Organizational Security Proposal : Fiction Private Limited.
VerifiedAdded on 2022/09/05
|8
|1401
|100
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ORGANIZATIONAL SECURITY PROPOSAL
Organizational Security Proposal
Name of the Student
Name of the University
Author Note
Organizational Security Proposal
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ORGANIZATIONAL SECURITY PROPOSAL
Executive Summery
The report is going to be about the security measures of Fiction Private Limited. The
security measures will be taken in order to achieve precautions for the external website of the
company permitting users to browse and purchase widgets securely. Secured remote access is
implemented for the engineering teams using various security steps like two-factor
authentication. Secured intranet website for the employees. Basic firewall rules , secured
laptop configuration of the company laptops and wireless connectivity within the office. This
will result in a highly secured organizational network.
Executive Summery
The report is going to be about the security measures of Fiction Private Limited. The
security measures will be taken in order to achieve precautions for the external website of the
company permitting users to browse and purchase widgets securely. Secured remote access is
implemented for the engineering teams using various security steps like two-factor
authentication. Secured intranet website for the employees. Basic firewall rules , secured
laptop configuration of the company laptops and wireless connectivity within the office. This
will result in a highly secured organizational network.
2ORGANIZATIONAL SECURITY PROPOSAL
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................3
Security Requirements...........................................................................................................3
Benefits..................................................................................................................................4
Functional Requirements.......................................................................................................4
Website...............................................................................................................................4
Secured Remote Access.....................................................................................................5
Firewall Rules....................................................................................................................5
Wireless Coverage.............................................................................................................5
Data Sharing and Broadcasting..........................................................................................6
Laptop Security..................................................................................................................6
Conclusion..................................................................................................................................6
Reference....................................................................................................................................7
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................3
Security Requirements...........................................................................................................3
Benefits..................................................................................................................................4
Functional Requirements.......................................................................................................4
Website...............................................................................................................................4
Secured Remote Access.....................................................................................................5
Firewall Rules....................................................................................................................5
Wireless Coverage.............................................................................................................5
Data Sharing and Broadcasting..........................................................................................6
Laptop Security..................................................................................................................6
Conclusion..................................................................................................................................6
Reference....................................................................................................................................7
3ORGANIZATIONAL SECURITY PROPOSAL
Introduction
Fiction Private Limited is an online retailer for hand-crafted widgets and artisanal
with a small base of 50 employees and increasing. The company is planning to incorporate
security features into their systems. The report is going to be about the security measures that
should be taken in order to prevent any type of privacy leakage of the customer database. It
includes security precautions for the external website of the company permitting users to
browse and purchase widgets securely, secured remote access for the engineering teams,
secured intranet website for the staffs, firewall rules in order to get protection from any
external attackers and unauthorized access, secured laptop configuration of the company
laptops and wireless connectivity within the office.
Discussion
The security measures are to be implemented in the operational parts of the
organizational systems.
Security Requirements
Fiction Private Limited will attain proper security on incorporation of the following:
Authentication of the system
Secured Remote access
Employee specific website security
Retail side website security
Firewall protection
VLAN configuration
Secured wireless connection
Introduction
Fiction Private Limited is an online retailer for hand-crafted widgets and artisanal
with a small base of 50 employees and increasing. The company is planning to incorporate
security features into their systems. The report is going to be about the security measures that
should be taken in order to prevent any type of privacy leakage of the customer database. It
includes security precautions for the external website of the company permitting users to
browse and purchase widgets securely, secured remote access for the engineering teams,
secured intranet website for the staffs, firewall rules in order to get protection from any
external attackers and unauthorized access, secured laptop configuration of the company
laptops and wireless connectivity within the office.
Discussion
The security measures are to be implemented in the operational parts of the
organizational systems.
Security Requirements
Fiction Private Limited will attain proper security on incorporation of the following:
Authentication of the system
Secured Remote access
Employee specific website security
Retail side website security
Firewall protection
VLAN configuration
Secured wireless connection
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4ORGANIZATIONAL SECURITY PROPOSAL
Secured Laptop configuration
Security and privacy policy
Application policy
Invasion discovery and safeguarding the customer database
Benefits
The secured system of the organization will benefit in following ways:
Secured websites – The employee as well as the retailer side of the websites will be
full secured along with the online site transactions (if any).
Secured Remote access for technical personals of the company.
Secured wireless connection coverage for the office employees throughout the office-
working floor.
Secured laptop data.
Functional Requirements
Website
The Organization will be having two types of website -
Internal – only the organizational employees will use this website. In order to use the website,
the employees will need to login to the site using a pin or password. The website will be
encrypted and the session will be valid up to 3 minutes of inactivity for preserving security of
the organization (Patel and Parmar 2014).
