Executive Summary Of My Implementation Strategy
The Corporation is growing fast in e-commerce grounds thus exposing it to many threats of data loss and information security. My strategy will involve assessment, evaluation, and implementation of data loss programs that would benefit the company on global grounds. I will have to review the company’s workflow at present to ascertain how it manages sensitive information and network loopholes that may be a threat to the security of the company. I will then decide which security areas to improve and different information security measures to put across. My strategy will also enact security policies that will establish widespread standards as well as methods that will ensure organizational data usage and ownership.
I will also include reputable information security providers who will educate members of the company on best methods of ensuring data safety and cost-effective methods in data security management for six weeks. My implementation plan will focus mainly on the specific areas of concern through a business information security model. Standard that the corporation uses to organize information security agendas can be merged with objectives of control for data through the model of business information security. The business information model includes; people, organizational strategy, current technology and the process of managing information security. I will also evaluate methods to use to integrated the new company with the corporation under the integration management systems and provide a memorandum of understanding from both sides (Chapple, 2013). I will contact the Network Manager and other staff members of the other company to come up with the best methods of joining the two companies with agreements from both sides.
Information Security-Related Recommendations For Integrating Both Corporate Environments
Merging two companies requires a combination of distinct network policies. Before resolving on the final technological conclusions, it is worth ensuring the cooperation of members from both sides of corporate environments. Merging the two firms is beneficial to both companies and covers a number of activities aiming at joining operations and reducing costs by eliminating resources, procedures, and functions that could be duplicated under separate supervisions. The process of policy consolidation may affect the participants in a way or another (Chapple, 2013). Merging companies can lead to inappropriate doubts and fears among other employees like the staff members of the company to be acquired who do not welcome the merger.
The merger process should be gradual and in a procedural manner so as not to come up with conclusions that would, otherwise, lead to the downfall of the two companies. Consolidation of network security policies can be done in three distinct methods. The first method would be adopting one of network policies from one side and implementing it wholly. The second technique is combining the network policies from both sides to formulate a new network security (Bowen et al. 2009). The other method should involve the development of unique network policy. For this case, the two companies seem to have conflicting network policies. The new company uses peer to peer network while the other upholds the client to server model. I thus recommend a compromising security policy that controls use corporate networks (Chapple, 2013).
The consolidation of both policies requires the participation of both sides of environments so as to come up with different views on the proposed policy. I would recommend the two companies to create a compromise security policy that will involve representation from each company. Working in such a line will make individuals from both sides have a sense of ownership. The merger process may also be accompanied with confusions among the staff. I would advise the management to talk to their employees on matters regarding network security duties. For example, it is recommended to instruct the staff members from both companies to focus on their initial information security policies unless otherwise. This should happen only in cases where the companies will operate under distinct structures of management for some time.
Otherwise, if the policy of consolidation will lead to significant changes in business operations from both companies, then the policies should be implemented in phases. This approach allows staff members time to learn the new procedures as well as enable assessment of the policy progress and ensure the continuity of the consolidation process. In this case, since the smaller company uses a P2P connection which allows unrestricted outbound access, I would recommend initial blocking of most egregious websites, the phase of notifying users on the possibility of blocking content accessed would follow and finalize by implementing the restrictions. This procedural integration will enable users to acknowledge areas of concern in time (Chapple, 2013). Merging of network policies, however, does not just focus on the technology but the good association between the merging companies.
Recommendations On Intrusion Detection System
The E-commerce Corporation’s rapid expansion makes it vulnerable to cyber crimes and threats. Creating IDS will help in monitoring suspicious activities and observing network traffic in the company’s websites. The system, on detection, can block suspicious users or IP addresses from reaching the network. Intrusion detection systems vary in how they identify intrusions in a network. The two renowned detection systems are the; Host Intrusion Detection System and Network Intrusion Detection System. Some systems fetch threat signatures, some compare traffic patterns while others provide alerts (Bosco, 2016).
NIDS is located at given points in the network to screen traffic on the network running from or to all connected devices. It is used to screen outbound and inbound traffic but may at times interfere with the network speed. HIDS, on the other hand, are devices that located on either the host or devices found within the network. They monitor only outbound and inbound packets from the users and will often notify the administrators on breaches (Bosco, 2016). Other recommended intrusion detector systems include signature and anomaly based IDS and Passive and reactive IDS which further acts on the threat.
Choosing the best IDS for a company may be challenging and require a prior evaluation of a company’s status. Some of the steps to consider before choosing an IDS include; Company risk assessment (qualitative and quantitative analysis), company requirements, learning the company’s technical environment and analysis of cost-benefits. Some common examples of Network-Based Intrusion detectors include Dragon Senor, Cisco Secure Intrusion Systems, and NetProwler. Host-based Intruder Detection Systems include; Tripwire and Intruder Alert. Some NIDS and HIDS work hand in hand. For example, NetProwler can be complemented by Intruder Alert to co-work and be controlled by a central console (Bosco, 2016). Coming up with intruder detection system solution can be tedious, and it is upon the company to chose what serves best. For the case of the company, I would recommend IDS that can be controlled by a central console to promote client/server networks.
Web And Network Scanners Recommendation
The problems can also be identified through web scanners. The scanners can read a device’s inventory including; hardware configuration, patch levels, and device operating systems. Vulnerability scanners are characterized in various groups depending on their operation platforms but are mainly divided as host scanners and network scanners. Host-based scanners are placed in the host to be checked company requires a holistic network examination due to the different hosts and users. The corporate companies should consider adding VPNs, access rules, asset classification and vulnerability scanner for a comprehensive monitoring of their network. Web scanners evaluate a number of vulnerabilities in a network security system that may have come from users or administrators. The systems can analyze changes resulting from undocumented system configurations, lack of policies on passwords, sharing of information to unofficial groups and other malicious actions.
