StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security for Deploying Information Systems - Essay Example

Cite this document
Summary
The paper "Security for Deploying Information Systems" discusses that a Virtual Directory is a separately created directory that provides access to a web page that integrates or redirects to the specified directory. The specified link is redirected to a directory that is located on network sharing…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91% of users find it useful
Security for Deploying Information Systems
Read Text Preview

Extract of sample "Security for Deploying Information Systems"

? Full Paper Security for deploying Information Systems As per a survey that was conducted by Software Productivity Research in 2009, inadequate software development leading to bad quality costs above $500 billion per year on a global level (Dave, 2011). Application is a core component of a computer that operates on an application layer of the Open System Interconnection (OSI) model. Everyone interacts with the application and not the hardware, if software quality is not present, Users will become reluctant to use it again. For instance, vulnerability is reported that may impose risks, bugs and errors, incompatibility issues etc. moreover, a news report of a new threat targeting user information may become a great challenge for organizations to sustain their business and customers. However, these news reports may lead to programming flaws and bad quality that may result in massive business losses. For a core banking application, errors, bugs or inadequate security measures cannot be ignored, as a single vulnerability may lead to a major threat for business. For this reason, integrating security in product lifecycle is the most important factor. As mentioned earlier, security breaches are now making headlines, as dependency on applications, mobile applications and online applications has sky rocketed. Users are now making complex online transactions from their cell phones and websites resulting in a rise of application threats. Consequently, there is a requirement of addressing security issues in an application to a relatively high degree. Moreover, many organizations purchase applications from the vendor that all imposes inherent risks that are not known by that time. A recommended solution for addressing application security must be conducted during the feasibility study. Integration of security controls followed with a secure application development approach will ensure quality and security of an application. Furthermore, deciding recommended security controls in a feasibility study will justify the cost of implementing and integrating them within the application. Traditionally, organizations are not addressing application security during the software development life cycle. They conduct security audits by auditors with specialized tools (Edwards, 2006) and with partial resources, at the end of a finished product making the security isolated. If any issue arises during the security audit in end stages of a software development lifecycle, it is more time consuming and expensive to address. Moreover, security auditors have their own criterion that is their primary objective. For instance, analyzing all risks are addressed or not, level of compliance by classifying vulnerabilities and controls for mitigating threats. All these issues are addressed before an official release of an application. Similarly, the development team has to ensure timely and cost effective development of the software modules and to make their name in the market first (Dave, 2011). Likewise, the audit report with a list of security vulnerabilities is submitted to the application development team for making any suitable changes (Dave, 2011). However, the report does not include any method or a hint of where these vulnerabilities exist. Developers on the other hand, launch the product as per schedule and therefore, security issues were not addressed. However, the best solution of addressing application security is in the software development life cycle, so that developers can rectify and remediate any security vulnerabilities through this process, as afterwards there is no time and the product launches without addressing security vulnerabilities that may result in major threats to organizations afterwards. 2 Implementing a Secure Domain Environment 2.1 Active Directory Implementation Active directory is an essential component which provides efficient and effective network administration. The first step is to prepare a domain. Active directory functions on the domain. The domain name for abc will be ‘www.abc.com’. Single domain model will be adopted as a forest root domain since the organization is a SME. After creating the domain, DNS configuration is required and what type of DNS version to be used; the names used for the domains, servers, and services in Active Directory; and the names of the forests and the forest root domains. The trust plan is also required which parallels the creation of the forest and domain plans, outlines any manually created trusts, the direction of the trusts, and the rationale for them. Trusts can be imple­mented for reasons of performance enhancement within a single forest or to allow access to resources between separate forests. 