Implementing Network and Personnel Security Measures - Research Paper Example

? Implementing Network and Personnel Security Measures Create an Information Flow Diagram, using Visio or Dia a. Illustration of how remote users will securely connect to the government agency’s network and b. Illustration of the patch of network devices that data packets must travel to get from server to remote user’s device and back to server. 2. Equipment List of Network Security Devices that would be needed to ensure the Integrity and Sensitivity of Private Information The network security devices can be characterized into three major categories namely Internet Router and Firewall, Intrusion Protection System and Traffic Shaping device. In relation to the present network security manufacturing industry, Cisco and IBM can be considered as the leading corporations which provide safe and steady internet environment within the networks of the different global institutions. Cisco Cisco is generally known as one of the inclusive manufacturers in terms of producing a range of effective network security devices. A few of the major Cisco devices include Cisco Threat Defense Solution, Network Admission Control Appliance and Cisco Secure Access Control System among others (Cisco, 2013). The associated costs of the Cisco network security devices vary in accordance with the functions and network structure of the institutions. In general, the network security devices offered by Cisco are cost effective and can be procured from Cisco distributors, dealers along with other retail stores (Cisco, 2013). IBM The network security devices offered by IBM are highly effective for averting, detecting and eliminating different network related vulnerabilities that emerge while designing and deploying network management applications. The devices offered by the company ensure adequate security of the internal information and prevent the access of unauthorized guest users. A few of the major network security products of IBM include ‘IBM Security Key Lifecycle Manager for z/OS’, ‘IBM Security Access Manager for Enterprise Single Sign-On’ and ‘IBM Security AppScan Enterprise’ among others (IBM, 2013). The IBM internet security devices can be procured from the company’s own distribution networks. The network security products offered by the company are relatively more cost effective than other products offered by the different vendors (IBM, 2013). Functionality of Cisco Devices for Governmental Agency Source: (Cisco, 2013) Functionalities of IBM Network Security Devices for Governmental Agency Source: (IBM, 2013) 3. Maintenance Plan for the Government Agency to Ensure Having the Latest Security Measures The maintenance plan concerning the installation of advanced network security devices is one of the essential steps for the government agency to uphold the security of its vital information. Therefore, the maintenance plan of the network security devices within the government agency would be primarily focused on five major practices. The following are the primary activities of the maintenance plan for the government agency to ensure having the latest security measures: Monitoring performance of the network security devices as per their expected outcomes Ensuring better alignment of network security devices with the primary objectives of the government agency Confirming appropriate development of the network security devices installed within the agency Continuous minimization of the network down-time and, Minimizing IT related costs of the government agency Source: (Torstensson, 2010) a. Risks Associated with not fulfilling the Activities Outlined within the Maintenance Plan The improper or unstructured maintenance plan of the network security devices can generate various types of risks for the government agency. A few of the major risks associated with not fulfilling of activities of maintenance plan include: Increase vulnerability from the access of unauthorized guest users Weaken data protection capabilities of the network security devices Misrepresentation of information Increase in agency’s financial investment due to the re-installation of the new network security devices b. Specific Activities, Personnel / Resources Required, and Frequency of Execution In relation to the specific activities required for effectively managing the maintenance plan, the following FCAPS model of Cisco would facilitate adequate support to the government agency. FCAPS Model Fault Management Configuration Management Accounting Management Performance Management and, Security Management In relation to the resources required for efficiently maintaining the network security devices, the integration of the advanced networking tools and other equipment would facilitate the government agency to obtain significant benefits from the networking systems. Moreover, the employment of an expert network administrator would also provide adequate support to the agency for effectively maintaining the performance of the network security devices (Cisco, n.d.). The specific activities associated with the maintenance plan would be executed quarterly in each year. The frequency of executing specific activities would enable the government agency to ensure appropriate security of the valuable data from different unauthorized guest users. 