External – Customers, while placing an order needs to be in logged-in state. A two-factor
authentication with an OTP (One Time Password) will also be done before final confirmation
of the order placement. Transaction details of the customers will be shared through Virtual
Private Network (VPN) in encrypted format (Venkatraman et al. 2013).
Secured Laptop configuration
Security and privacy policy
Application policy
Invasion discovery and safeguarding the customer database
Benefits
The secured system of the organization will benefit in following ways:
Secured websites – The employee as well as the retailer side of the websites will be
full secured along with the online site transactions (if any).
Secured Remote access for technical personals of the company.
Secured wireless connection coverage for the office employees throughout the office-
working floor.
Secured laptop data.
Functional Requirements
Website
The Organization will be having two types of website -
Internal – only the organizational employees will use this website. In order to use the website,
the employees will need to login to the site using a pin or password. The website will be
encrypted and the session will be valid up to 3 minutes of inactivity for preserving security of
the organization (Patel and Parmar 2014).
External – Customers, while placing an order needs to be in logged-in state. A two-factor
authentication with an OTP (One Time Password) will also be done before final confirmation
of the order placement. Transaction details of the customers will be shared through Virtual
Private Network (VPN) in encrypted format (Venkatraman et al. 2013).
5ORGANIZATIONAL SECURITY PROPOSAL
Secured Remote Access
Secured Remote Access can be obtained by
Using strong passwords for the Desktop that will be shared.
Restricting network access by using firewall, enabling network level authentication.
Limiting the users who can login using remote desktop.
Informing the engineers of the organization to change the listening port for the
Remote Desktop on a fixed Interval of time.
Implementing two-factor authentication for highly sensitive systems.
Firewall Rules
Following firewall rules should be implemented for the internet connection of the employees:
Access to malicious websites should be blocked with admin authentication
Connection via unidentified wireless connection should be blocked in order to prevent
any risk of data loss from official Laptops.
Data transfer to or readability access to any unregistered device (pen drives or hard
drives) should be blocked (Izhar, Shahid and Singh 2013).
Wireless Coverage
The organization will have a wireless coverage throughout the whole working floor.
The wireless connection will have a simple default password in order to prevent people other
than the employees from logging into the network. On Logging in with the password, the
personnel will have to login using an OTP based process, then s/he will get access to the
internet through wireless connection (Dmitrienko et al. 2014). The Organization will
maintain a log file, of who have logged into the network (Wireless Coverage) and which sites
s/he have visited. The Organizational Engineers and heads can access it (the log file) if
needed.
Secured Remote Access
Secured Remote Access can be obtained by
Using strong passwords for the Desktop that will be shared.
Restricting network access by using firewall, enabling network level authentication.
Limiting the users who can login using remote desktop.
Informing the engineers of the organization to change the listening port for the
Remote Desktop on a fixed Interval of time.
Implementing two-factor authentication for highly sensitive systems.
Firewall Rules
Following firewall rules should be implemented for the internet connection of the employees:
Access to malicious websites should be blocked with admin authentication
Connection via unidentified wireless connection should be blocked in order to prevent
any risk of data loss from official Laptops.
Data transfer to or readability access to any unregistered device (pen drives or hard
drives) should be blocked (Izhar, Shahid and Singh 2013).
Wireless Coverage
The organization will have a wireless coverage throughout the whole working floor.
The wireless connection will have a simple default password in order to prevent people other
than the employees from logging into the network. On Logging in with the password, the
personnel will have to login using an OTP based process, then s/he will get access to the
internet through wireless connection (Dmitrienko et al. 2014). The Organization will
maintain a log file, of who have logged into the network (Wireless Coverage) and which sites
s/he have visited. The Organizational Engineers and heads can access it (the log file) if
needed.
6ORGANIZATIONAL SECURITY PROPOSAL
Data Sharing and Broadcasting
The Organization has different departments to perform different tasks; based on their
line of work they need to broadcast or share different confidential data to their team
members. Based on job position, team members can be anywhere in the network. As a result,
the team members are grouped logically, depending of similar work done (like accounting,
sales, shipping, support). They are grouped into separate virtual networks (VLAN) to enable
separate broadcast of each individual group. As a result, secure details of particular group
would not be shared with all the network units (team members) and it will result in reduced
traffic throughout the whole network (Rabie, Aboul-Magd and Mohan 2013).
Laptop Security
IT personnel of the organization will lock the Administrator access of all the Laptops.
The employees will use digital signatures in order to authenticate and get access to all the
contents of the individual assigned laptop (Shoup and O'farrell 2013). If any unauthorized
personnel wants to intrude any system of the Organization, their intrusion will be detected by
the system. It will lock the system to prevent any confidential data loss along with a message
to the Administrators with system ID included in the message.
