Network Security Policies, Standards, and Practices Report

Verified

Added on 2022/08/13

AI Summary

This report addresses the network security needs of XYZ Company, operating within a shopping mall environment. It begins with an overview of the business and identifies key risks, including network hijacking, malware attacks, and vulnerabilities associated with the use of shared network infrastructure. The report then proposes specific security strategies, such as password protection, controlled access to hyperlinks and emails, and secure file extraction procedures. It also recommends adherence to ISO 27000 series standards and outlines essential security practices, including regular monitoring, data loss prevention, and employee training. The report concludes with recommendations for implementing these policies and practices to protect the company's IT infrastructure from cyber threats, emphasizing the importance of staff training and data backup. The report also emphasizes the need for regular audits and updates to maintain a strong security posture.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: NETWORK AND SECURITY
NETWORK AND SECURITY
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1NETWORK AND SECURITY
Executive Summary
In this digital world, technologies and devices are developing in huge pace. In these recent days,
the use of smart phones and network devices has also increased in the every business sector. In
this report, XYZ Company is recommended with a proper security policies, security standards
and security practices. The security measures will help the ABC Company to strengthen its
network and will also help to provide quality services to the customers. The ABC Company
operates within a shopping mall. The concerned business utilizes the networking set up of the
mall and hence it should strengthen the security policies and other security standards.

2NETWORK AND SECURITY
Table of Contents
Introduction..........................................................................................................................3
Overview of the Business....................................................................................................3
Identification of the Risks....................................................................................................4
Security Strategies...............................................................................................................4
Security Standards...............................................................................................................5
Security Practices.................................................................................................................5
Conclusion...........................................................................................................................6
References............................................................................................................................7

3NETWORK AND SECURITY
Introduction
This report is prepared for identifying the security requirements of a business operating in
the shopping mall of United States. This report will help the concerned business to develop its IT
infrastructure. The technological enhancements and the devices like laptops, smartphones and
Wi-Fi networks are vulnerable to several attacks. As the business have to deal with huge data in
its daily operation, the IT infrastructure should be strongly secured such that an attacker cannot
trigger his or her attack from external environment. The report initially provides a general idea
regarding the chosen business and determined the risks that are associated with the business
(Anand et al., 2013). Strong security policies and practices are also developed in the report such
that the business can secure its IT infrastructure from dangerous cyber-attacks.
Overview of the Business
XYZ business operates from a shopping mall of United States. All network operation of
the business is driven by the network set-up of shopping mall. The business consists of an
official website from where it deals with its stakeholders. Therefore, to conduct every operation,
the business requires to connect with the internet which is provided by the router of the mall.
Multiple devices are connected with the same router.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4NETWORK AND SECURITY
Identification of the Risks
As the business uses the networking set up of the mall, XYZ is vulnerable to multiple
risks.
Risk Device Explanation Impact Probability
Network Hijacking Wireless
Access Nodes
The hackers
invade in the
networks
through the
access nodes
Medium High
Infected Flash
Device
Host System The employees
use flash devices
to infect the
whole network
of the business
High Low
Malware Attack Every
Networking
Devices
Malware attacks
can be triggered
at any point of
time and from
anywhere
(Kahate, 2013).
High Low
Security Strategies
XYZ requires to implement multiple security policies within their working environment.
These policies can help or restrict many attackers from triggering their attacks. Such security
policies are like:
1. Keeping the password protected.
2. Hyperlinks should be accessed after proper approval from the administrator.
3. E-mails from strangers should be acknowledged before the approval from the
administrator (Verbeke, 2013).
4. File Extraction should be done after proper scanning of the malwares and viruses.

5NETWORK AND SECURITY
5. The networking devices should always ask for proper authentication credentials which
will allow the users to access them (Shearing & Johnston, 2013).
Security Standards
ISO 27000 series is applicable for the XYZ business. This series will allow the business
to fight against the strong hackers and will provide zero – day attack to the business. The major
security standards applicable to the chosen business are as follows:
1. Each and every passwords should be of at least 8 characters.
2. The passwords should contain at least one upper case, one lower case, one number and a
special character.
3. The emails of every employees should be produced in such a way that they contain the
user ID and the employee name.
4. The hardware measures such as the VPN, IPsec and WPA should not be configured in the
default manner (Nziko & Scheiner, 2015).
Security Practices
Besides implementing new security policies and standards, XYZ organization should also
ensure that its employees follow few secure practices to maintain secure policies and standards.
Some security practices that can be employed within the XYZ Company are:
1. Regular Monitoring and maintenance of the assets
2. Guarantee avoidance of data loss.
3. Awareness regarding the social engineering attacks (Ur et al., 2016).
4. Timely updating and upgrading of the systems and applications.
5. Performing regular audits to ensure compliance checks.

6NETWORK AND SECURITY
6. Changing the passwords in a regular phase.
7. Proper training of the employees regarding various phishing attacks.
Conclusion
Thus, from the above discussion, it can be said XYZ Company is vulnerable to multiple
threats as it is using the networking set up of the shopping mall. The discussed policies can be
employed in the working environment of the XYZ Company to restrict the attackers from
triggering their attacks on the networking layer. It is recommended to the organization to use and
implement the mentioned practices and standards. It is also recommended that the staffs should
also be trained in a proper manner. The data should be back up because in case of any accident,
the operations are not suspended. The networking devices like the switches, hosts and routers
should be monitored and updated on a regular basis.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7NETWORK AND SECURITY
References
Anand, K., Gai, P., Kapadia, S., Brennan, S., & Willison, M. (2013). A network model of
financial system resilience. Journal of Economic Behavior & Organization, 85, 219-235.
Kahate, A. (2013). Cryptography and network security. Tata McGraw-Hill Education.
Nziko, V. D. P. N., & Scheiner, S. (2015). Intramolecular S··· O chalcogen bond as stabilizing
factor in geometry of substituted phenyl-SF3 molecules. The Journal of organic
chemistry, 80(4), 2356-2363.
Shearing, C. D., & Johnston, L. (2013). Governing security: Explorations of policing and justice.
Routledge.
Ur, B., Bees, J., Segreti, S. M., Bauer, L., Christin, N., & Cranor, L. F. (2016, May). Do users'
perceptions of password security match reality?. In Proceedings of the 2016 CHI Conference on
Human Factors in Computing Systems (pp. 3748-3760).
Verbeke, A. (2013). International business strategy. Cambridge University Press.