In your own words (NOT copy and pasting plagiarism), Thoroughly detail Recommend

Question

In your own words (NOT copy and pasting plagiarism),
Thoroughly detail Recommend Standards for configuration of all devices and servers
also, explain why you choose each recommendation.

Thank You!
Requirements for the person that will be answering the above question.
* Type out responses in Your Own Words!
* Do not write on paper and send a photo.
* NO plagiarism/ NO copy and pasting from outside sources without properly citing your sources.
** FAILURE to adhere to the stated requirements will result in thumbs down and will be reported to Chegg administration. **

You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director of Information Systems and Telecommunications. Your assignment is to assess the security posture of the firm and develop a security structure for this new company. Write your recommendations and reasons to the firm's CEO. The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India and California. Ten accountants will be hired at each site. USA customers' data from the Houston and California offices will be transmitted to the India and Japan offices for the processing of payroll. The results are then sent back to the Firm's USA office in Houston. Currently, only TCP/IP (pubic Internet) is being used. The firm's network is a Windows environment, using CISCO products, with the IPv4 range 211.156.13.0/22. You may create any subnet as needed. Assume no security applications are in place since this is a new company

Explanation / Answer

Answer :

Assessment Overview:

The major risks identified for the Accounting firm are:

Public internet is used on a simple TCP/IP protocol which itself stands as an open invitation to hackers.
The firm has no security policies in place and there is a high risk of hackers stealing data while transmitting it to other offices.
High risk of network intrusion since security applications are not in place.
Windows environment without security applications is prone to viruses, Trojans, worms spyware and other malwares which could make the entire network standstill.
IT Security and Information Management is at its highest risk

Motivation for conducting the security review: The Accounting company is a new one and does not have proper network infrastructure. It also has offices in different countries. Critical data is transmitted to other offices every month and hence it became important to conduct a risk assessment.

Risk summary:

Considering the risks discovered, they must be treated as most critical since the network is vulnerable to the entire public.
Financial and HR information which is a backbone of the firm can be very easily accessed by hackers and other public.
Since network nor security applications are in place, hackers can easily access even the network and all systems of the firm.

Conclusions and reformations:

The entire firm’s data is prone to be stolen unless most of the below actions are taken immediately.

Virtual Private Networks (VPN) must be established with strong firewall policies to secure the transmission of data between offices located in different countries.
Since all systems are in Windows environment, Operating systems must be updated automatically.
Information that is being transmitted between offices must be encrypted.
HIDS (Host-Based Intrusion Detection System), or NIDS (Network Intrusion Detection) must be in place
Cyber security policies must be reviewed and updated on a regular basis detailing about passwords, browsers, anti viruses, spam control, system updates, etc.

Assessment Overview: The major risks identified for the Accounting firm are:

Public internet is used on a simple TCP/IP protocol which itself stands as an open invitation to hackers.
The firm has no security policies in place and there is a high risk of hackers stealing data while transmitting it to other offices.
High risk of network intrusion since security applications are not in place.
Windows environment without security applications is prone to viruses, Trojans, worms spyware and other malwares which could make the entire network standstill.
IT Security and Information Management is at its highest risk

Motivation for conducting the security review: The Accounting company is a new one and does not have proper network infrastructure. It also has offices in different countries. Critical data is transmitted to other offices every month and hence it became important to conduct a risk assessment.

Risk summary:

Considering the risks discovered, they must be treated as most critical since the network is vulnerable to the entire public.
Financial and HR information which is a backbone of the firm can be very easily accessed by hackers and other public.
Since network nor security applications are in place, hackers can easily access even the network and all systems of the firm.

Conclusions and reformations:

The entire firm’s data is prone to be stolen unless most of the below actions are taken immediately.

Virtual Private Networks (VPN) must be established with strong firewall policies to secure the transmission of data between offices located in different countries.
Since all systems are in Windows environment, Operating systems must be updated automatically.
Information that is being transmitted between offices must be encrypted.
HIDS (Host-Based Intrusion Detection System), or NIDS (Network Intrusion Detection) must be in place
Cyber security policies must be reviewed and updated on a regular basis detailing about passwords, browsers, anti viruses, spam control, system updates, etc.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

---