Conclusion
From the above report, it can be concluded that the organization will achieve a full-
secured network on following the combined basic elements on their websites, remote access,
wireless connectivity and Laptop security. The whole network of the Organization will be
more secure if the organization employs security personals to solely check and validate the
security systems on a monthly basis. It will result in a risk free environment of the
Organizational system.
Data Sharing and Broadcasting
The Organization has different departments to perform different tasks; based on their
line of work they need to broadcast or share different confidential data to their team
members. Based on job position, team members can be anywhere in the network. As a result,
the team members are grouped logically, depending of similar work done (like accounting,
sales, shipping, support). They are grouped into separate virtual networks (VLAN) to enable
separate broadcast of each individual group. As a result, secure details of particular group
would not be shared with all the network units (team members) and it will result in reduced
traffic throughout the whole network (Rabie, Aboul-Magd and Mohan 2013).
Laptop Security
IT personnel of the organization will lock the Administrator access of all the Laptops.
The employees will use digital signatures in order to authenticate and get access to all the
contents of the individual assigned laptop (Shoup and O'farrell 2013). If any unauthorized
personnel wants to intrude any system of the Organization, their intrusion will be detected by
the system. It will lock the system to prevent any confidential data loss along with a message
to the Administrators with system ID included in the message.
Conclusion
From the above report, it can be concluded that the organization will achieve a full-
secured network on following the combined basic elements on their websites, remote access,
wireless connectivity and Laptop security. The whole network of the Organization will be
more secure if the organization employs security personals to solely check and validate the
security systems on a monthly basis. It will result in a risk free environment of the
Organizational system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7ORGANIZATIONAL SECURITY PROPOSAL
Reference
Dmitrienko, A., Liebchen, C., Rossow, C. and Sadeghi, A.R., 2014, March. On the (in)
security of mobile two-factor authentication. In International Conference on Financial
Cryptography and Data Security (pp. 365-383). Springer, Berlin, Heidelberg.
Izhar, M., Shahid, M. and Singh, V.R., 2013. Network Security Issues in Context of RSNA
and Firewall. International Journal of Computer Applications, 82(16).
Makhotin, O. and Pirzadeh, K., Visa International Service Association, 2015. Secure Remote
Payment Transaction Processing Including Consumer Authentication. U.S. Patent
Application 14/493,247.
Patel, P. and Parmar, M., 2014. Improve heuristics for user session identification through web
server log in web usage mining. International journal of computer science and information
technologies, 5(3), pp.3562-3565.
Rabie, S., Aboul-Magd, O. and Mohan, D., Rockstar Consortium US LP, 2013. VLAN
support of differentiated services. U.S. Patent 8,422,500.
Shoup, D.L. and O'farrell, R., Conductiv Software Inc, 2013. Multi-factor mobile transaction
authentication. U.S. Patent Application 13/867,833.
Venkatraman, C., He, J., Mullick, A., Nanjundaswamy, S., Harris, J. and Soni, A., Citrix
Systems Inc, 2013. Systems and methods for application based interception SSI/VPN traffic.
U.S. Patent 8,495,181.
Reference
Dmitrienko, A., Liebchen, C., Rossow, C. and Sadeghi, A.R., 2014, March. On the (in)
security of mobile two-factor authentication. In International Conference on Financial
Cryptography and Data Security (pp. 365-383). Springer, Berlin, Heidelberg.
Izhar, M., Shahid, M. and Singh, V.R., 2013. Network Security Issues in Context of RSNA
and Firewall. International Journal of Computer Applications, 82(16).
Makhotin, O. and Pirzadeh, K., Visa International Service Association, 2015. Secure Remote
Payment Transaction Processing Including Consumer Authentication. U.S. Patent
Application 14/493,247.
Patel, P. and Parmar, M., 2014. Improve heuristics for user session identification through web
server log in web usage mining. International journal of computer science and information
technologies, 5(3), pp.3562-3565.
Rabie, S., Aboul-Magd, O. and Mohan, D., Rockstar Consortium US LP, 2013. VLAN
support of differentiated services. U.S. Patent 8,422,500.
Shoup, D.L. and O'farrell, R., Conductiv Software Inc, 2013. Multi-factor mobile transaction
authentication. U.S. Patent Application 13/867,833.
Venkatraman, C., He, J., Mullick, A., Nanjundaswamy, S., Harris, J. and Soni, A., Citrix
Systems Inc, 2013. Systems and methods for application based interception SSI/VPN traffic.
U.S. Patent 8,495,181.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.