closets will be made secure. Vulnerabilities may arise from within the OS itself or the LAN server softwares. Strict and firm access control standards, policies, guidelines and procedures have to be defined in order to increase the network safety. Additionally, second level access checks will be employed for individuals accessing sensitive applications, data and systems. Moreover, server/laptop/desktop vulnerabilities will also be addressed by reviewing vulnerability policies and guidelines. In addition to these security measures, a vulnerability assessment will have to be conducted periodically to identify security gaps and lapses. According to King (2007) a vulnerability assessment can be defined as a review undertaken on softwares with an aim of identifying software threats. These threats will be mitigated via software fixes and patches. The implementation of this domain will enable the firm to drastically minimize data loss or unauthorized access. To enable outside users to access the company information, a LAN to WAN domain will be created. It links the company to the world. IP routers, firewalls, intrusion prevention systems, demilitarized zones, proxy servers, email quarantine systems and web content filters will be instituted in order to guarantee the organization’s security. Designing and Implementing a Security Plan The following steps will be followed while implementing the security plan: first, Identify information to be processed and collected. Second, survey the regulatory and legal landscape. Third, examine/gather internal policies. Fourth, assemble the IT team to evaluate the program risks, Design and implement the solutions to the identified problem. The cost of implementing this program will be valued by independent auditors and valuers. However, it’s cheaper to implement this system than wait to suffice the costs associated with a security breach. A privacy design approach will be employed in addressing data and privacy risks when the solution is being developed. In other words, legal compliance, data protection and customer privacy will be the major focus throught the lifecycle of data collection, processing, and storage. Lastly, a breach response plan is necessary in every organization. This part is very critical to a security plan. It details and maps out how to respond to an actual or suspected breach. For the plan to be effective, breach response leaders should be identified so as to guide the team of experts in case of an emergency. Additionally, the plan should be scenario based and easy to follow. References King, P. (2007). In the new converged world are we secure enough?. Information Security Technical Report, 12(2), 90-97. Read More