A. Physical Security
Requirements
Physical
security urges that protection is a tool that specializes in the assets of a
corporation. It focuses on detection, recovery, and prevention. UMUC has the
mandate to give this security by putting in place door locks, closed-circuit
television (CCTV), controls, physical access locks, and perimeters barriers.
The network cable locks and data center will be significant is providing
protection to the network from any person who is unauthorized usage by the
employees and users (Baker
& Benny, 2016).
Physical security should deny physical access to people. It should be able to
detect intrusion, deter initial access attempts, and delay the violator to be
able to get feedback.
Solutions proposed
All
the individuals who have unauthorized access, should not be allowed in all the
entry points mostly in networking access and lobby. The CCTV cameras should be
used in monitoring an organization, as it acts as a tool in prevention.
Perimeter barriers are essential in providing security to the perimeter that is
needed by the organization. And the doors should be put securely. Physical
access is a benefit to the organization like UMUC even though they are based on
minor factors (Baker
& Benny, 2016).
They include card reader, anti-pass back system, FAR, and FRR process, iris
scanners and the fingerprint scanners.
Furthermore, the security organization must be
concern about the emergency and the safety of their workers. The data center
should be placed where it is very safe, and the physical access should be
minimal and be authorized.
UMUC
should use the locks and network cables carefully. There are other crucial
environmental situations such as the sag, spike, and brownout blackout. Thus,
the authority is needs to plan carefully to prevent problems that may incur in
future by the college.
The
team concerned with network security of UMUC needs to empress the use of IoT as
a solution to their physical security needs. This is because smart devices have
a link with business systems through the internet .These devices can be outside
of the perimeters that are secured. Therefore device isolation cannot be
successful just like those within the UMUC.In this case, location is very
critical for the full safety of the equipment. Proper precaution of security,
for example, alter safe ID labels are frequently enough to stop t criminals and
can expand the odds of goods being returned. Movement sensors, the following
sign, and carefully designed locks can give extra security to higher worth.
Justification.
Three
processes are essential in the physical security of the UMUC. These are;
Recovery, prevention, and detention. These will aid in keeping the process
secure to repairing the damages that arise, find out the broken and the
materials that are missing and making of the prig plan that's for the future
problems. Physical security also brings importance that guards the network when
it's still primary.
At
times the procedure is not followed and tends the steps failed and thus giving
the protection in all entry points and preventing the persons from allowing the
access. By using the Biometric control/ key locks helped in data centers and
networking platforms. The cases of attack and the violence will be minimal if
the proposal is made in a proper way .Taking a risk-based approach by the UMUC security team is
also a good idea. In this case, the potential threats and the context of the
university determine which physical security precautions are best. In this way,
the team has to ensure that the existing measures of physical security are
right..
B.
Mobile Device Security
Requirements
The mobile device security focuses on the following; are
laptops, tablets, smartphones, PDA's, and other computing devices. These
devices necessarily used for making calls but can be for different purposes.
These devices are widespread in usage in the modern world of communication. It
is a requirement to comply with the data restriction stated by UMUC whenever data access and storage is done.Moreso,encryption
software is needed in mobile devices so that critical university data is safe
from hackers (Raggo,2016). It also imperative for the users
of the system to avoid opening university emails,over public Wi-Fi as this is
the potential opportunity for hackers to tap or steal information.
Solutions
proposed
It
is imperative to have control of the usage and likewise the user. Those who use
the system should be conversant on how the utilization and all the restrictions
in place. To settle the underlying issue, a tracking system is a requirement.
It will have the model number, warranty,
support system from the vendor, and model number. The devices such GPS is also
vital for locating gadgets when misplaced or lost(Raggo,2016). Triangulation
activities on the tower and over wi-fi is also the best option for UMUC in its
tracking progress. It is also wise for the college to have specific features
listed whereby the users can only access e.g., Password authorizations in
screen locks of the system. For all the safety messages, encryption can be
utilized in messaging or calling. In the event that different endeavors of logging
occur, remote wipes can be used to eradicate the information right away.
Capacity is likewise a significant factor which needs to keep secure and
composed(Raggo,2016).