2.2 User And Group Creation 30 users are created with five groups in the active directory. Each user is assigned membership of the following groups. Group 1 named as “Long Term Lets Group” Group 2 named as “Short Term Lets Group” Group 3 named as “Personnel Group” Group 4 named as “Marketing Group” Group 5 named as “Accounts Group” 2.3 Limited Access For limiting access to the sales and all the remaining staff, Configuration will be conducted in the “Active directory users and computers” console. Click Start menu?Administrative Tools, ? Active Directory Users and Computers. In the console, click user account Right-click the user accounts, and then click Properties. Click Account and then click Logon Hours. Click All to select all available times, and then click Logon Denied. Select the time blocks as per the requirements to allow the specific user to log on to the domain, and then click Logon Permitted. A status line provides the options to edit logon times including days of the week, and timings. 2.4 User Login Restriction Active Directory Users and Computers?Properties?Accounts Click the logon workstations dialog box by clicking the Log On To tab. Enter the name of a required workstation. Click Add. Replicate this procedure to identify additional workstations as per the organizations requirements. 2.5 User Restriction on Workstation User restriction is possible by applying group policy capabilities in Windows 2003 Domain; Users can be prevented from logging on to different domains rather than their home domain. In the target domain new ‘domain wide group policy object’ is created and activates by activating “Deny logon locally" to the resource of domain user accounts. The check should be enabled for the option “Deny logon locally”  2.6 Configuring mandatory file access Mandatory file access is implemented by configuring the User's Environment Settings. Active Directory Users and Computers? User's Properties ? Profile tab. Click option named as local path. Insert the path to the home directory in the related field. Example C:\ abc \ %UserName%. 2.7 Password Policy The password policy will be applied in the Active directory users and computers console. These five elements related to password policy apply on each user created. Enforce password history, (As per organization requirement) Maximum password age, (Maximum 30 days) Minimum password age, (As per organization requirement) Minimum password length (10 Characters) Passwords must meet complexity requirements (As per organization requirement) 2.8 Account Lockout Policy Access the group policy console which is required for account lockout configuration. On the right hand side expand the security options?expand computer configurations? select Windows settings ? click security settings? click local Policies? select security options. By double clicking properties of automatically log off users when login time expires opens a dialog for defining policy. Clicks define this policy setting and click on enabled tab. In this way policy restriction which enforces for logon hours is activated. 3 File Server 3.1 Drive Mapping To create a network home directory, Active Directory Users and Computers ?Properties?Profile tab. Click Connect option? and choose a drive letter for the home directory. Universal Naming Convention (UNC) notation will be used to type the complete path to the home directory using the, such as: \\abc\USER_DIRS\ %UserName%. The server name is mandatory to mention in the drive path to ensure that the user can access the directory from any computer within the domain. 3.2 Access rights on a Shared Folders The department’s shared folder requires read and write access. Right click on the folder ? Properties?Security. Select everyone in user data properties and select read and write from permissions panel for the specific folder. The long term and short term group will be added in user data properties by selecting read from the permission panel for the folder named as ‘Sales2011’.Managers from each department will be added specifically as users against all employees are created in the active directory. Users (representing as managers of the department) will be added to the user data properties and full writes including read, write and delete will be granted from the security panel. 4 Website 4.1 Welcome Page For creating a domain logon script ‘start.exe command is executed. It creates a file named as ‘logon.bat’ which contains the commands that the user wants to execute. Two new file are created named as ‘contentsfile.bat’ to call the logon.bat file. These both files are placed in the ‘Netlogon’ share on the domain controllers. For configuring the ‘Netlogon’ click Active Directory Users and Computers ? Microsoft Management Console (MMC)?configure user to configure ‘Netlogon’ scripts. 4.2 Virtual directory A Virtual Directory is separately created directory that provides access to a web page that integrates or redirects to the specified directory. The specified link is redirected to a directory hat is located on network sharing or a local server. For changing access levels on virtual directories, following steps are used (Assuming that Internet Information Services (IIS) is installed previously). The explanation is in bulleted points for step by step illustration of the process. Press the button that states directory or web site for changing the permission After highlighting the button, from the drop down list select properties Press the tab that states Directory Security Press the edit button from the password authentication group options Decide what settings are required for authentication Press the OK button 4.3 Virtual directory Permissions Log on to RMS client as local administrator. Click on