Implementing Network and Personnel Security Measures
SEC 402 Cyber Security
The Essential Body of Knowledge
EQUIPMENT LIST OF NETWORK SECURITY DEVICES
Today’s technology demands that all types of business organizations and companies be established via a network system. Government, and all of its agencies along with the majority of business organizations all working under unique network systems it is absolutely necessary. As the security consultant it is our responsibility to identify and implement the necessary security measures to identify and eliminate the potential and immediate threats to the organization. As the security consultants for your organization we are responsible for the securing of the personal data and information which may encompass the need to upgrade or repair any identified security devices at the worksite. Sensitive information or data can only be secured if the network is properly secured. The possibilities of a breach of sensitive information & data is greatly reduced with a secure network. To ensure the integrity and sensitivity of the data the devices listed are necessary to secure the networks.
A network switch works much like a network bridge with multiple ports which helps to process and route packets at the Access or data link layer of the OSI reference model. Unlike a hub, a switch forwards messages to a specific host. The three important functions might include the following:
The data layer or Layer 2 in a network system can be best protected by one of the three the brands listed below:
- Connecting multiple hosts: A switch provides a large number of ports for cable connections often used to connect multiple PCs to a network allowing for a star topology routing.
- Forwards a message to a specific host: Acting like a bridge, a switch uses the same forwarding or filtering logic on each port. The switch will receive and decode the frames to read the physical (MAC) address portion of the message.
- Manages traffic: A switch in networking can manage traffic either coming into or exiting the network and can connect devices like computers and access points with ease.
- FS.COM: Prices range from $410.00 to $2,500
- Extreme: Prices range from $1,295 to $2,375
- Cisco Systems: Prices range from $700.00 to $7,750
- Firewalls are the equipment which is necessary to prevent an organizations system and network from any threats. Firewalls are routers which are fixed acting as a second shield preventing access to the router, firewalls work as a filter and benefits government and organizations even if stops its actual user from sending data and files to other users. It also assists to keep a proper check on the traffic of information running between internet and the network. The best brands of firewalls are:
- Cisco GPL 2019: Prices range from $500 to $44,997
- SOPHOS: Prices range from $1,791 to $3,595
Routers are networking devices that forward data packets between computer networks. Routers perform the traffic directing functions on the Internet. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork until it reaches its destination node. In order to protect the network system, it’s data and sensitive information, routers must possess two very important characteristics:
Router name and a supplied password secure the firewalls, each password should be different to the authorized person, in order to avoid access of an unauthorized person to it. By acting as a default portal, routers when successfully installed restrict broadcasts from the LAN. By doing so ensures the router in their network system will provide the safety of an organizations data and sensitive information. Routers when installed do not allow information to leak or follow unknown paths. Routers improve the processes through a systematic approach.
- Built-in Firewalls
- NAT – Network Address Translators
The two most popular brands of routers are:
- HP/HPE: Prices range from $399 to $1,356
- Alcatel-Lucent: Prices range from $425 to $2,500
All malfunctioning or disabled security equipment should be replaced and a sustainable maintenance plan implemented. Large organizations or government agencies require an effective maintenance plan to keep the sensitive and vital data secure and free of breaches. Ensuring the security measures are routinely updated provide a more effective maintenance and security to all actions being performed and devices being used. Any network within an organization must possess a built-in network plan to protect against unauthorized actions which are being performed that have nothing to do relative to the network, the main reason for an outstanding network maintenance plan.
Three major items related to data security include: Integrity, Availability, & Confidentiality.
If all the activities provided in the maintenance plan are not fulfilled the following risk may be experienced by an organization or government agency.
Within an organization or government agency the following particular activities should be performed as a part of the security maintenance plan:
- Hacking of personal or secret data.
- Misuse of data locally or internationally.
- Bad future impression of the agency for not executing activities properly (most important risk)
- Destruction of network cloud
- Damage of firewalls
- Attack or viruses to main server or other devices
- Through virus attack damage to switches and other devices may also happen
- Hacking of routers passwords may also happen (Dennis Chernik, 2012)
- Trouble shooting of the physical items
- Designing of standard troubleshooting and proper adoption of maintenance routine.
- Recognition of the troubleshoot name.
- Installing, assembling, and configuration of devices and equipment.
- Traffic monitoring should be done by keeping in view the addresses and routing errors.
- Troubleshoot the server issues and the application.
- Build and support hardware and software tracking system.
- Hubs and switches should be installed on the network.
- Finish the action order for the preparation of connections, installations, conversion, and generating items of the network and equipment. (Dennis Chernik, 2012)
The proper execution of the security maintenance plan will require the following resources or personnel:
Manual (Physical) Security Measures:
- Technical Project Manager – Maintenance Planner
- IT staff – Analysts
- Networking experts
- Governance – Human Resource
To ensure that your maintenance plan is effective the security team would need to ensure that an electronic boundary or limit around electronic assets, manual or physical measures could be established and maintained. This is necessary because if the electronic assets cross the boundary security equipment may be damaged or destroyed.
Listed below are four manual (physical) security measures:
Manual or Physical Security Vendors:
- Scan/Badge System
- Alarm system.
- CCTV cameras.
Any of the security devices listed above can be purchased via the two vendors listed:
The vendors mentioned here are infamously well known for their products dependability and quality. The line of security products offered by these two vendors ensure that an organization or government and its agencies would be able to attain the security measures given above to prevent data breaches. SES is a family owned business which has been around for thirty-six years and boosts of 98% customer satisfaction. SES is famous for providing the best quality video surveillance, key-scan proximity readers and fire alarm control panels. Grainger is the other awesome vendor, known worldwide for its thousands of security products, such as intrusion system control panels, access control receivers, wireless alarms, etc. These companies are excellent security providing vendors.
Activities of Human Resource Department:
Effective security maintenance plans, policies and procedures are established and enforced throughout the organization and government agencies by its Human Resource Departments. HR departments within an organization are tasked with disseminating information, reporting cooperation and tasks in a such a way that assists with the completion of the goals of an effective maintenance plan. The Human Resource department ensures the values, mission, and goals of an organization or government agencies are being progressed.
To execute a security maintenance plan within an organization or government agency the HR department will need to follow some necessary activities. The HR department ensures all types of safety of equipment, staff, building, and data furniture and fixtures have meet the satisfactory security standards according to all immediate or potential threats and rules of health care. The HR department is also responsible for the policies and rules which are being implemented verifying that these are followed exactly or not for the safety of organization or government agency. To be prepared for the many types of emergencies regarding people, data, or other devices is also the responsibility of HR. A successful organization or government agency will have an HR department which is performing its role as it should and complimenting its security department.