Security Plan for Small Networks/Offices - SlideShare [PDF]

Jun 27, 2014 - Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Assets: The business has man

7 downloads 12 Views 587KB Size

Recommend Stories


Definisi kenyamanan - SlideShare [PDF]
Jan 8, 2015 - Definisi Kenyamanan Kolcaba (1992, dalam Potter & Perry, 2005) megungkapkan kenyamanan/rasa nyaman adalah suatu keadaan telah terpenuhinya kebutuhan dasar manu…

Holt.doc - SlideShare [PDF]
Jun 21, 2010 - ... Alternatives •Vocabulary Workshop Tests •Test Answer Keys Available upon request, one per teacher, year of purchase 0030573998/Media Literacy and Communication Skills, 106.92 122.96 VCR and First Course Monitor •Support and P

Maine explosion - SlideShare [PDF]
Dec 19, 2013 - Which do you think would have been the most reliable story? Why ... Document B: New York Times (Modified) MAINE'S HULL WILL DECIDE Divers Will Inspect the Ship's Hull to Find Out Whether the Explosion Was from the Outside or ... Now, f

myntra ppt - SlideShare [PDF]
Mar 12, 2013 - Capabilities Order Processing and Delivery: Myntra attempts to order and ship every order within 24 hrs.It offers free shipping within India on all products It can ship internationally to all major countries. Technological: Myntra

Teater Bangsawan - SlideShare [PDF]
Dec 3, 2011 - Pada masa itulah anak-anak bangsawan berjaya mengolah, membentukdan menentukan gaya teater dramatik bangsawan sebagaimana yang ..... Dengan adanya kemampuankumpulan untuk mengetengahkan pelakon handalan yang berbakat,dan denganpenggunaa

Bmi - SlideShare [PDF]
Aug 3, 2012 - BMIWhat is BMI?How do you use BMI?By Kathryn Kotula, R.D., M.S., M.P.H..

Security Guide for Small Business
Never let your sense of morals prevent you from doing what is right. Isaac Asimov

Recruitment And Selection - SlideShare [PDF]
Apr 2, 2010 - EXECUTIVE SUMMARY People form an integral part of the organization. The efficiency and ... Recruitment and selection form the process of hiring the employees. ... Determine the present and future requirement of the organization in conju

Recruitment And Selection - SlideShare [PDF]
Apr 2, 2010 - EXECUTIVE SUMMARY People form an integral part of the organization. The efficiency and ... Recruitment and selection form the process of hiring the employees. ... Determine the present and future requirement of the organization in conju

Historia GRUPO GEA - SlideShare [PDF]
Apr 1, 2011 - Online Course - LinkedIn Learning. Folleto historia admon. Claudia Espinosa. Cómo hacer una práctica de lectura. jcrojo. Ensayos de Historia Económica. jcrojo. La aparición de la gran empresa moderna. jcrojo. Continuación estrategi

Idea Transcript


SlideShare Explore Search You

Upload Login Signup

Search

Submit Search

Home Explore Presentation Courses PowerPoint Courses by LinkedIn Learning Search Successfully reported this slideshow.

Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Assets: The business has many assets which ar... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi 3. Administration controls Access control ... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Limiting access for employees in a business i... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi The best way to get rid of data on a hard dri... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Accounts for the organisation should also hav... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Antivirus software Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi As seen in this screenshots the computer syst... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi As seen from the screenshot Dropbox is being ... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Permission access Permission access for limit... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Webpage restrictions Webpage restriction can ... Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Evaluation The firewall and anti-virus softwa... Upcoming SlideShare Loading in …5 × 1 of 12

Security Plan for Small Networks/Offices 2,624 views Share Like Download ...