the Registry Editor. Click on Create the new key for registry named DecommissionunderHKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\DRM Under the Decommission registry key, add a new String Value entry, replacing your-license-server with the name of the RMS cluster used for licensing: Https:// abc /_wmcs/licensing. Double-click the new registry entry, type  http://your-abc_wmcs/decommission, and then click OK. 5 Group Policy The rules applied on an object effects on each user who is a member of that group. The configuration will be conducted on the domain controller by execute the ‘Group policy’ console. On the left column, click ?User configuration?Administrative Templates ?Start menu and Taskbar. On the right side administrative templates will appear. Select the template ‘Remove run menu from start menu’ and Disable Add/ Remove Programs ? Properties ? select disabled from the settings tab. 6 Test plan Run the command from the start menu ? Run ? Dcdiag.exe This command illustrates the statistics of successful active directory implementation, connectivity and efficiency. The result of this test must quote “Test Passed”. Figure 1.1 7 Network Diagram for High Availability Services The network diagram demonstrates the appropriate deployment of firewall, intrusion detection system, servers, switches and WAN connectivity. Figure 1.2 8 Proposed Backup Plan As per the proposed network for an educational establishment, 24 hours availability is required for services related to digital libraries, online learning and web application. In order to implement a disaster recovery plan, replication of data and services is required. This is conducted by installing additional hardware in terms of a backup server that will replicate data on regular basis. For instance, to secure data related to finance department, backup finance server will be deployed to synchronize data on small intervals. Disk mirroring techniques can also be employed. Disk mirroring is defined as “The recording of redundant data for fault tolerant operation. Data are written on two partitions of the same disk or on two separate disks within the same system. Disk mirroring uses the same controller. RAID 1 provides mirroring, which was first accomplished only with SCSI drives, but later with ATA (IDE) drives” (Mirroring 2007). However, RAID controllers are implemented in the process. A comprehensive definition of RAID is available in the network dictionary that says, “Redundant Arrays of Independent Disks (RAID) is a type of disk drives with two or more drives in combination for increasing data integrity, fault tolerance, throughput or capacity and performance. RAID provides seceral methods of writing data across/to multiple disks at once. RAID is one of many ways to combine multiple hard drives into one single logical unit. Thus, instead of seeing several different hard drives, the operating system sees only one. RAID is typically used on server computers, and is usually implemented with identically-sized disk drives. With decreases in hard drive prices and wider availability of RAID options built into motherboard chipsets, RAID is also being found and offered as an option in higher-end end user computers, especially computers dedicated to storage-intensive tasks, such as video and audio editing.”If ‘finance server’ stops responding or crashes, data can be restored from the backup finance server and services can be restored with minimal damage. Similarly, the same methodology can be implemented for student’s database. Moreover, WAN connectivity can be shifted from the disconnected link to the alternate link in order to provide constant connectivity without service interruption. In this case, an educational establishment may subscribe for two internet connections but different carriers. Both the connections will be terminated on the router WAN interface. In order to activate both connections, propriety-based protocol will be configured. Figure 1.7 illustrated the summary of a recovery plan. Server Roles Disaster Recovery Plan Finance Server Deploying Backup Servers equipped with RAID for Disk Mirroring Student’s Database Deploying Backup Servers equipped with RAID for Disk Mirroring Alternate WAN Configuring Priority Based Protocol References Dave, R. (2011). Best practices for tackling security early in development. Electronics World, 117(1908), 10-11. Edwards, M. J. (2006). Audit your web applications for better security. Windows IT Security, 6(6), 6-10. Mirroring (2007). Javvin Technologies, Inc. Redundant Array of Independent Disks. (2007). Network Dictionary, , pp. 405-405. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Network Server Administration Research Paper Example | Topics and Well Written Essays - 2500 words”, n.d.)
Network Server Administration Research Paper Example | Topics and Well Written Essays - 2500 words. Retrieved from https://studentshare.org/information-technology/1495045-network-server-administration
(Network Server Administration Research Paper Example | Topics and Well Written Essays - 2500 Words)
Network Server Administration Research Paper Example | Topics and Well Written Essays - 2500 Words. https://studentshare.org/information-technology/1495045-network-server-administration.
“Network Server Administration Research Paper Example | Topics and Well Written Essays - 2500 Words”, n.d. https://studentshare.org/information-technology/1495045-network-server-administration.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security for Deploying Information Systems

