The outline below is provided to illustrate and show how Computer and Network Security has been implemented as a plan to an educational facility. This basic outline targets the infrastructure of companies through which the bases of protecting internal assets are most critical. It shows the effectiveness of the school’s control, auditing and implementation.
A. Periodic control of Operating System Patches
B. Virtual Private networking to Domain Servers with Student Information Systems Software from staff workstationsC. Periodic control of Operating System Service Packs
D. Anti-virus software installed on each workstation to include student work stations
E. Spyware/malware / Malware control measures
F. “Pop up” control measures
G. Application updates (i.e., Microsoft Office and related)
H. Software Update Services Server installed to push updates approved by administration I. Documented Policy and Procedures school level
J. Documented Policy and Procedures board level
K. Active Directory Server login for staff to establish IT Policies
L. Applications with logging of activities (customized)
M. Application and Security Logs running on ServersN. Network Address Translation used at firewall level
O. DMZ (demilitarized zones) used on web serverP. Hardware firewall (three honed) used with logs and specific port number restrictions.Q. IDS (Instruction Detection Server) in place and monitoredR. Traffic monitor in place to monitor inbound, outbound and intranetworking packetsS. Disaster recover plan in place Control of patches and updates becomes one of the most important aspects of Computer and Network Security. With operating systems flaws being one of the most critical needs to identify when operating a network, control of pushing service packs or updates to computers becomes extremely important. Companies should have this in their plans and someone in the information technology department should be assigned to check SUS (System Update Services) servers daily. This IT person should also check security and operating system websites for alerts. Often these sites have email alerts to alert end-users of a security problem.Virtual Private Networks or VPNs should be created between workstations and servers that contain critical data. By using PPTP (Point to Point Tunneling Protocol), this ensures the data is encapsulated as it travels across the internal network. While packet capturing software can be installed on a network, this will help to encrypt the data and prevent loss due to network sniffing.Antivirus software must be installed on every workstation and the software should be updated daily. This control of updating can come through push services through a server to insure the virus pattern or signature is up to date.Spyware/malware control is becoming an issue at all companies.
Spyware/malware is software download automatically be some websites to track a user’s internet surfing habits or to track software use on the end user’s computer. Often computers become burden by spyware/malware loaded in the operating system and become nonfunctional or extremely slow. Control of spyware/malware and the protection of workstations fall on the information technology department. Control of spyware/malware helps to prevent pop-ups which in turn helps to keep productivity high. Application updates should be controlled by the information technology department and periodic updates checks should be performed by personnel assigned to the IT department. Without the above recommendations in place, companies can have a breech in their network infrastructure by hacking, virus infestation or physical security violation. Breeches can cause the loss of consumer or customer data. This loss can involve the loss of credit card data, personal demographic information, or other valuable data. Breeches can cost the company an insurmountable amount of money and public embarrassment. Several large universities were recently hacked and the embarrassment and possible lawsuits that could follow could jeopardize the integrity of the universities.
The methods used and sources utilized for conducting this study are simplex. Supporting data from leading industry resources that has been supplemented with internal interviews along with the researcher’s personal experience provide the supporting data as stated.These methods no matter how simplex are the basis and foundation needed to support the Computer and Network Security and guard the infrastructure of computer and data assets from within a company or corporation. Research was also guided by magazines, textbooks, corporate policies and the Internet along with industry leading experts’ advice. With the aforesaid resource information available, the researcher had to “weed out” and screen undesirable information and utilize documentation that offered the greatest benefit to the research paper. This “weeding out” of information helped to keep valid data within the scope of this research paper.The above outline of an
educational facility provides a basic outline and framework for a moderately detailed plan to support and implement need for security of the information technology department network infrastructure in the modern workplace.This security plan is a basic example of a “case study” for companies and corporations desiring to “lock down” or secure their network infrastructure.