The Hardening of a system is vital for today’s operations. With many treats it’s important to do the correct hardening of the system to ensure the integrity and the safety of the data. The results of incorrect security Hardening can be catastrophic and example is “Premera Blue Cross says hackers may have taken up to 11 million customer records. Those records include credit card numbers, Social Security numbers, even information even information about medical problems.” http://www.npr.org/blogs/alltechconsidered/2015/03/18/393868160/premera-blue-cross-cyberattack-exposed-millions-of-customer-records . So because the Hardening at Premera was bad we need to think to what needs to be done about it through proper thinks and planning you can create a Secure and Hardened system. In this paper I will discuss tools to Harden the Information, Systems, and the Network.
Information Information they part that is the most important to protect we harden this through encryption, and backing up the systems data files. How do we encrypt the information to make it protected simply by making plain text into a garble? The Encryption type is called Cryptography which is used to hide the true plain text message. A company will use IPsec which can be setup through the windows server. IPsec Uses two types of protocols to protect the data AH the first mechanism also known “Authentication header provides data authentication, strong integrity, and replay protection to IP datagrams. AH protects the greater part of the IP datagram. As the following illustration shows, AH is inserted between the IP header and the transport header.” http://docs.oracle.com/cd/E23824_01/html/821-1453/ipsec-ov-7.html. The second is called “Encapsulating security pay load (ESP) module provides confidentiality over what the ESP encapsulates. ESP also provides the services that AH provides. However, ESP only provides its protections over the part of the datagram that ESP encapsulates. ESP provides optional authentication services to ensure the integrity of the protected packet. Because ESP uses encryption-enabling technology, a system that provides ESP can be subject to import and export control laws.” http://docs.oracle.com/cd/E23824_01/html/821-1453/ipsec-ov-7.html. With IPsec and the algorithms they have will ensure that the message gets to the destination and will not be tampered with. Another is Bit locker with is more for securing operating systems are turned off, when the devices are back on the firewalls of the OS protect the data through the server IPsec. Another thing IPsec to protect the systems information can use VPN which for employees out of the office can access the data safely and securely through their authentication and authorization keys. Another way to protect the data is to back it up because hard drives can fail and files can become corrupt and then the viruses. By using drive Imaging software you can make a copy or image of the contents of the entire hard drive or partitions. This is in case you to need to re-image a computer because of hard drive failure file corruption or virus. There are two types of backup’s external hard drive or server which in the case of a business it’s important to use another server and do daily and routine backups. Using software like NTI now or Genie back up manger will allow creating the backup drive and files. The other is image software like Norton Ghost or Acronis Truelmage this will allow image snap shots and back up the images before a viruses or system failure. To conclude the information can be guarded through the IPsec and encrypting the messages, it can be backed up through the image software and external hard drive. This leads to the next layer of are Hardening which is the system.
SYSTEMS
To protect we harden the system through Intrusion detection and prevention, patches and upgrades, Monitoring systems and redundancy. The first thing that come to mind
Related Documents: Essay about Hardening Systems Plan
you didn’t already have endpoint security (i.e., virus and malware protection), and hadn’t given your less‐ savvy users at least one round of stern talks about “never opening strange emails.” As a next step, upgrading desktop and laptop operating systems may be the single most effective move you can make to secure your company – not only because an OS upgrade brings online collective security learnings from prior versions, but also because the upgrade process itself tends to simplify and impose…
Multi-Layered Security Plan User Domain: Employees must conform to the staff manual and policies using the Acceptable use Policy(AUP) Organizations may require staff, contractors, or other third parties to sign an agreement to keep information confidential Department manager or human resources manager is in charge of making sure employees sign and follow the AUP HR must do background checks of any candidate for a job with access to sensitive computer information Lack of user Awareness- Conduct…
Security Strategies in Windows Platforms and Applications (J & B Learning Information Systems Se By Michael G. Solomon Security Strategies in Windows Platforms and Applications (J & B Learning Information Systems Se Description: PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! More than 90 percent of individuals, students, educators, businesses, organizations, and governments use Microsoft Windows, which has experienced frequent attacks against its well-publicized…
Graded Assignments STUDENT COPY The following sections contain student copies of the assignments. These must be distributed to students prior to the due dates for the assignments. Online students will have access to these documents in PDF format, which will be available for downloading at any time during the course. Graded Assignment Requirements Assignment Requirements documents provided below must be printed and distributed to students for guidance on completing the assignments and…
This policy document defines the common security requirements for all R.I. personnel and systems that create, maintain, store, access, process or transmit information. This policy also applies to information resources owned by others, such as vendors or contractors of R.I., in cases where R.I. has a legal obligation to protect resources while in R.I. possession. This policy covers all of R.I. network systems which are comprised of various hardware, software, communication equipment and other devices…
of carbohydrate in 10 teaspoons of sugar! One cup of fruit punch and other sugary fruit drinks have about 100 calories (or more) and 30 grams of carbohydrate. Myth: People with diabetes should eat special diabetic foods. Fact: A healthy meal plan for people with diabetes is generally the same as a healthy diet for anyone – low in fat (especially saturated and trans fat), moderate in salt and sugar, with meals based on whole grain foods, vegetables and fruit. Diabetic and "dietetic" foods generally…
are surprised to see that every fuse has been blown. Thinking that you have found the problem, you flip all the fuses and head back to the computer only to find that it still is not working, nor is the radio, the TV, the refrigerator, the security system, or any electronic device in the house. This phenomenon can be explained by only one event: the detonation of an electro-magnetic pulse bomb. An electro-magnetic pulse bomb (EMP) is a non-lethal weapon capable of creating mass destruction and chaos…
Security Plan Chris Wiginton, Jose Rosado ITT Technical Institute, Tampa FL Instructor: Sherman Moody 18 November, 2014 Network Security Plan INTRODUCTION (Purpose and Intent) The Corporation Tech IT Network Security Plan establishes guidelines for IT practices used on a day to day basis to provide a secure and robust computing environment. These practices are used in order to protect the mission, operation, and reputation of Corporation Tech System and its information systems. These system security…
consumer behaviour viewed cognition as the primary activator and dominant modifier in decision making while affect was considered little more than a minor influencing factor on the cognitive process. During the eighties the role played by the affective system gained considerable attention and it is now generally accepted that affect is of equal, if not greater importance than, cognition as a determining factor in how people behave. Affect Affect refers to human emotions, moods, feelings and evaluations…
Some also complain that scar tissue formed around the implants, causing a hardening of the breasts. As a result, the ladies submitted injury legal cases against Dow Corning Corporation and asked payment for dangerous negative effects. Dow Corning has taken the positioning that they were being targeted for careless statements and they were the target of unmanageable legal system. The organization contends that they had tried and tested the products; however they didn't release…