IPad's Security Breach

The hacker group Lulz Security used a simple SQL overloading technique to hack the systems and retrieve the passwords of the customers (Debatewise, 2011).... This issue has a great impact on the technological industry as leakage of information and personal data is an unethical practice under law which can create serious threat if not dealt seriously by the security authority.... Hacking is the technique of acquiring information or modification of data from a system or website....
5 Pages (1250 words) Coursework

Information Technology Audit of Adams Brick Communications Company

nformation Technology audit is basically responsible for reviewing both the operational and technical aspects of existing and planned computer systems in addition to assessing whether the risks they pose are significant or has the ability to add to the anticipated business specific risks.... This paper "information Technology Audit of Adams Brick Communications Company" presents an audit conducted on the company's security, governance, and business continuity assessment....
8 Pages (2000 words) Report

Information Security

It is clear that ineffective or nonexistent protection measures would cause information systems to compromise its security, and such a situation in turn may increase the system maintenance costs of the firm.... Today businesses maintain advanced systems to improve customer accessibility to information.... information Security in Small Business Firms (Name) (University) information Security in Small Business Firms Introduction The explosive growth of internet has added to the efficiency and convenience of modern business operations....
3 Pages (750 words) Research Proposal

The System Administrators of MegaCorp: Security Goals

It is essential to make effective decisions about determining the configurations of various information systems appropriately and consistently to ensure effective outcomes of the deployment plan.... In other words, operating systems must be capable of ensuring effective execution of various programs as well as mechanisms effectively and most vitally enabling high-performance use of various computer resources.... In practice, operating systems require various tasks that need to be executed to make sure that the system operations impose an extensive impact on sensitive user data and processes....
12 Pages (3000 words) Assignment

Information Systems and Security

This research presents a detailed analysis of the "information systems and Security".... information systems and Security Here we have a great concern for the management of the information systems and its security.... The aim of this research is to discuss aspects and issues in the management of information systems security.... The present age is the age of information technology; especially the ecommerce and communication technology has transformed the structure of business....
8 Pages (2000 words) Essay

Operation Information System Management

The present case study "Operation Information System Management" dwells on the Operations Management (OM) and information systems (IS) that are interrelated with each other that are regarded as the imperative aspects to businesses belonging to both private as well as public sectors.... The organization has been noted to introduce as well as to develop an advanced department of information systems in order to enhance its effectiveness in performing different operational functions....
14 Pages (3500 words) Case Study

The Opportunities and Limitations of Deploying an Open Source System

hellip; Open Source systems assist in reducing organizational costs related to licensing and maintenance.... The guarantees to freely use Open Source systems ensure very important global effects (Gamma & Beck, 2004).... The paper "The Opportunities and Limitations of deploying an Open Source System" states that in making deployment decisions; a comparison between Open Source System and Commercial Software should be done in terms of features performance and also support capabilities....
8 Pages (2000 words) Essay

Cyber Security and Digital Forensics

The premise of this argument is that reliance on passive antimalware and antivirus software has created a false sense of security for businesses leaving them vulnerable to serious attacks since they fail to actively monitor their systems.... Most malware compromises information privacy and modifies system information and data.... information system experts agree that cyber insecurity caused by different classes of malware is the most inherent cost of doing online business....
8 Pages (2000 words) Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us