StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Enterprise Security Plan: MEMATECH Solutions Limited - Research Paper Example

Cite this document
Summary
"Enterprise Security Plan: MEMATECH Solutions Limited" paper contains a proposal that covers and discusses the ten areas of Information Security Common Body of Knowledge that incorporates the various groups of information security. It touches on the success principles and the information security…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.3% of users find it useful
Enterprise Security Plan: MEMATECH Solutions Limited
Read Text Preview

Extract of sample "Enterprise Security Plan: MEMATECH Solutions Limited"

Enterprise Security Plan al Affiliation) The paper is a preparation of MEMATECH Solutions Limited security plan proposal. The proposal covers and discusses the ten areas of ISCBK (Information Security Common Body of Knowledge) that incorporates the various groups of information security. It also touches on the success principles and the information security. In addition, the proposal outlines the planning guidelines towards the aims, security policies, and standard taxonomy. The set policies and guidelines comply with rules and standards of HIPAA security. Consequently, the policies and guidelines of the proposal are pertinent to information security and privacy that are currently put forward by bodies of the state, federal regulators, and the state. Introduction New technologies are coming up in the market daily. Therefore, there is need to safeguard the evolving technologies. In the case where MEMATECH Solutions limited has this need, I have proposed to develop and install a new security plan for the company. The idea behind the plan is to come up with a network that connects all the machines in the organization in protecting the plan from being publicized during the stage of development and research. The paper therefore, discusses the proposal of MEMATECH Solutions limited security plan proposal for the connections that dwells on the authentication mechanisms, policies of password, and the plan’s proposed cost (Pipkin, 2000). Discussion I have proposed a security plan for MEMATECH Solutions limited for the connection that will safeguard their new products when researching and developing stages are carried out. The paper proposes a comprehensive plan that deals with password policy, network policy, authentication of data, and the project’s cost. Various Servers and Network To safeguard the project it is imperative that all information and data are kept on different network, and on servers that are not within the success of the general corporate. This can be achieved by developing new networks through the appliances of Cisco Terascale router or Cisco ASA security, VMware, VLANS, and windows 2008 with the help of IPV6 private addressing. Employing the appliances of ASA security and Terascale, I will be able to monitor and control the entire network and access traffic on the corporate network subset through the firewall features. In conjunction with MAC address, I will implement through filtering to offer more security. The IPV6 IP mechanism will be employed to help it from attempts of network intrusion and brute force. I will use private address to ensure that all the IP address are internal free from public access. Windows 2008 will be helpful in creating different domains from the conventional corporate network, where all the information and data can be kept. Employing the group policies, active directories will undergo implementation to monitor the access of data. For private and important information of the company, the encryption of the folders and files will be implemented. Combining all the components together with the test of security intrusion will offer very secure firewall protection, secure Vlans, authentication methods of Windows security through the active directories (Zelkowitz, 2004). Password Policies In combination with the methodologies and hardware present, the network will focus on developing password policies that are very strong. This is because; weak security passwords are easy hack to valuable and networks data. When the previous passwords are used, same opportunities and chances can be presented. Evolving the brute passwords attack appliances together with generators of password have led to security practitioners to encourage the users to come up with hard to hack passwords. Conversely, some of the users have failed to embrace this. This has therefore, led to unnecessary risks of the security. Applications like Rainbow crack or Pyrit can be employed in brute forcing the attack of passwords against the networks, routers, or computers trying over millions that are conventionally used in gaining access. Therefore, having a password that is stronger can prevent the rampant cases of intrusion. This can only be achieved by embracing the system of password policy management in the company. The system should be able to offer enforcement of strong password, offer the dictionary of password exclusion, offer history of password in preventing the re-use of previous password, and enable the users in managing their password including the resets, allowing the user in synchronizing their security passwords through multiple networks, devices, applications, and systems. They should also demand the authorized approvals when the users request for their new accounts, or in accessing the new resources (Zelkowitz, 2004). They should also allow users to keep the personal information up to date. Such information includes the phone number, and also address. And propagate the information automatically to the proper store of data. In addition, they should provide the interface that are well based and response to the interactive voice. Consequently, they should safeguard the stores of password with the encryption of AES (256-bit). To prevent unauthorized access of the system, it should integrate will the mainframe systems, enterprise resource planning, groupware systems, servers, and database systems. The system will be able to support the scheme of triple factor authentication combining everything that the user knows and what she possesses. Authentication Methods In this case, having a strategy of triple factor authentication will be important. This means having in place the authentication methods for the users to access to the resources. The method majorly comprises of the access code and the user password, physical item like a token, and anything that is not common to the user like the retinal scan, voice, biometrics, and fingerprints. After the study, the identity manager will have to help in implementing this. Some features of the manager include the User Self-Service, Auditing and Reporting, Fine Grained Entitlements Management, Scalability and Integration, and Delegation Administration with Centralized Control, and Main Frame and Server Support. The above characteristics together with choices of the hardware and the strategies of the network will of help in keeping the information and data of the project secure (Pipkin, 2000). Estimated Cost of the Plan The estimated cost of the plan for the software and hardware ranges from 36000 to 50000 dollars. Its breakdown can be done as follows: Cisco Terascale Router 22000-27000 dollars Identity Management of CA varies as per the service Dell PowerEdge with the Windows 2008 will be 2500 The security Appliance- ASA5550-BUN-K9-Cisco ASA 5550 will be 11500 dollars. The integrity of the project needs to be safe. Therefore, other factors need to be taken care of together with the implementation of the hardware and the software. For this plan, a Private Policy Management need to be formed in helping to maintain and develop the privacy instruction for the access of the user data and the system, which data to be locally saved, and ways of storing the data. Generally, when the requirements outlined in this document are taken care of, then MEMATECH solutions limited will have higher abilities of staying safe (Coyne, 2007). Reference Coyne, E. J. (2007). Role Engineering for Enterprise Security Management. Norwood: Artech House. Pipkin, D. L. (2000). Information security: protecting the global enterprise. Upper Saddle River, N.J.: Prentice Hall PTR. Zelkowitz, M. V. (2004). Information security. Amsterdam: Elsevier Academic Press. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Enterprise security plan Research Paper Example | Topics and Well Written Essays - 1250 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1625275-enterprise-security-plan
(Enterprise Security Plan Research Paper Example | Topics and Well Written Essays - 1250 Words)
https://studentshare.org/information-technology/1625275-enterprise-security-plan.
“Enterprise Security Plan Research Paper Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1625275-enterprise-security-plan.
  • Cited: 0 times

