Project #2: Security Strategy Implementation Recommendations for Sifers-Grayson
The report comprises a comprehensive analysis of the cyber security strategies recommended for Sifers-Grayson. The cyber security strategies’ recommendations are integral to enhance the protection of data, information systems, and business continuity. This is a result of a continuing increase in the threat towards information systems in a highly technological business world. As a result of enhanced technological advancements and demand to shift operations online, small and big companies have been prompted to adopt measures that enable them to remain competitive in the market. Cybersecurity has continuously increased the threat level on the information and operations of companies due to the subsequent growth of hackers and other malicious activities used to gain unauthorized information for malevolent intentions. This enhances the chances of data and information compromising putting the operations and functionality of businesses in jeopardy.
The importance of information such as health-related information, personal information details, mobile information, property data, credit card information, social security, among others, but individuals and businesses at risk of blackmail among malicious actions. The need for protection of information online is fundamental to elevate the level of safety and security of digital operations. For Sifers-Grayson, it is fundamental to adopt and implement key defense strategies recommended in this report. The implementation of security strategies focuses on two defense strategies including a) Building a Demilitarized Zone (DMZ) for the R&D Center, and b) Implementing Enterprise-wide Protective and Detective Measures. Therefore, it enhances the protection of the company from both internal and external attacks and threats.
Defense Strategies Overview
Defense Strategy #1: Building a Demilitarized Zone (DMZ) for the R&D Center
The use of a DMZ network is crucial as it separates internal networks from the public which poses and presents the vulnerability of the threat of malicious users to sensitive data. The use of DMZ is focused on protecting internal networks and sensitive data from malicious external threats that intensify the vulnerability points to the information systems (Haseski, 2020). For the DMZ to function effectively, the use of business-type routers, enterprise-class data security firewalls, intrusion detection, as well as, prevention systems is integral to strengthening the security of sensitive data.
Defense Strategy #2: Implementing Enterprise-wide Protective and Detective Measures
The use of Enterprise-wide Protective and Detective Measures are vital to control access to source code, software documentation, and critical information. The discussion analyzes approaches to implementing enterprise-wide identity management and the implementation of either Security Information and Event Management (SIEM) or Unified Threat Management (UTM) tool, as well as, forensic image capture utility. Therefore, it results in ascertaining the maximum protection of the business operations and information systems.
Security Strategies Analysis
In order to attain effectively functioning DMZ, the inclusion of a router, firewall, intrusion detector, and prevention system must be integrated into the system. The utilization of a DMZ in cyber protection operates a subnetwork of the system. The subnetwork functions as an outward-related assistance mechanism that strengthens the system against risky networks. The DMZ develops and attaches an additional layer of protection to the LAN (Local Area Network) of the company (Liggett, 2018). The additional layer of protection provides a secured and monitored interface connection that keeps the LAN safe from external threats. The use of a firewall is significant to ascertain the protection of the firm’s system. Therefore, the additional layer of protection acts as deterrence in detecting, identifying, and preventing a threat on the vulnerability points to the company’s information systems.
The functioning of the DMZ provides continuous monitoring and assessment of the network’s security capacity to identify potential threats. Such is posited through electronic mail, website servers, and DNZ servers (Patel, 2020). With increased hacking activities, the use of DNZ additional layer is vital to continued monitoring and assistance to deter any information breach from the systems. Therefore, DMZ is vital and effective in data protection for the company.
This offers an analysis of how the selected defense strategies are utilized to enhance the security posture of the company in rapidly diverse technological advancement dynamics. This comprises of the analysis between Layered Security and Defense-in-Depth security strategies to provide the maximum protection for the operations and information systems of the company.
The layered security strategy provides optimal protection to sensitive data and information systems of the company through the establishment of different layers to detect and protect the system from external attack. The layered security strategy establishes several layers of protection and in case of failure of rupture of one, there are more layers designed for more complex contexts. The attacks have to surpass different levels of protection making it difficult to penetrate successfully. The layers provide different levels of security such as Host, Perimeter, Network, Application, Data, Physical Security, and Data Defense Levels. The deeper the level the higher the security to the system (Iskandar, Virma & Ahmar, 2019). The layered defense enhances the capacity of the security as attackers penetrate deep-inside the security levels. The deeper security levels are characterized by additional policies and features including monitoring, informing, and emergency acknowledges. Furthermore, forensic investigations and accident reconstruction mechanisms are making layered security a more effective strategy.
The use of a layered security strategy presents extensive protection capacity depending on the need and necessity. Various phases require different levels of protection. The critical company assets such as intellectual property, proprietary, and private knowledge are secured with more sophisticated security levels. The use of software applications such as anti-Virus, anti-Spyware, and anti-Malware are integral to enhancing the network security to the arising concerns and threats on the system. Hence, security is provided based on necessity and sophistication.
The DMZ interface grants assistance to users on the unrestricted internet and connection to the LAN – the internal network. The assistance is provided in the utilization of web servers such as electronic mail, data Transfer Protocol, Internet Protocol, and breaking through proxy servers. The training of the DMZ systems is paramount to enable the system to endure attacks from the hackers and all other attackers of the system. The DMZ web servers play a vital role in the transfer of hackers’ services to the system and flushing them out (Rababah, Zhou & Bader, 2018). Consequently, it enables the system to withstand and endure significant threats to the servers.
The design of a basic DMZ system comprises two firewalls that are critical to the protection of the web serves to host the company’s information systems. The system specifications are used in the development of the DMZ system for multiple facilities that host the web servers for the company. The use of limited network views establishes a personal firewall embedded as part of the DMZ system (Iskandar et al., 2019). The external security is provided through the comparison of the external system with a known internet assistance provider. The user of three layers is applied in private networks through the use of interface material that makes the DMZ system to function effectively.
The functionality of the DMZ system is designed to provide a defense mechanism to both individual systems, as well as, unrestricted internet access. The security layer is enhanced through the use of at least two firewalls that provide the safety of the company and the devices used to access the internet (Patel, 2020). The strengthening of the internet layer is vital to prevent external attacks from attackers and hackers. Subsequently, this is fundamental to provide more sensible business support mechanisms to the operations of the company.
Summary Implementation Recommendations
As I intend to create a network security server by the DMZ system, CISCO will be the preferred choice for all types. The use of CISCO is essential to develop a secure web address that is designed in a way that it combines the panel of protection to the core system. The barriers in the security levels will be designed to be broken through the use of user configuration. The user configuration is integral to strengthen the hardened Internet Protocol number that is utilized to correspond to the subnet. The Internet Protocol number assigned to the DMZ user is different from the Internet Protocol business that is utilized in the LAN firewall layers.