1 / 3100%
WK 6: Assignment - International Plastics, Inc. Infrastructure
Due Date: 06/29/21
Security plan is a comprehensive outline of how an organization addresses and implements
information assurance. The specification of the steps, policies and practices that are to be
followed to protect information need would normally be adopted as official policies of the
With the new technologies integrated into the system, it is important to have a proper security
system plan in order to protect sensitive information and data of the company. The general
purpose of security system plan is to improve the overall business and build a successful
Network infrastructure devices are ideal targets for malicious cyber attacks. Hardware that is
compromised will affect the overall network performance, the confidentiality, integrity along
with the access of the network access. The implementation of hardware in the infrastructure to
help with security would be to start by validating all serial numbers on device regularly, need to
monitor devices. We need to segment and segregate the networks and functions to prevent
intruders from propagating exploits and moving laterally around the network. We have routers or
layer 3 switches to divide a large network into separate smaller networks to restrict traffic flow
using measures such as access control lines. We can utilize virtualized networking and routing
protocols, including VLAN and Virtual Routing and Forwarding to segment the network, user
and service authentication and authorization, including multi-factor authentication and policy-
based access, controls to enforce least privilege, content filtering techniques including recursive
decomposition, validation, verification and sanitization to comprehensively assure network and
application traffic flows.
Software enables the hardware itself to perform the given task of the users. It can be used as
application development, application integration and middleware. Installation of HIDS (Host-
Based Intrusion Detection System) that analyzes for malicious activities or policy violations and
forward a report to the management department, installation of up-to-date anti-virus that will be
configured to automatically scan all documents and files, implementation of strong password
policy and as well as 2FA with a function to lock the user account after 5 unsuccessful attempts
in which help desk will be notified and acted upon, implementation of SNMP ( Simple Network
Management Protocol) will be effective and important to the security concerns of the company.
Data security protects data from intentional or accidental destruction, modification or disclosure.
It can be applied using a range of techniques and technologies including administrative controls,
physical security, logical controls, organizational standards and other techniques that limit access
to unauthorized users. Data encryption applies a code to every individual piece of data and will
limit access without an authorized key, data masking can help protect information from
disclosure to external malicious and internal personnel source by masking specific areas of data,
data erasure which erases data that is no longer active or needs to be erased from the system, data
resilience which creates backup copies of data and can be recovered if the data is lost or
corrupted or stolen can be used to protect company’s data. We also need to act according to data
security compliance and standards that affect our company.
Implementing the technology for monitoring IT operations vendors can differ in terms of system
monitoring being used. Each monitoring domains have different objectives, tools, processes
which collect and analyze various datasets. ITIM (IT Infrastructure Monitoring) focuses on
understanding the availability of the elements that make up the infrastructure, NPMD (Network
Performance Monitoring and Diagnostics) provides historical, real-time and predictive views
into the availability and performance of the network and the application traffic running on it,
APM (Application Performance Monitoring) observes the performance and availability of
software applications to maintain an expected level of service.
The final recommendation for the International Plastics, Inc. is to provide proper training to all
employees to cope up with new changes in technology and understand them about the new
security concerns regarding data breach. It is also important to provide update and evaluated all
security plans annually to avoid any future risk.
Course Hero().https://www.coursehero.com
Students also viewed