Implementation of Security Plan

Security Strategy and Plan with Recommendation Memo

Benson S. John

Practical Applications in Cybersecurity Management & Policy

UMUC

28th April, 2019

Bank Solutions, Inc

To:	Douglas Smith, CIO
From:	Benson John, CISO
CC:	IT Staff
Date:	28th April, 2019
Re:	Security Plan and Recommendation
Comments:	Bank Solutions Inc had a tremendous growth after its item processing functions were standardized and improved. Since then, the company had extended its serves to 41 small- to mid-size financial organizations. However, this growth did not last for long when the company failed to extend its market presence outside of the Northwestern part of the USA. With this failure and a rapid decline in revenue, the company’s CEO and other top executive members have decided to find the root cause, and have decided to consult with a third-party to perform risk assessment of the company’s information system.

The report from the assessment showed that the company’s IT infrastructure needs a complete upgrade to mitigate critical asset. To regain the company’s reputation and customers trust, the report recommended an investment to implement the recommended mitigations. The main purpose of this memo is to outline a summary of the recommendations to make sure the company complies by federal and state regulations.

Security Strategy and Plan with Recommendation

After a series of Its security assessment, the CISO and security team have been planning and preparing a chronological steps or action recommended by the assessment team. This step-by-step planning is vital to archiving an effective outcome that aligns to our business goals and objectives. The goal of this tactical plan is to implement new technology that will strengthen our information security, mitigate any privacy laps and helps the institution comply by federal and state regulations. concerns of our constituents, and the laws governing the protection of information. This plan will focus on the following strategic areas:

1.Business Continuity plan (BCP)– this is a strategic plan that is implemented to get the system back on track during and after a disaster or interruption of operation. It is a process used to identify critical services or systems and develop suitable contingency plans that will reestablish those services during or after a disaster. IT personnel and system owners should identify their critical asset and assess the risk and impact should those services goes down or unavailable.

2. Risk Management – the company will be implementing NIST Special Publication 800-37, v1. This is Risk Management Framework (RMF) that is a strategic component in the information security program. It helps IT personnel select an appropriate security controls for a system and also offers a procedure that will integrate security and risk management into the system development life cycle. The goal of this framework is to help system owners understand the risks related to their systems and supports their decision-making processes with respect to those risks (Initiative, 2014).

Workforce Training – the greatest asset to information security is people. It is therefore vital to have a well-trained, and qualified team member which is the key to implementing a successive cyber security workforce. Every team member should be train based on his/her job title or responsibilities. The company will be implementing awareness or training programs to explain basic responsibilities for team members especially those members with special and pivotal security responsibilities.

4. Security Standardization – this is a technique that is used to defend and protect information system or cyber environment. The company collects and share customers personal information with third-party, therefore we are responsible to protect this information from illegal access by criminals. We will implement The Federal Information Security Management Act (FISMA) of 2002 (“ODNI Home”, n.d). This NIST document is used as a guideline to help businesses minimize the security risk of information system or data. Security standardization will allow our IT professionals to implement a uniform and unique information system.

Technology Recommendation

Our company is reliance on technology for day-to-day business operations and this has thus elevated the necessity to adequately implement a security measures that will minimize the risk that accompany this technology. This technology will give us the ability to monitor the entire network infrastructure activity which is pivotal in defending our systems from cyber-attacks. This cyber-attack may use different techniques in other to compromise our system and as such, we will deploy a layered security architecture that will greatly minimize the risk to our information system and users. The following detection and prevention system will be deployed in strategic port of entry.

· Network Intrusion Detection System (NIDS)/ Network Intrusion Prevention System (IPS) – the NIDS system will monitor network behavior or patterns and sends out alert to system admin or security personnel on possibly malicious network traffic. The NIPS on the other hand will be configured to detect and defend against signature-based attacks and other specific attacks such as denial of service attacks to name a few. This system will monitor all known standard service port such as Simple Mail Transport Protocol (SMTP) assigned to port 25, Domain Network Services (DNS) assigned to port 53.