If any clients or workers see irregular exercises, they should report to minimize
the damage or attack.
Justification
They
are a lot of benefits that accrue from having
mobile application which is secure. However, if privacy is not a
priority, it can be somehow complex. Therefore UMUC should treat privacy as a priority as it can
be a risk in terms of security of mobile devices. For instance, a given survey
report accounts that individuals who avoid the use of screen locks experienced
a lot of security issues. By locking their cell phones, it means physically
securing one's gadget at storage or office. it will not be on the individual,
in a spot where others would require a key to get to that location. Moreover,
via preparing every one of the workers and resources, announcing the harms and
lost, making advance arrangement of safe stockpiling, that will be conceivable
to shield cell phones from the threat(Raggo,2016).Lastly,University
emails should only be accessed by the users using their mobile data. This will
be secure since it is the same as opening them in the computers within the
network of UMUC
c.Perimeter
Defences.
Requirements
Sound
security stance requires trust in numerous things, for instance, individuals
being accessible, persuaded, alert, lined up with the mission, and technically
updated with regards to unpredictable threatscape.Interruption recognition is
intricate and requires nonstop cautiousness and forward-thinking learning(Kizza & Migga Kizza, 2008).
Perimeter
defenses are essential in dealing with severe problems and provide a viable
solution. General commands are put in place in order to check out the network
address, have a connection, and get separated for various uses. To add on that,
accounts customization is essential as far as perimeter defenses are concerned (Kizza & Migga Kizza, 2008).
The VLANs, IPS, firewalls, and honey pots are the additional network
segmentation that the college needs to consider for strong perimeter defense.
Others would require a key to get to that location.
Proposed
solutions.
It
is a good idea for the college to identify areas of inadequate security and
possible ways to block. In this case, attacks and threats can then be
professionally dealt with — firewalls and systems of anti-blocking need to be
set up for private networks. The use of Visual private networks also and NAT
are favorable for hiding private addresses when the need arises. Some other
protecting anti web protection e.g.,antiphishing software, web content
filtering, and spam filters for gateway emails, are better for use in
eliminating unauthorized access.
As
far as processes and people is concerned in dealing with perimeter defense,
UMUC has to focus on several solutions (Kizza
& Migga Kizza, 2008). To begin with is Hold fast to and
teach the system and network users while keeping up its approaches. Without an
arrangement, there is no arrangement of principles after which to quantify
yourself. Also, the college security group ought to be acquainted with dangers
just as the risk. It is dealing with the fundamental changes in the threatscape
that show up day by day. Remain current on new and developing threats,
including malevolent code, vulnerabilities, and geo-political cyberthreats.
While this will require exertion, it will pay for itself in decreased downtime.
Justification
For
the network to be secure, perimeter defense must be checked into. This because
it is the key to evade surrounding attacks that might arise. The network of the
college is better with windows defender and firewall.Unauthorised access and
spam are efficiently dealt with by the two applications. Hackers or any other
attacks will not be successful in getting into the UMUC system since spoofing
tools, and spam filters are available. The transfer of information from one
device to another either through an infrared, hotspot, or Bluetooth will be safeguarded by perimeter
defense.
D.Network
defense Devices
Requirements.
The
essential destination of hackers is a network of UMUC.In this case, attacks can
be in may forms which calla for the solution. The network vulnerability
identification and defense plan should be critical aspects to consider. The
attack can occur in four ways, dynamic assault, aloof assault, outer assault,
and inside attacks. Additionally, arrange has various levels where the security
coordinator must concentrate on: passage focuses, innate vulnerabilities,
documentation, organize standard. Distributed and texting arae additionally in
charge of once in a while to have virus spread. In this case, the best way is
to phase out all the unused ports. Lastly, it is imperative to add another
layer of optical private network or VLAN.
Proposed
solutions.
The
levels of attack have to be ascertained, and the required approaches are laid
down. To begin with, all possible weak points of entry should be figured out.