4. Recommendations Associated with Physical Security Measures Physical security can be regarded as one of the essential aspects for the government agency while it seeks to build effective network security infrastructure with regard to its vital information (North American Electric Reliability Corporation, 2008). In relation to the proposed network security plan, the following four steps of physical security measures will be implemented to ensure the electronic perimeter of electronic assets. Physical Security Plan ‘Physical Security Plan’ is determined as one of the pivotal processes which is generally developed to ensure that all the ‘Cyber Assets’ integrated within the electronic security perimeter also exist in an identified electronic perimeter. Moreover, the ‘Physical Security Plan’ tends to identify and control each access point of the ‘Physical Security Perimeter’. The process is also responsible for integrating tools and procedures for reviewing appropriate accession of the users which can further empower the physical security of the ‘Cyber Assets’ (North American Electric Reliability Corporation, 2008). Monitoring Physical Access The continuous monitoring process of the physical access would enable the government agency to efficiently implement various procedural controls over each access point of the ‘Physical Security Perimeter(s)’ (North American Electric Reliability Corporation, 2008). Controlling Physical Access The process would also enable the government agency to document as well as implement adequate procedural measures to effectively manage the accession of physical entity within each access point of the security perimeter(s) (North American Electric Reliability Corporation, 2008). Maintenance and Testing of the Physical Security This process would provide adequate support to the agency to efficiently execute appropriate maintenance programs. The execution of the maintenance or testing of the physical security would also ensure that the access points within the physical security perimeter are performing effectively (North American Electric Reliability Corporation, 2008). 5. Recommended Physical Security Vendors ArcSight ArcSight is recognized as one of the leading and highly effective corporations offering compliance along with security management solutions that facilitate to defend governmental agencies and private institutions from various threats. The major functions of the security related measures of the organization have been often witnessed to entail identifying fraudulent acts, documenting automated log collection along with enabling forensic investigation capabilities which can efficiently help the government agency to protect its vital information. Moreover, the security management as well as information protective activities performed by ArcSight would also play a crucial role for the government agency. In this regard, the physical security activities of ArcSight will be effective for the government agency to control physical access along with maintain and test its physical security (Information Security Media Group, Corp, 2013). Core Security Technologies The integration of Core Security Technologies would also be beneficial for the government agency to ensure greater development of the security measures. The infrastructure development process offered by Core Security Technologies would enable the agency to improve its physical security plan along with aiding to monitor different processes accompanied with each access point within the network. The security infrastructure would increase the efficiency as well as productivity of the security resources within the agency. Moreover, minimizing costs allied with the soiled vulnerabilities related assessment would also enable the agency to reduce its IT costs and develop the maintenance and testing procedure of the physical security aspects in a more efficient manner (Core Security Technologies, 2013). 6. Evaluation of the Human Resources Department Activities Human Resources Department (HRD) of the government agency could also play a major role for improving the security related measures. In this regard, the major role of the HRD can be defined into different categories. A few of the crucial roles that could be played by the agency’s HRD have been mentioned hereunder: Documentation of the Employees The roles and responsibilities of the employees and other stakeholder groups should be clearly defined Obligation to comply with the security related norms and policies of the agency including individual roles Steps to defend agency information assets from external users Requirements to adequately document security related events and steps taken for any security related issue Source: (University of Miami, 2008) Briefing Security related Terms and Conditions Briefing the accessibility related instruction and ensuring effective use of the information assets to each employee within the agency Communicating agency policies associated with the efficient use of information along with steps taken in case of any fraud related activities performed by the employee Making each individual understand regarding the code of ethics associated with security of the information Source: (University of Miami, 2008) Pre-Employment Agreement Non-discloser and/or confidentiality related agreements with the employees during the pre-employment session Acceptable and proper use of information assets related agreements Source: (University of Miami, 2008) References Cisco. (2013). All security products. Retrieved from http://www.cisco.com/en/US/products/hw/vpndevc/products.html Cisco. (n.d.). Network configuration management. Retrieved from http://www.cisco.com/en/US/technologies/tk869/tk769/technologies_white_paper0900aecd806c0d88.html Core Security Technologies. (2013). Thinking ahead: CORE security solutions for intelligent risk operations management. Retrieved from http://www.coresecurity.com/solutions IBM. (2013). Products. Retrieved from http://www.ibm.com/developerworks/security/products.html Information Security Media Group, Corp. (2013). ArcSight. Retrieved from http://www.bankinfosecurity.in/vendors/arcsight-v-72 North American Electric Reliability Corporation. (2008). Cyber Security —Physical security of critical cyber assets. Standard CIP-006-1a, pp. 1-6. Torstensson, O. (2010). Planning maintenance for complex networks. Retrieved from http://www.hh.se/download/18.150c9df13219ff660b8000173/1314704956099/Maintance+Models.pdf Read More