Introduction to Information Security Essay

guarantor Domains and StrategiesSafety of data and teaching is a real im carriageant aspect of a company. Before we can create an analysis for general warranter solutions we must low define what is needed. I recommend that we use of goods and services a multi-layered certificate plan. There atomic number 18 a total of seven domain of a functions of an IT foot including substance abuser domain, workstation domain, LAN domain, LAN-to- ghastly domain, WAN domain, contrary entrance fee domain, and system/application domain. exploiter domain is essentially the people who gravel the information system. User domains tend to uplift risk due to the users c argonlessness due to lack of awargonness, not caring for policies, and security violations. These can soft be rectified with training. Conduct security awareness training, display security posters somewhat the office, and send email reminders to keep the policies light in the employees mind. some other parkland threat is ca used by employee misuse of the system. Employees superpower insert USB drives, or download photos harmony and videos. These items might contain viruss which in turn damages the system. The USB ports should be disabled and content filtering and antivirus scanning should be enabled. Workstation domain is any device that connects to the interlocking. A few threats might be encountered are wildcat ingress to the workstation and unauthorized vex to applications and data. These issues can be mitigated merely by enabling password justification on workstations and by defining unforgiving rise to power get over policies. LAN domains are a collection of computers connected to maven another. Threats for LAN domains include unauthorized access to the LAN, and unauthorized access to systems applications and data. The solutions for these threats are alike(p) to that of the workstation domain. Another major(ip) threat are confidentiality of data transmissions via WLAN connections is compromised.Implementation of encryption between workstation and WAP is crucial. LAN-to-WAN domain is where the infrastructure think to a wide area network and internet. A few issues include unauthorized network probing and port scanning. To fragmentise this issue disable ping, probing and port scanning on all outdoor IPdevices within the domain. Another major issue is unauthorized access with the LAN-to-WAN domain. Simply applying strict security supervise controls for intrusion and detection and retarding would solve this problem. WAN domains connect remote locations. For these types of domains it is easy for open, habitual and accessible to anyone that wants to connect. occasion new laws regarding unauthorized access to the systems, malicious attacks on the infrastructures and monetary loss due to malicious outages. Another issue is that most internet commerce is sent in clear text. To prevent this prohibit using the internet for tete-a-tete communications without enc ryption and VPN tunnels. Remote access domain connects remote users to the infrastructure. Threats for this type of infrastructure are brute force user id and password attacks, multiple logon retries and access control attacks. To stop this from occurring creates user id and password policies requiring day-after-day changes. Set up automatic city block for attempted logon retries. System/application domain holds all the critical systems, applications and data. Unauthorized access to data centers, computer rooms and outfit closets is a major issue for this domain. exercise policies, standards and procedures for staff and visitors. The servers must sometimes be shut down to perform maintenance. Create a system that brings together servers, retentivity and networking. These are a couple things that I have outlined that would make this multi-layered security plan a success. We must chicane the various threats for each layer and how to fall each layer. This plan will greatly save the company money as well as lawsuits due to information leakage.