Workstations, Wi-Fi networks, and
servers are facing the public as well as personal mobile gadgets. The right
versions of the software should be used to evaluate the system. All the system
resources should be reported with a precise system graph for references. System
gauge can be utilized through system instruments which screens system traffic
and create it graphically(Yaokumah
& Dawson,2019). It is recommendable for UMUC to use
NetFlow tool developed by Cisco for data collection. In the case of the users
who would like to use an IM connection should be able to have a program for
ensuring that private information is not transferred. It should also be guarded
with a firewall. On the off chance that two verification servers should be
matched up, it must be experiencing a typical mutual mystery secret key.For
making the secret phrase, the client must utilize reliable code and maintain a
strategic distance from quickly making guesses on passwords.
Justification.
UMUC
network will be in a critical situation if the defense is not scaled up.
Through the preparation of all the users and workforce appropriately, the
probability of assaults over systems can be diminished. The passage ought to be
engaged and should be requested making an account. By distinguishing every one
of the vulnerabilities, and applying the vital errands, that will be
conceivable to give a reliable protection to the network of the college. If
there is the use of applications, for instance, IM through the tracking system, no confidential
information will leak without the security staff being the activity.
Additionally, through the blocking of apps which are not of importance will
ensure that data is free from viruses. By adhering to these aspects, the
security of the college will be highly protected.
E.Host
defenses.
Requirements
Host
in the network has servers and clients.It helps in ensuring that data is sent
and received as well as applications and services. It does not require switches
or routers due to its nature of IP address which works over multiple layers. Therefore,
there is a need to secure things like host visual machine, cloud, remote, and
the virtual host. Cybersecurity should be the primary focus for UMUC due to
high rate of attacks and breaches that occur from time to time.
Things
that can destroy the host are worms, viruses, and spyware and zombie logic
bombs. Therefore the security of the college needs to find out the solution of
different types of attacks in the host.
Proposed
solutions
The
host has four divisions of layers which are the LAN,ARP and DHCP.The ARP and
DHCP ensure that the local areas network functions over the link-layer
protocol. Due to this, DHCP, in most cases, is attacked maliciously by clients
on the server (Yaokumah
& Dawson,2019).Host impersonation attacks, as well as
denial of service, can easily be experienced by UMUC. It is therefore wise to
practice encryption of messages is used for safety. Shielding of physical
access found in points of entry will help cyber attack for occurring through
virtualization hosts.
It
also imperative for UMUC to make use of host-based firewalls.It provides with a
lot of flexibility. In a cloud setting, moving applications and VMs within
cloud environments is fast while the security policy accompanies it.They are
also enriched with a lot of features e.g., data loss prevention alongside
auditing. These aspects facilitate analysis and notification about risky
activities running in the host.
Justification.
The
defense mechanism to be used for the host must be very detailed and variable.
This is because making use of one approach will not secure the host. Therefore,
starting with DHCP and ARP while checking on other protocols will be useful.
All layers must be scanned for a secure transfer of hosts. The security needs
to concentrate much, on trading point and relocation on a wide range of hosts.
The client servers ought to be followed and checked all occasions. In the wake
of doing every one of these things, the host guard can be fruitful.
References
Baker, P. R., & Benny, D. J. (2016).
The Complete Guide to Physical Security. CRC P.
Fu, Z. (2011). Mitigating Distributed Denial-of-Service
Attacks: Application-Defense and Network-Defense Methods. 2011 Seventh
European Conference on Computer Network Defense. doi:10.1109/ec2nd.2011.18
J. (2015). Industrial Network Security. Network Security,
2015(3), 4.
Kizza, J., & Migga Kizza, F. (2008). Perimeter
Defense; The Firewall. Securing the Information Infrastructure, 209-238.
Raggo, M. T. (2016). Developing Your Mobile Device
Security Strategy. Mobile Data Loss, 37-43.
Yaokumah, W., & Dawson, A. A. (2019).
Network and Data Transfer Security Management in Higher Educational
Institutions. Network Security and Its Impact on Business Strategy,
1-19.
Yu, M., Hiller, M., & Devadas, S. (2015).
Maximum-likelihood decoding of device-specific multi-bit symbols for reliable
key generation. 2015 IEEE International Symposium on Hardware Oriented
Security and Trust (HOST). doi:10.1109/hst.2015.7140233
Comments
Post a Comment