Ajay Jassi, Student Follow Published on Jun 27, 2014

This document is a security plan that was created ideally for any home network ... Published in: Technology, Business 0 Comments 0 Likes Statistics Notes

Full Name Comment goes here. 12 hours ago Delete Reply Spam Block Are you sure you want to Yes No Your message goes here

Share your thoughts… Post Be the first to comment Be the first to like this No Downloads Views Total views 2,624 On SlideShare 0 From Embeds 0 Number of Embeds 8 Actions Shares 0 Downloads 70 Comments 0 Likes 0 Embeds 0 No embeds No notes for slide

Security Plan for Small Networks/Offices 1. 1. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi A security plan in IT is a document that is produced by management, to show how an organisations implement security measures. This is done to protect and secure systems in the industry. Purpose The purpose of a security plan is to show procedures the business are doing reflecting to security towards the systems and data. This contains vary of security measures, daily procedures and plans. This mostly relates to a business that uses mostly online communication via email, and video calls. However other methods are used as well via phone, and face-to-face. This can be an example of any organisations which require IT a lot. Security These are the following security procedures and devices that are currently in place: Physical protection: Three working CCTV cameras are setup around the outside of the site, mainly focusing on the entrances/exits. However there is no security officer on-site, and the footage from the cameras are checked every week by the manager and when necessary. Virus protection: All computer systems have got Norton’s free anti-virus software trail, which has a month left on it. After the trails are over, the manager is attending to install AVG’s free-antivirus software trail. Spam-filter software: K9 spam-filter software is installed on the computer systems by one of our employees who is currently still training to become qualified. However the software crashes frequently and is becoming unreliable as it works sometimes. Password security: All desktops computers have a strong password, which follows the password policy. The desktops have the same password, which is very complicating therefore is written on a piece of paper which is stored in the employee staff room. However none of the laptops have a password, as they a secured in a safe when not in use. Updates: Most of our computer systems have a full version of Windows 7 Ultimate, and some have got Windows XP. The Window 7 systems are updated which has been scheduled automatically to install the important updates. The Windows XP systems don’t update automatically and cannot connect to Microsoft, the problem is still unsolved. Wireless networking: We have a router which allows anybody to connect to the internet, there is no password security on this and is open to anyone in the business. Backups: All our computer systems have a separate partition with only a backup image file on it. This contains all personal and private information to the business. We currently have no other backup techniques for the business, but are thinking about storing it on portable hard-drives. Firewalls: A built-in firewall is turned on which was pre-installed with the Windows 7 Ultimate’s. The ISP routers seem pretty secure, however it disconnects sometimes at least once a week. A technician is sometimes required to be called in to fix it. 2. 2. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Assets: The business has many assets which aren’t only IT systems and data, however these are one of the main one’s. The assets need to be secured, as they are private for the business and shouldn’t be known with other businesses and anyone outside of the business. This requires the employee to trust and employee reliable staff. These are the following assets: Computer systems, servers, and data Other electrical essential throughout daily business. (printers, telephone and broadband) Business secrets and personal details/information Customers Databases(business documents) from suppliers and customers Software used for business (security, office suites, advance software, etc.) Risks 1. Physical threats Theft Damage Arson 2. Computer security threats Malware Hardware failure and system crashes Spam Viruses 3. Information threats Private data Secrets of the business Fraud 4. Natural threats Tsunami Floods Earthquake Hurricane Security measures 1. Protection Backups Encryptions Employees 2. Prevention Firewall and Antivirus Operating systems (up-to-date) Removal of data 3. 3. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi 3. Administration controls Access control Permission control Webpage restrictions 4. Storage on Cloud Protection Backups: Backups are used to ensure that data is secure, and can be recovered quite accessibly if damaged or lost. Backups can be stored on a cloud base server, a hard drive, and removable portable devices, such as portable hdd, memory sticks, discs (dvd/cd). For extra protection, the hard-drive and (or) the portable device can be taken to a storage warehouse, which is securely locked up with high end security such as 24/7 CCTV and extremely strong steel all around the safe and the site. It is ideal to have many backups in different forms, as this will ensure extra protection from losing data, as a backup device may also get damaged, lost or stolen physically. Backups should be scheduled either automatically or manually daily, so that the backups are updated, as data important data could be gone in seconds from the threats. Encryptions: Encryptions are used to secure phases and words that are used across the business to each other to keep thing private and personal, so it cannot be read by others outside business. These encryptions can be very hard to crack and is time consuming, therefore isn’t really worth doing, as business may just use it to be secure all the time. However if the encryption is cracked this shouldn’t be much of a problem as continental information shouldn’t be shared on there. Encryption are also used on portable devices and files, which only certain organisations can use. An encryption contains its original message and large amount of other characters consisting of numbers, letters and symbols. Employees: Employees in business should have good training, from professional trainees who know what they are doing and are reliable. This ensures that the employee knows how to act, behave and work in the IT industry keeping safe, and making sure that security is considered. Many employees in IT don’t know what they are doing from bad training, and poor behaviour towards the work. This is often in businesses which don’t have a strong IT team/crew. An example of this can be a business like Costa Coffee, as their main priory is customer service and selling customer goods (beverages). A business like this doesn’t use much IT as they don’t sell products/services online and use simple computer systems in their shops and stalls. It’s important to ensure that employees have correct policies, that maybe more fair or more strict depending on their work and (or) progress. These policies can be a case of firing an employee or rewarding the employee with bonuses. The purpose of these is to make sure progress in the business is made and there to protect them and personal data such as names, addresses, contact numbers, etc. 4. 4. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Limiting access for employees in a business is essential, so they don’t have full control over the systems and cannot change any setting that may possible affect the system for business or general usage. Limiting access could also mean limiting software and hardware. This is similar to permission control. Prevention Firewall: Firewalls are used to manage organisations internet and permission control whilst using web browser and surfing the internet. These are used to filter out what can be authorised or what cannot be. These can be done separately on each computer system, or can be done as a server in the network for all the computer systems in site and connected to the server. It is more ideally to use a server based filter as it more reliable and is easier to manage as a technician doesn’t have to go around sorting each system individually. Microsoft operating systems such as Windows 7 have a built-in firewall, which can be enabled as well as on severs and on hubs, to ensure extra protection. Antivirus: Antivirus software are used to prevent threats such as viruses and spyware. Behind a spyware is someone classified as a ‘hacker’. The hacker can have access into the computer systems, allowing them to view and read data. These affect a business as personal information and private data such as customer databases are known, which is against the data protection act. These hackers could be in the situation of being in a court sentence, if caught. Viruses could affect the computer system and business in many ways as there are many threats. An example maybe that the virus doesn’t allow users to use the internet, which will affect the business as they relay of the internet for everyday activities such as emails. Having a reliable paid subscription antivirus is the best way to keep safe, as this includes features which free and trial products don’t include. These subscriptions can be brought in bulk for all the computer systems in the business, which will be cheaper than buying each one separate. It is also important to run the software everyday so if threats are found they can be removed easily. This would also keep the systems running smoothly and fast. Operating systems: Operating systems have security feature built-in which protects the computer systems. These include features such as firewall, patches and constant updates. It’s important to keep operating systems kept up-to-date, as new features are added which keeps security secure and running. Updates can be updated automatically which is recommended, however can be done manually or scheduled by choice. To change these settings administration rights are required. Removal of data: When removing data, it is very important to ensure that the data is fully gone, and cannot be recoverable. Data can be wiped from a hard drive from deleting the data from wipe unities. Another method is by psychically destroying the hard drive, by doing this the hard drive will not be reusable. 5. 5. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi The best way to get rid of data on a hard drive, is by doing a full wipe, and then physically destroying it with a mallet/hammer. This is so the hard drives are not at risk of being reused, as data may not having been removed from different compatibilities and errors, and therefore at risk if sold to someone else or reused. Administration controls Access control: Access control allows the administrator to restrict other user’s controls and usage over the computer systems. This can by not allowing users to go in the control panel, changing settings, personalising systems or any modifications that may possibly affect the computer system for daily business usage by employees. An example of this can be by changing the mouse setting, the keyboard setting and the font settings which isn’t normal and (or) ideal for employees to use. It is ideal for the employer to limit control over the systems to employees, to keep everything running smoothly and to ensure that they can’t change any settings that could affect the entire business, such as turning off the firewall. Permission control: Permission control is used for administrators to only allow users to use or access something with permission only. The permission in computer system cases is an administrator password. The permission controls can be used for software, updates and for downloads. This is to prevent employees getting viruses and threats on the computer systems, as they may not concentrate or have the correct training to make them no aware of viruses they are downloading. Permission controls should be used, as this wouldn’t allow employees to do whatever they want on the computer systems. Webpage restrictions: In workplaces/schools networks are restricted on the internet, so employees/student cannot access whatever they want and do whatever they want, that isn’t related to work. An example can be a business blocks gaming websites, so that employees can’t play games, and do the set work instead. However this shouldn’t have to be required in a business, as if an employee is caught playing games during working hours the employer could immediately fire them. Webpage restrictions such as social media should be blocked as employees will often want to keep updated and will look on their mobile phones, which are connected to the organisations servers and network for communication such as emails and free calls and messaging. Example of these apps are Viber and WhatsApp. Cloud storage Backup data online is very useful as the risks are low from the data being lost or stolen, as it is very hard to hack big organisation such as Dropbox, Google and Microsoft. The benefits from having backups online is that it will save the business money, instead of having their own storage service which can be very highly expensive to maintain and repair. Also if data is lost or stolen the fault relies on the online organisation. However a major disadvantage is that an internet access is required at any time when files want to be read or copied. 6. 6. