Network Security Policy (Essay Sample)
You were hired as the manager for network services at a medium-sized firm. This firm has 3 offices in 3 American cities. Recently, the firm upgraded its network environment to an infrastructure that supports converged solutions. The infrastructure now delivers voice, data, video, and wireless solutions. Upon assuming the role of network manager, you started reviewing the documentation and policies in place for the environment to ensure that everything is in place for the upcoming audit. You notice that a formal network security policy is nonexistent. You need one. The current network environment and services are listed below:
The environment hosts a customer services database.
The e-mail service is available, with each user having his or her own mailbox.
There is a sales team of 20 staff. They work remotely using laptops.
A routed voice network exists between offices.
Web services are available to clients on the Internet.
Wireless services cover public areas and conferences rooms.
Considering the network environment, services, and solutions that are supported, develop a network security policy of 3–4 pages for the environment.
Give consideration to each service, and recommend protection measures.
Risk mitigation is of extreme importance.
Confidentiality and integrity are important factors of network security. However, it should not affect availability.
Formal Network Security Policy
Author’s Name
Institution
Instructor
Date
Formal Network Security Policy
Introduction
The formal network security policy spells out the appropriate expectations of the network use, administration and security in an organization. The major objective of a network security is to support the network requirements of your business using risk free or methods that reduce the risk. The security policy defines what networks you must secure, and all methods that you use to secure them in supporting you mission or business. This paper outlines the formal network security policies that will be implemented in order to protect the current network environment and the services provided.
Services and recommended protection measures
These policies apply to all the offices, in any location and all the employees of this firm. The policies will also apply to all the computer hardware and software owned and administered by this firm or its partners. The network services manager is responsible for establishing, implementing, administering, maintaining and interpreting the network security policies guidelines, standards and procedures. The responsibility of network security lies on all the employees but the specific guidance, authority and direction lies in the information technology department. The department will carry out systems risk assessment, evaluate information security products, prepare action plans for the information systems security, and perform other necessary activities to assure a protected information systems environment.
The network service manager is responsible for conducting investigations of any alleged network security incidents, compromises or problems in the firm. Systems administrators have a responsibility of acting as local network security systems coordinators. They are also in charge of establishing suitable user privileges, control logs access monitoring, and performing like security activities for the systems they manage. They are also charged with the responsibility of reporting all the apprehensive network security related activities. The employees and all the users have a responsibility of complying with these and all other policies that define network security service. They are also charged with the responsibility of making known all the network security violations and vulnerability that they notice to the information technology department.
The customer service database is be protected against misuse by authorized and unauthorized users through a Virtual Private Database that limits the access to the database from particular network nodes which dictates an employee to access the database while he/she is inside the intranet or from a particular subnet in the information technology department (Brijendra, 2011). The database is commonly protected from malware infections by installing a firewall. The system administrators are responsible for making the backups. All the backups’ media are stored in fireproof safes, in separate secure locations. All confidential information kept on backup media will be encrypted by means of approved encrypting methods.
The following are some of the strategies that will be implemented to ensure network security. First, all the users will be provided with unique email address with a different username and password or an extended user verification system. Therefore, no personal emails will be allowed in any transaction of a company’s operations. Concerning the emails, all emails addresses will be locked out of the system once an employee quits working for the company also those that are inactive for six months. In addition, all personal electronics such as laptops must have password securities, antivirus, encryptions, and firewall protection and a daily back up of the data in the computers.
The router is the outmost security gate. It is tasked with sending IP packets to the connected networks. These packets can be inward bound requests from Internet customers to your Web server, appeal responses, or outward requests from internal customers. Routers’ will be used to wedge unauthorized traffic between networks. It must be guarded against reconfiguration by means of protected administration boundaries and making sure that latest software is used and up to date. The web services are for serving the client only thus they will only be accessible to the clients and the company employees only. In accessing the...
Other Topics:
- The Selection of a Database Management System and Database DesignDescription: The Extent to which End-user Should Participate in Database Management System and Database Design Selection...1 page/≈275 words| APA | Technology | Essay |
- Growth TrendsDescription: The essay talk about the various strategies that old ports use to ensure that they remain in business...2 pages/≈550 words| APA | Technology | Essay |
- Artificial Inteligent in Our SocietyDescription: This report deals with artificial intelligence in society. My motivation for writing this report was to expand my reader and my own knowledge of artificial intelligence...5 pages/≈1375 words| APA | Technology | Essay |