Security Recommendations After Security Breach - Assignment Example

Security Recommendations for a Major Organization after Security Breached al Affiliation Security Recommendations for a MajorOrganization after Security Breached Introduction For large organizations, the attainment of security requires huge amount of time, human resources, and money. However, the huge costs involved go not mean taking chances with business network security especially given the rapidly expanding networks both commercially and government, and the developing internet economy. With these and other factors, security issue gains top priority for all companies where information technology use is inevitable. As a security administrator of a major organization recently breached by social engineer, below are the recommendations to this company on how to improve its network security through security plan, and standard operation procedures. Thesis: With network breaches being inevitable, small, medium, and large organizations must have security plans and standard operation procedures in place to prevent, detect, and respond efficiently to intrusions. Organization Should Have a Security Plan A security plan is a blueprint of the realization of safety objectives. This is a requirement for small and medium companies by also for large companies. In this case, security plan comprises of numerous elements including evaluation, situation assessment, testing, security policy, and implementation all of which work towards preventing and minimizing the possibility of harm resulting from electronic and other resources through malicious actions, accident, error, or natural disaster. For this organization, situation assessment will work well in ensuring that the appropriate network areas are well protected, the formulated security strategy and plan are comparative to the probable threat, and offer upgrading plans that comprise countermeasures for novel hazards. The scope of an effective network plan will also result to clearly understood security issues, the required security level, and potential attackers among other factors (Daya, 2009, p. 2). Since the network plan scope is limited by the form of threats it covers, often, IT related threats may have a separate IT plan is prepared using specialized knowledge. With the scope, continuous security assessment will enable the organization to determine its progress in promoting network security through the identification of what is to be defended. Often, network security assessment explores the extent to which the vulnerability of people, equipment, locations, service availability, and confidential information is minimized and recommended actions for improvement. With the network components to be defended, the next move is the determination of threats to be defended (Sighn, 2011, p. 4). A security plan categorizes the threats as physical like theft; insider like information theft or disclosure; information threat like customer lists; natural like landslide or earthquakes; and computer-oriented like malware, spam, and network intrusion. Network assessment includes risk determination and prioritization. Risk determination offers crucial information on the form of risks likely to occur and their impact while prioritization determines the risk to deal with first to manage or what can be ignored safely (Sighn, 2011, pp. 4-5). Security assessment is followed by identification of actions to take, and when to take them either as a one-off or in a continuous nature. Some actions include purchasing and installing equipment like firewalls; procedure alterations; curtailing risky activities; additional staff education; creating contingency plans; and exercises like fire drills. To achieve its goals efficiently, a network security plan must be implemented by a network security administrator who should have the right resources, time, skills and budget. The administrator will ensure that no actions are left out through mechanisms like review meetings (Daya, 2009, p. 3) and that the security plan is updated regularly to fit into organizational assets’ changes and to deal with security threats to its operations annually or in the event of change in organization operations. With an effective network plan, an organization can then design and deploy a security policy. Organization Should Have a List of Network Services Network services deal more with prevention and include prevention, discovery and response (Stewart, 2013, p. 183). Network access control or NAC service works efficiently in blocking any device not compliant with organization’s no-exception policy. This policy requires that every device connecting to company network fully complies with both the organizational policy and any existing approved updates and patches. Besides being enforced using technology, the no-exception policy must be documented. The network services to be implemented depend on organizational and technical goals. For effective network services implementation, packet filters on firewalls and routers are required or additional processes for user authentication used for restriction. Care must be taken to avoid developing a very complex security strategy since it can be self-defeating and hard to implement without resulting to unplanned security holes. Besides blocking non-compliant devices, network administrator must ensure physical control over all individual access to IT components (Stewart, 2013, p. 190). Unlike logical protection, physical security protects sensitive elements of IT infrastructure from influence, access or contact by unauthorized person. This is attainable through blocking all non-administrative users from accessing network equipment and servers. In addition, the administrator must ensure that access to client systems narrows down only to authorize personnel within any department (Stewart, 2013, p. 183). Physical security also involves resisting forceful entry through the use of facilities that deter or prevent unauthorized physical intrusion, monitoring personnel activity using physical access control through card entry thus preventing visitors from forced entry into secured areas. In addition, the network administrator must ensure that all internal network communications are encrypted using Internet Protocol Security or IPSec (Daya, 2009, p. 5). IPSec guarantees that intranet communications are secure through minimization of risks like man-in-the-middle, eavesdropping, and replay among others (Stewart, 2013, p. 185).IPSec uses both IPv4 and IPv6 techniques to promote encryption and decryption through shared keys to promote quality of service to transmissions across the network (Daya, 2009, p. 6). A common form of communication across organizational network is e-mail. Mail security should not be a privilege but a requirement to deal with multifaceted and constantly changing problems of insecurity (IBM, 2014, p. n.d). The messaging structure must be protected from both inbound and outbound threats using a combination of spam control, preemptive threat control, and intelligent management options like web-based local management interface, and sophisticated grouping management options. Network security policy covers inexhaustible security requirements to guarantee prevention from intrusions (Stewart, 2013, p. 185). Additionally, failures and bad things are bound to happen to the network including breaches at any time. As a result, the organization should have an incident and intrusion response plan which is a way of planning for the worse besides continued examination and evaluation of the real threats to company assets. An incident response plan is recommended since it defines the right procedure to deal with any security threat situation. Other preparations worth attention are a business continuity plan ad disaster plan that goes beyond network security breaches to dealing with situations that can result to business termination. References Daya, B. (2009). Network Security: History, Importance, and future. Retrieved October 2, 2014, from Massachusetts Institute of Technology. IBM. (2014). Proventia Network Mail Security System. Retrieved October 3, 2014 Sighn, B. (2011). Network Security and Management. United States: PHI Learning Pvt Ltd. Stewart, M. J. (2013). Network Security, Firewalls and VPNs. United States: Jones & Bartlett Publishers. Read More