The scanners can identify security breaches in time for intervention when monitored continuously. Some rogue devices that are likely to cause security network. It scans given services within the operating system of the host. The scanner can reveal suspicious user actions such as the use of simple and no passwords, cyber hacking, unauthorized new files in the system and questionable file names. Hot scanners, further, check filesystems which cannot be reached by network scanners (Vieira, et al. 2009). For instance, database scanners can be used to figure out possible exposures to security, reliability databases, authentication and authorization analyses.
Network scanners, on the other hand, scans a variety of hosts connected to a given network. It scans improperly configured firewalls, risky web servers, and problems in administrators system. Network scanners are, further grouped as; web application scanners, web server scanners, and port scanners. When choosing a vulnerability scanner, it is important to consider the quantity and quality of threats detected, the method of updating plug-in and the quality of the scanned reports (Vieira, et al. 2009). Recommended vulnerability scanners include; Superscan, port scanners, GFI LANguard, Nessus, Wikto, Altiris Security expression, shadow database scanner, Microsoft Baseline scanners, and paros.
Firewall Implementation For Network Security
In enforcing the company’s security, firewall software may be paramount. Firewall security implementation differs from software to software. The techniques vary basing on a variety of ISO network model layers such as levels of data-link, network, transport, and application. Presently, there are new techniques such distributed and normalization firewalls that have not been fully adopted by institutions. Implementation of firewalls goes beyond the technology itself and covers the specification of sets of rules of filtration. The policy procedure may be tedious and full of errors. Fortunately, the development of high-level languages has simplified the procedure. However, firewall operations do not end at setting rules but move on to testing the applicability of the firewall policy on an information network system (Ingham, & Forrest, 2011).
Firewalls do not stop all attacks since a section of data must be able to pass for the information network to be operational. The company should also note that some recent technologies like VPN and the P2P network used by the other company hinder the smooth operation of firewalls. Most attackers, however, target vulnerabilities that work to computers inside the firewall and dual servers. These are some of the best firewalls that such a company can use in data protection; McAfee firewall is best for small businesses as it protects the network against network traffic problems, intrusion and attack. It logs, monitors and reports threats within the network. The firewall does not have downtimes due to the availability of role-based access control, multi-logins, and numerous firewalls. Cisco firewall contains external firewalls with include intrusion protection, antivirus, and VPN abilities. The firewall is thus recommended due to its cloud security. It is the best option for this corporation due to its wide applicability in large business enterprises. Kaspersky Internet security is another traditional firewall that blocks malicious activities, cookies from third parties and ads. It checks every connection to the network and will notify and act on unsecured connections. It is best used in institutions using public Wi-Fi or offices with controlled documentations and files (Ingham, & Forrest, 2011). Other preferred firewall software are; FortiGate, pfSense and Comodo Internet Security.
Information Security Best Practices And Current Trends
Trends in information security are evolving each day with new threats and possible solutions being developed. These trends have impacted the technique by which network security is managed. Security personnel are obliged to uphold external and internal compliance requirements, be available and maximize performance without errors. Working by these standards may be more challenging than expected, but observing the following best practices can ensure optimal management of network security.
i) Holistic approach to network security management
Companies require a macro approach of the network due to the difference in security staffs, hosts and vendor devices. With this kind of view, security staffs can assess the classification, configurations and the number of hosts in their network. The staff can adopt a network model which acts as both a diagnostic and a visualization tool. For instance, the team can use this approach to analyze the movement of data between to network points. The macro view approach also points out missing data like the ACL and hosts.
ii) There should be a broad view of the regular management of the network policy
Network administrators should include both analytical and general approaches in examining the progress of the network system. There may be intrusions that require broad views while others call for a detailed approach under the macro view framework. Security staffs should consider contexts like IDS/PS, firewalls, routers and segments in assessing malicious activities. Data should be presented in a digestible manner. Components of the network that affect a device might originate from numerous vendors, leading to information of various user languages that must be decoded, optimized and correlated to enable the team to rationalize the set of rules (Cohen, 2014).
iii) Network administrators can also use attack replication technology for assessing risks whose contexts are known. This provides then with options for making wise decisions.
iv) The process of change in management should be secure to ensure a continuous compliance and cooperation for a successful network policy implementation (Cohen, 2014).
Bosco, P. (2016). Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the Best Solution, Common Misconfigurations, EvasionTechniques, and Recommendations. SANS Institute. https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-prevention-systems-cheat-sheet-choosing-solution-common-misconfi-36677
Bowen, R., Kissel, R., Scholl, M., Will, R., Stansfield, J., Voldish, L. (2009). Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process (Draft). National Institute of Standards and Technology. https://www.hsdl.org/?view&did=35199
Chapple, M. (2013). M&A: Merging network security policies. SearchSecurity. Retrieved on 17, March 2017 http://searchsecurity.techtarget.com/tip/MA-Merging-network-security-policies
Cohen, G. (2014). Best practices for network security management. Retrieved from Network World on 17, March 2017. http://www.networkworld.com/article/2173927/tech-primers/best-practices-for-network-security-management.html
Ingham, K., & Forrest, S., (2011). Network Firewalls. The University of New Mexico. https://www.cs.unm.edu/~forrest/publications/firewalls-05.pdf
Vieira, M., Antunes, N.,& Madeira, H.(2009).Using Web Security Scanners to Detect Vulnerabilities in Web Services: Internal Report. Coimbra University.