CHECK THESE SAMPLES OF Enterprise Security Plan: MEMATECH Solutions Limited

Strategic Market Planning of Teratech

Teratech does not only provide technical solutions and services but also ensures on focusing the needs of the customer. ... Since the industry is technology dependent, advances in application and software solutions might create an exponential growth to the service provider.... His vision for Teratech is to become the preferred solutions provider for pharmaceutical companies and the forerunner in the industry....
4 Pages (1000 words) Case Study

Enterprise Risk Assessment, Audit, and Cyberlaw Policy

mematech Company has consumed a lot of money, time, and human resources to ensure the security of the company is up-to-date.... Symantec develops the industry's security software and web security threat analysis for mematech.... Therefore, based on the company's study, mematech has ten security practices, procedures, and guidelines.... mematech saves its certificates to hardware machines like the router, or even load balancers....
8 Pages (2000 words) Case Study

Information Security Implementation Plan

This essay "Information Security Implementation Plan" is a preparation of mematech solutions limited Information Security Implementation Plan.... In the case where mematech solutions limited has this need, I have proposed to develop and install a new security plan for the company.... I have proposed a security plan for mematech solutions limited for the connection that will safeguard their new products when researching and developing stages are carried out....
38 Pages (9500 words) Essay

Problem Solution Provided by TeraTech

This essay "Problem Solution Provided by TeraTech" discuses the various problems that the company might face during the process of its new product development as well as provides an in-depth analysis of the various alternatives involved, their pros and cons, and the viability of each alternative along with the far-reaching impact on the organizational long term goals....
9 Pages (2250 words) Essay

Enterprise Security Policy Plan for MEMATECH Solutions Limited

The paper "Enterprise Security Policy Plan for mematech solutions limited " states that MemaTech is required to embrace the security requirements of the policy in addition to federal law, contractual obligations, and state law where the IT resources and Information assets are subject.... he Executive Department of mematech is needed to make sure compliance by third partners in any framework of the process of offering services to their companies.... The company is required to install, configure, implement, and test the discovery software for security provisions to reduce the effect to processes or systems from the impact of major failures of Information Technology Resources through the continuation of operations plan and plan for disaster recovery....
5 Pages (1250 words) Case Study

MEMETECH Technical Infrastructure Security Plan

The paper "MEMETECH Technical Infrastructure security plan" discusses that the plan will be designed to respond to a dynamic environment, as well as providing the adaptable framework in addressing the emerging and evolving risk to crucial infrastructure.... The infrastructure security plan established the approach for setting plans, identify the infrastructure and combine threat information, vulnerability, and consequence to produce a rational assessment, systematic, or company risk and develop security mechanisms and resilience strategies, and measure their effectiveness....
7 Pages (1750 words) Case Study

Security Awareness Training Plan for MEMATECH Solutions Limited

The paper "Security Awareness Training Plan for mematech solutions limited " discusses that the continuous monitoring process of the physical access would enable the system administrators to implement various procedural controls over each access point of the 'Physical Security Perimeter(s)'.... In this regard, the training plan of the organization is to take effective measurement of the operating system, which can enable the employees of mematech to ensure the effective utilization of the organizational resources....
6 Pages (1500 words) Case Study

Information Security in Global Communication Enterprises

Further description provided the possible solutions that GCE's IT department needed to implement to overcome the risks.... This paper presents a report on the risks that are faced by Smartphones and possible solutions to the risks.... The paper "Information security in Global Communication Enterprises" presents contextual research findings on the threats and risks that can affect the Smartphone of GCE's CEO.... High concerns over security, however, are linked to the recent research findings that show that GSM phones (Smartphones) are vulnerable to hacking and malware attacks, among other insecurity factors....
12 Pages (3000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us