An Analysis Of The Security Technology Deployment Plan For Company XYZ (Research Paper Sample)
The paper analyzes the security deployment plan for company xyz.
Security Technology Deployment Plan
Security Technology Deployment Plan
The paper evaluates the security deployment plan for company XYZ, in a semi-conductor manufacturing industry. The paper is structured in 6 different phases. The paper sets out by discussing the IT system architecture, then plan of protection. The third step highlights encryption technologies that will assist XYZ to protect intellectual property while maintaining competitive edge. In the fourth step, the paper provides network security and threat table followed by email security mechanisms. In the end, the discussion presents recommendations to the company leadership for safeguarding its network resources.
Step 1: IT Systems Architecture
Communication via local area network (LAN) is a common trend in the present world. While communication through LAN is not secure, most organizations use it since it is convenient. According to Cisco (n.d), communication of confidential information is vulnerable to attackers and other threats. It is the goal of each organization to safeguard its information against unauthorized users and malicious staff. The security of an organization’s data is based on identifying threats and addressing them to prevent access to confidential or sensitive information. For that reason, the organization should enhance its security by choosing an appropriate wireless LAN (WLAN). Specifically, the organization has to identify acceptable double connections while taking into account the security of its network. For example, to protect the organization’s network security, it is paramount to ensure that the WLAN has client devices when carrying out security assessment. The WLAN connect client devices to the computer and not directly to the network. Such an attempt is important when it comes to allowing client devices to communicate with the LAN via the wireless switch, which is easy to manage. In relation to security configuration, the organization should have a standard architecture to provide not only protection but also reduce network threats and effects of attacks by enhancing predictability and consistency of security (Cisco, n.d). In the organization, LAN security can be threatened by unauthenticated users.
Table 1. IT Systems Architecture
ComponentExplanationLikelihoodSolutionLAN securityThis is the where with the local area. The firm’s wireless LAN is vulnerable to threats from unauthorized users LikelyImplement firewall to prevent unauthenticated access.
Installing anti-spyware and adoption of intrusion prevention system (IPS)
Identity managementThis involves identification of individuals across the network and controlling access to data based on their user-level rightsLikelyImplement user level rights and password introductionPhysical securityPhysical safeguard of software, hardware, personnel and network resources from damage or lossLikelyUse back-up strategy.
Implementing locks and security staffs Personnel securityPolicies that can help in managing the risk of employees using their legal rights to access the firm’s network resourcesUnlikelyImplementation of password policy and anti-virusAvailabilityInvolves the vulnerability of network assets to unauthorized users of failureUnlikelyRegularly upgradingPrivacyThe technologies and approaches used to safeguard organization’s dataLikelyEncrypt data and use of anti-virusStep 2: Plan of Protection
Based on the needs and requirements of Company XYZ, a plan is required to protect identity; access, authorization and non-repudiation of information transmission, storage and use. Specifically, the effective plan for the organization leadership has to put emphasis on steganography technology. This technology can secure the organization’s assets by concealing network passwords (Sumathi, Santanam & Umamaheswari, 2014). Nonetheless, it is hard to detect stenographic information because authenticated users can gain access of the company’s network resources including emails, information, files and database. As a result, it is important for XYZ network assets can be secured using statistical steganalysis. Steganalysis is the process of detecting secret communication. Concealing messages can level identifiable traces (Sabnis & Awale, 2016). Hence, the concealing procedure changes the statistical attributes that steganalysis tries to identify. The goals of steganalysis is to determine if an image has a secret message or not with a higher degree of unsystematic guessing. Additionally, steganalysis finds details of the image and conceal the embedded algorithm, message length, content or secret key word. In this regards, XYZ can use steganalysis to evaluate how the content is transmitted across its network and sources of all messages. When it comes to identifying hidden messages, the company can monitor traffic so as to detect suspicious activities. Specifically, the transmission of large files/images is suspicious and warrantees further investigation to determine the security of the organization’s information assets. Another strategy that is appropriate for this organization is decryption and encryption. They will help the firm in not only protecting identity but also access, authorization and nonrepudiation of information transmission, storage, and usage. Encryption technology will help XYZ recognize data based on its sources. On the other hand, decryption could help the organization to deal with data leakage issues. Decryption and encryption technologies can also assist the firm to prevent illegal access. Essentially, the efficacy of encryption, decryption and steganography can be achieved through email, network, files and database security. Hence, XYZ should implement security policies that highlight how data should be transmitted or shared across the network. Basically, the company has to spell out which data should be exchanged and which cannot. Additionally, the company has to define user level demonstrating each workers access privileges.
Step 3: Data Hiding Technologies
Shift /Caesar cipher. Shift/Caesar cipher is the oldest and the simplest technique of encryption (Rodriguez-Clark, 2017). The company can use the shift approach to encrypt messages to prevent unauthorized users from access it. In this technique, every letter in the original message/ plaintext is substituted with letter corresponding to a particular number in the alphabet. Every letter in the alphabet takes a position, for instance, 4 represents letter D. Therefore, +4, D would be changed to H, and the same is applicable to other letters in the alphabet. In this manner, a message that was easy to read ends to be hard to read at first glance.
Polyalphabetic cipher. Polyalphabetic cipher is an encryption technique that en...
- OSI Layers: Test Plan Pennywise National Bank SystemDescription: Testing Methodology: Defines what types of tests will be performed and during which phases they will be performed...3 pages/≈825 words| 3 Sources | APA | IT & Computer Science | Research Paper |
- Data Warehoususes and Data Mining Research PaperDescription: How data needs to be prepared in the data warehouse before used by a data mining tool.. use examples to demonstrate.....5 pages/≈1375 words| 6 Sources | APA | IT & Computer Science | Research Paper |
- Project Implementation Of Information Security Management System In Wilmington Pharmaceutica. . .Description: This research is concerned with issues regarding information security management in Wilmington Pharmaceuticals led by the need for implementing effective information security management systems....55 pages/≈15125 words| 53 Sources | APA | IT & Computer Science | Research Paper |