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Accounts for the organisation should also have a strong password, which is unique to any other in the business following the password policy. A trustworthy organisation which offers the best services is Google, as they offer large amounts of storage for reasonable prices. However if the business is a Microsoft corporative, having backup storage with them will offer benefits such as reduced costs and extra services. Security improvements/Action list 1. Install more CCTV cameras inside and outside the building site of the business. 2. Installing an alarm system for the business building site. 3. Lock down the systems to desks/ground, using security cables. 4. Purchase an updated antivirus subscription and configure it on all the computer systems. 5. Install a better and more reliable spam filter software, which Microsoft recommends. 6. Create separate user account for each employee and create different passwords for each using the password policy. 7. Purchase and configure the same version of Windows 7 onto the systems which don’t currently have it, or upgrade all the computer systems to Windows 8. 8. Schedule the system to automatically update patches and software. 9. Create a secure password for the wireless network using the password policy securing it with WPA2. 10. Setup an additional backup onto a portable hard drive, and secure it into a safe. 11. Protect data with a storage unit organisation, as this option is very secure as security is taken care with 24/7. 12. Backup data online using a reliable organisation, such as Google and (or) Microsoft. 13. Update the ISP router to the latest version which is compatible with the networks, servers and computer systems. Implementing and testing Firewall As seen in the screenshot, the firewall is activated to the network ‘JASSI’, this means that no viruses or threats have affected the computer system over a time period. The firewall therefore runs smoothly and is protecting the system from any upcoming threats. 7. 7. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Antivirus software 8. 8. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi As seen in this screenshots the computer system is secured with a paid subscription McAfee Total Protection. The antivirus software also has extra features as seen, such as a built-in firewall, parental controls and backup protection. The screenshot was taken after an updated scan, which shows the computer is clean and secure. Backups As seen from the screenshots the system is scheduled to backup selected data every week at a certain time, and day of choice. This can be changed to ever hour or day or month if wanted. Personally I think once a week is ideal, as this shouldn’t be the only method of backup. This screenshot was taken before the backup was performed. Backups can also be restored using the recovery utility underneath. Cloud Backup 9. 9. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi As seen from the screenshot Dropbox is being used to store data on the cloud. A desktop version has been downloaded from the organisation’s official website, which makes it easier to view, copy and store data. This is done by a simple drag and drop structure, which is very fast and user friendly. An account for this is required and an annually payment of how much storage is needed which varies in price. As shown the files upload to the server very quick, as the green tick’s means the files are up to date. This is also shown on top of the recently changed tab. Operating systems Firstly Windows searched for updates automatically. This was changed in the settings to make important updates install automatically as users may forget to manually check for updates. Two important updates were found and automatically started to install in the background with awareness from the user. After the updates were installed, a notification came up after telling the user that the updates were successfully installed without any errors. This shows that the Microsoft servers are working, which shows it is reliable therefore would want users to use their other services such as their storage cloud, and office suite which helps business. To ensure that the automatic and scheduled updates worked, after updates were checked manually and as seen there is no important updates that are available. 10. 10. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Permission access Permission access for limiting times, software and games can be changed in the family safety settings in the user accounts control panel. This is a simple way to manage what a user can do and what they cannot do. As seen in the screenshot the program limits are on and the games rating is at no games. This means that the user would only be able to use certain software and application without permission of an administrator. 11. 11. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Webpage restrictions Webpage restriction can be done by using Windows Live Family Safety which is built-in Windows 7. This feature can be enabled underneath the parental control settings. This requires an administrator logging into a Windows email account to manage the user on the computer system. Once the account is logged on, the administrator may manage other features as well, which is already in the parental control that doesn’t require logging into an email account. These settings can be personalised by aspirations, but the best method would be by having an allow list only, as users will still have some sort of freedom on the internet if on any given option. It is also recommend to block the user downloading anything, as it may be a threat to the computer system. 12. 12. Security Plan for a Small Office or Home Network (P4/P5/P6/M3/D2) Ajay Jassi Evaluation The firewall and anti-virus software worked brilliantly compared to before where there was only simple features in a free trial. This will ensure that threats are removed if any quickly. These extra features will benefit users as it will give them less hassle finding out a method to be secure. An example of this is the built-in webpage safety feature. Cloud storage is one of the best method of backup, as the data is safe from being physically damaged, as they are saved on many servers internationally, therefore if UK’s servers for the organisation gets corrupt/ruined there’s many backups to be recovered from. Permission and restriction controls for the organisation worked well, as employees got on with the work progressing for the business and all the computer systems are still running smoothly without them being able to do much. Overall the security plan, was a huge improvement towards the organisation as they didn’t start off with much security that was very effective. Now that these security measures are taken, the business will have a lower chance of threats. However the plan isn’t perfect and there could have been some improvements on the way it has been approached. An example of this could have been doing the security features in a network/server form, instead of doing it individually on each computer system. Recommended

