NextGard Technologies specializes in the network consulting services for small, medium and large organizations inside and outside the United States. Currently, NextGard has approximately 250,000 employees in 5 countries and the company corporate headquarter is located at Phoenix, AZ. However, the company decides to secure and upgrade its current network to enhance organization efficiencies. Currently, the company has 5 district offices at the following locations:
New York City, New York,
Los Angeles, California,
At the district offices, employees have a combination of mobile computers, desktops computers, and wireless devices. Moreover, the company has the mix of computers operating with the Window 7, Window Vista, Window XP and Window 2000. The company also has Window Active Directory located at the Phoenix office and the Phoenix office has two proxy servers to provide Internet access control and Web cache services for the company since majority of the company applications are web based.
Objective of this project is to upgrade and secure the company current network to enhance organizational efficiencies. However, it is critical to design appropriate access control for the Microsoft Windows to enhance their effective security system.
Appropriate Microsoft Windows Access Controls
Vulnerabilities and security holes in Microsoft software programs are common target of security attacks. However, many attacks are focused on the Microsoft Windows due to their wide use by many organizations. (Smith, 2000).Based on wide vulnerabilities against Microsoft Windows, NextGard is required to take preventive measures and set up the following Window Access Control policies:
First, the NextGard should improve its access control using auto-checking to search for passwords that are more complex for the company IT administrator. Typically, the company should formulate policies to ensure that the administrator uses a very complex and strong password to log into his or her administrative account. The use of a strong password is very critical to deter unauthorized access into the company network account. It is very critical for the company administrator to always use a very strong password that unauthorized individuals will find challenging to crack. Moreover, the company should use SmartCards to securely store personal information and enhance authentication. (Mike, 2008).
Additionally, NextGard should make a policy to ensure that all employees are to use the company computers for only the business communication, and all employees must communicate solely with the company emails and the communication should be strictly based on the NextGard business operations.
Cryptography Methods to protect the Company Information
Cryptography policy is the strategy to protect company information through encryption. NextGard needs to develop a cryptographic policy to enhance integrity, confidentiality, and authenticity of the company information. Cryptographic method involves the use of digital signature encoded by the asymmetric cryptography or public key. As part of the security policy, the company should include digital signature with document transferred electronically whether the document is encrypted or not. To decrypt the digital signature, a user should verify the public key using a secured private key of the document sender. However, the company should employ key management to make both the public key and private key highly confidential.
Data encryption should also be established to protect the company information. Encryption is the strategy by which all data within the organization are converted into unreadable form and only authorized users with decrypted key can only convert the data into a readable form. This strategy will assist the NextGard from preventing unauthorized access to the company data. The encryption system will protect all the company data from an unauthorized access because external intruders will not be able to read the data since they do not have access to the decrypted key. (Bruce, 2005). The company should also use the cryptographic system to protect the data transferred electronically from one computer to the other since an intruder could hijack the company data from the network system using strategy such as eavesdropping and sniffing. Thus, the company should use the cryptographic strategy to protect the company data in transit using the encryption form. However, the company needs to keep the decrypted keys very confidential, and under no circumstances should the decrypted key communicated to third parties or unauthorized individuals.
Method to Thwart Malicious Code and Activity
Trojan horse is the malicious program, which looks like a normal program, however, hides malicious code to gain access into confidential information through remote access. Similarly, viruses manipulate a legitimate user by bypassing access control and authentication to spread malicious code. Virus can infect system and damage network system. Similarly, worms are self-replicating program that create series of problems to the affected systems. Logic bombs are the piece of codes intentionally inserted into a software program to trigger malicious code. A programmer could intentionally plant a logic bomb to trigger malicious applications.
NextGard needs to design strategies to implement countermeasures against viruses, logic bombs, worms, and Trojan horses. One of the effective measures against virus is to install antivirus onto all computer systems. An antivirus packages such as AVAST has ability to detect email attachment that contains virus. Typically, worms, and Trojan horse are spread when a user downloads a mail attachment that contains Trojan horse or worms. Thus, the company should provide an IT training for all its employees to possess skills to identify an attachment that contains Trojan horse or worms. Typically, all employees should only download attachments from the company or trusted emails. Moreover, the company should install spam filter program in all computers to filter out all unwelcome emails. Typically, most attachments containing worms, Trojan horse and virus are found in the Spam box. Thus, the company should install anti-spam software that will filter out all the unwanted emails. Moreover, the company should develop a policy to scan all the computer system twice in a week with a powerful antivirus package. The company should only install a trusted application package into the computer system to avoid a logic bomb being planted into the company Microsoft Windows.
Formulization of Plan to implement, monitor and Determine System Implementation
Proper incident response is an integral part of a risk mitigation and overall security policy. NextGard should implement computer auditing two or three times in year to ensure that all the computer systems are free from malicious code. Moreover, the company should establish and enforce policies to ensure that all employees follow the company IT policies. Essentially, many IT security incidents are created accidentally by IT personnel who do not follow the company policies and procedures. Thus, NextGard should thoroughly test its policies and procedures to ensure that the company policies are clear and practical.
The company should also routinely check that the latest patches are installed in all computer system. Moreover, the company should develop a data backup plan to protect the company data in case of human and natural disasters. All the back-up data should be stored at a remote location, which will allow the company to quickly restore business operations in case of accidental loss of data. The company should also undertake training program for both new and experienced IT staff since largest percentages of vulnerability often pass through inexperience IT users.
The company should develop a policy to mandate all employees to use strong passwords. Moreover, the company should routinely analyze and monitor all the system and network performances. The company should also routinely check all logging mechanisms such as application specific logs, operating system event, and intrusion detection system logs,
Detailed Security Guidelines for two Internet Access Control and Proxy Servers for the NextGard
The internet access control and two-proxy server operate in a network environment, and external intruders often use different techniques such as eavesdropping and sniffing to steal sensitive information from organizational network systems. Firewall is the effective program that the company could employ to block external intruders who intend to gain access into the company proxy server. Essentially, the firewall program will assist the company to control the network traffic thereby enhance security posture for the company proxy servers. (Scarfone, & Hoffman, 2009). Firewall will provide essential protection to company proxy server, thus, the company should use the application-proxy gateway that has the features of advanced firewall. This type of firewall acts as an intermediary between two hosts and restrict direct connection between two of them. Moreover, this firewall uses the authentication using combination of ID and password to control access to the server. The application-proxy gateway also inspects the content of the network traffic to permit or deny unauthorized traffic. The company should also use Dedicated Proxy Servers to perform validation and analysis of application protocols such as HTTP.
6. Best Practices for the Window Security of NextGard's Organization
NextGard is required to design comprehensive Microsoft security policies, which all the company employees should follow. It is critical to realize that strict respect of the company policies is the best strategy to enhance effective security of the company Window system. The company should organize training programs for all the IT and non-IT employees to ensure that…