Question

Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements.

About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.

Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:

An external website permitting users to browse and purchase widgets

An internal intranet website for employees to use

Secure remote access for engineering employees

Reasonable, basic firewall rules

Wireless coverage in the office

Reasonably secure configurations for laptops

Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.

Engineers will require access to internal websites, along with remote, command line access to their workstations.

Submission: You should write your document using a text editor or word processor (e.g., Google Docs, Microsoft Word, OpenOffice, etc.). You should upload your document in PDF format (i.e., my_submission.pdf). Please do not upload your submission using proprietary software extensions, like .docx or .pptx.

Step-By-Step Assignment Instructions

You’ll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. Points will be awarded based on how well you met these requirements, considering the security implications of your choices.

The following elements should be incorporated into your plan:

Authentication system

External website security

Internal website security

Remote access solution

Firewall and basic rules recommendations

Wireless security

VLAN configuration recommendations

Laptop security configuration

Application policy recommendations

Security and privacy policy recommendations

Intrusion detection or prevention for systems containing customer data

Answer 1

1] Authentication System:

Organizations are using Authentication methods, but the physical authentication used via biometric is very popular. The ones that are recently used Retina scan, fingerprint. Also they use smartcards and login id and password alloted to the different emloyees. But the login id and password can be stolen by someone else or it may be by mistakely revelaed to someone else. Hence we need to use Authentoication system that is highly trusted. Password cracking is becoming very easy so to avoid that we can use one time password generated for smartcards or on the registered cell phone. Retina scan is considered as highly trusted we can opt for. Apart from that we also need to protect our authentication system from external attacks so we need to have effiecient Network administrators for our organization.

2] External website security

The most important thing is to protect our website from external attacks. To avoid these we can frequently change the passwords. We should be aware of any fake messages and mail. Avoid uploading the files and specially the confidential information. Beware of sharing the confidential information. We can also go for encryption and decryption techniques so that even if the third party gets an access to the message, the information is not revealed. Dont share the bank details online. Or even if you are sharing the information share it on a confidential network. Use different security tools to protect from external attacks. We can use firewalls as well. Hire Network Administrators who are capable enough to secure the data on network. Always keep the backup of the data, so in case of emergency even if the hacker hacks and corrupts the data, we dont need to suffer for that.

3] Internal website security

Internal security of website is also very important,in short we can say that we need to protect our website from outsiders the same goes to our people as well. The most convenient way can be used is detecting the IP address of all the users who are accessing the website. We can provide login id and passwords to our customers and employees. These will be authentication, but when the customer login he or she should be able to see only the relevant information and if the employee logins he should see the information of his work. These process is called Authorization. In short providing the rights to different users according to their functionality. Try to avoid using blank and weak passwords. Protect the website if you realize there are some illegal activities going on. It is very easy for the attackers to get the passwords on phone through the employees. In that case you can judge the nature of your employees. To avoid these we can go for generating one time passwords and biometric authentication techniques.

4] Remote access solution

Remote access solution provides a convenient set up to get an access to remote machines located all over the world. It is easy to implement with simple configuration and less technical knowledge. In short not so high level setups but very much secured. It provides a secure access. It should be highly secured but not complicated for the users. It also provides shorter response time for interaction with the employees and getting any information from anywhere around the world anytime.

5] Firewall and basic rules recommendations

Firewalls should be monitored regularly along with the logging policies and rules. Proxy servers are also an altenative. Having firewall is not a big task but if you dont have proper policies for that firewall, obvioulsy that firewall is of no use. So it is very important to provide proper guidelines and rules for the implementation of firewall.It completely depends on the administrators competencies.

6] Wireless security

Wireless security can be provided with the help of encryption techniques. The most commonly used are Wifi, WPA wireless orotected access. Only the devices that knows the password can get connected. Wifi should be password protected. Wireless security also includes for mobile, satellite and bluetooth. All the communication between the cellphones and mobiles should also be secured.

7] VLAN configuration recommendations

VLAN is used for securing the network traffic, that is why it is very important to provide security to VLAN's. For securing VLAN network the foremost important thing is providing physical security. Password protected console should be used for VLAN.

8] Laptop security configuration

To secure the laptops we can use passwords. We can also disable the CD and USB port so that no external device gets connected to the laptop. We can use Virtual Private Network and be very particular about the mails. Because different mails also have some virus and junk mail that can corrupt the data of laptop. Protect laptops from other users as in no one else gets an access to your laptop because the passwords of stolen laptops can also be revealed. Stay alert in any case of vulnerabilities occur.

9] Application policy recommendations

These inlcudes the policies for the application and websites. Policy such as automatic data sharing to be kept disabled. Any person other than the employees and customer login should give a pop up message. Avoid secret update. Share the recent policies to the customers. Use only the information that is required, restricted information. Get feedback from the customers and keep them updated.

10] Security and privacy policy recommendations

These policy reccomendations includes the list of all security provided to website(external and internal). All the levels of security that is focussed on.

11] Intrusion detection or prevention for systems containing customer data

Intrusion Detection Systems are used to detect problems in the network, or a pattern of attacks, successful or not, that are deemed of interest to the organization. When applying Intrusion Detection Systems it is best to use both host based and network based systems on a real-time basis. Host based intrusion system are used for checking for individual computers or machine whereas network based intrusion system are used for network related issue. Managing the network traffic is an example of network based instrusion system. In case intrusion is detected, inform the management about the issue and implement the steps for protecting the system having customer data.