Teaching Techniques: Project-Based Learning Online Course - LinkedIn Learning

Learning Online Marketing Online Course - LinkedIn Learning

Visual Aesthetics for Elearning Online Course - LinkedIn Learning

P3 m2 Matthew Horrigan

Unit 32 assignment 3 task 1 Crashin

Security and safety plan apuustin

Physical Security Based On A Risk Analysis Model Nostrad

5 Step Data Security Plan for Small Businesses Wilkins Consulting, LLC

AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302) Amazon Web Services

ICT BTEC UNIT 2 P4 and M2 OriginalGSM English Español Português Français Deutsch About Dev & API Blog Terms Privacy Copyright Support

LinkedIn Corporation © 2017 × Share Clipboard × Email

Enter email addresses Add a message From



Send Email sent successfully.. Facebook Twitter LinkedIn Link Public clipboards featuring this slide

×

No public clipboards found for this slide ×

Save the most important slides with Clipping Clipping is a handy way to collect and organize the most important slides from a presentation. You can keep your great finds in clipboards organized around topics. Start clipping No thanks. Continue to download. Select another clipboard ×

Looks like you’ve clipped this slide to already. Search for a clipboard Create a clipboard

You just clipped your first slide! Clipping is a handy way to collect important slides you want to go back to later. Now customize the name of a clipboard to store your clips. Name* Best of Slides



Description Add a brief description so others know what your Clipboard is about. Visibility

Others can see my Clipboard

Cancel Save Save this documentTap To Close

Smile Life

When life gives you a hundred reasons to cry, show life that you have a thousand reasons to smile

Get in touch

© Copyright 2015 - 2024 PDFFOX.COM - All rights reserved.