NIDS & NIPS Deployment Strategy

Both systems will be configured in-line with the router via two sensors as shown below:

IPS & IDS connected inline

(Kemp, 2005).

The router will act as a defense boundary separating our internal network (LAN) from the public network or a wide area network (WAN). This will be placed on the internal side of the router so that system admin can capture data for analysis and filtering purposes.

Staffing and training

The main challenge of deploying this technology is finding and retaining skilled and qualified staff. This system requires a specialized and skilled system admin or security professional.

Cost Analysis

(“9 Top Intrusion Detection and Prevention Systems”, n.d.).

SolarWinds Backup

The report from the risk assessment showed that backup system has routinely failed due to unknown causes. This failure is not acceptable as it may have devastating consequences on the company operations. The solution to this problem is to invest in Solar Wind backup system. This system is a cloud-based backup service designed to minimized the cost and complexity of backup without sacrificing speed or reliability. With this technology, the system or backup admin can manage all backups from a single dashboard, within an effective and timely manner. The following are some of the great features of the system

· End-to-end security – All backup process is encrypted both at rest and in transit.

· Single management console - a well advanced web-based dashboard displays backup status at a glance and restores with a click of mouse from any location

· Recovery options – this gives you the ability to recover an entire server or an application, or a file/folder.

Return of Investment (ROI)

SolarWinds Backup is an effective, affordable and simplicity and comfort of management as system admin do not need widespread training or certification. In addition, it will save the company a whole lot to buy expensive storage to support backups (“SolarWinds Introduces Cloud-First Backup Service for Physical and Virtual Servers”, n.d.).

Pricing and Availability

This cloud-based backup system is available with annual subscription base pricing that starts at $2,995 and this includes the storage space and backup software. This product is available from the vendor website: https://www.solarwinds.com/company/contact-us

Data Center Technology

The company’s current data center is out dated due to an increased data processing and storage. Our system has been overwhelmed due to large amount data storage. With the virtualization technology, our IT professionals will be able to streamline deployment time with dynamic provisioning and scale down all applications, workloads and control key hardware performance. The Data Center Technology will provide the following solutions:

· Data center security – with the growing data security concerns, this technology has an advanced data security infrastructure that protect and defend our infrastructure from malware, viruses, hackers and other potential threats. This system provides a secure and stable environment.

· Storage networking – produce a custom-build storage network with incredible stability, superior performance, and the elasticity to scale effectively and efficiently.

· Data center management and automation – this plays a critical role in our day-to-day business operation. With a better technology performance, the quicker we are able to provide our products and services to our clients in a timely manner. This automation will create an agile atmosphere for improved performance.

Return of Investment (ROI)

Application networking –create improved user experience and innovation to help you increase ROI from this technology with optimum application networking. In addition, it will eliminate the need to invest in redundant and subsidiary components such as additional data or storage switches just to increase the number of ports (Atlassian, n.d).

Cost Analysis

For budgeting purposes, I got two price invoices from the vendor. Either one of them will be perfectly fine to achieve a maximum and efficient workload distribution.

(Atlassian, n.d).

References:

Initiative, J. T. (2014, June 10). Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. Retrieved from https://csrc.nist.gov/publications/detail/sp/800-37/rev-1/final

ODNI Home. (n.d.). Retrieved from https://www.dni.gov/index.php/who-we-are/organizations/ise/ise-archive/ise-additional-resources/2113-federal-information-security-management-act-of-2002-fisma

Kemp, M. (2005). For whom the bells toll: Effective IDS deployment strategies. Network Security, 2005(5), 16-18. doi:10.1016/s1353-4858(05)70238-5

9 Top Intrusion Detection and Prevention Systems. (n.d.). Retrieved from https://www.esecurityplanet.com/products/top-intrusion-detection-prevention-systems.html#h3csecblade

SolarWinds Introduces Cloud-First Backup Service for Physical and Virtual Servers. (n.d.). Retrieved from https://www.solarwinds.com/company/press-releases/2018-q1/solarwinds-introduces-cloud-first-backup-service

Atlassian. (n.d.). Data Center Licensing. Retrieved from https://www.atlassian.com/licensing/data-center

2