Network Security

Travis Kelly
15/10/2022
Assignment 6
Capella University

1
Create an enterprise-wide network security plan for an
organization

To make an enterprise-wide network security plan for a small doctors’ office, the process must

be broken down into steps. The first step is establishing an information security team. The team

would be responsible for maintaining day-to-day IT security operations—like managing IT

assets, assessing threats and vulnerabilities, managing risk, ext. The next step would be

managing information assets—such as conducting an inventory of hardware, applications,

databases, and any other IT assets. The third step would be to decide on a standard—such as

HIPAA, IEEE, and ext. The fourth step would be to assess threats, vulnerabilities, and risks.

While this is part of what the security team does, it is part of making sure that the network is

secure. The fifth step is managing risks. This step focuses on avoiding and mitigating risk factors.

The final step is to implement security controls. The purpose of this step is to control and

safeguard the computer hardware, software, and/or firmware.

Describe the most common vulnerabilities, risks, and

Several things can make a network vulnerable and at risk. This section will go over three of the

most common problems and possible solutions for those problems. The first problem is

unknown assets on the network. A lot of business does not have a full list of all their IT assets

that are tied to the network. For obvious reasons, this is a huge problem. If the business does

not know what assets are theirs, then how can it know that its network is secure? The simplest

fix for this issue is to conduct a review of all the devices on the network and identify all of the

various platforms they run. This will allow the business to see all of the different access points

on the network and which ones need a security update.

Another common risk to a network is the abuse of user account privileges. In 2016, the

“Harvard Business Review” concluded that 60% of all attacks were carried out by insiders.
2
These could be honest mistakes—like sending info to the wrong email or losing a work device—

people inside the business represent the biggest security problems. Since these types of threats

come from trusted users and systems, they can be one of the most challenging to identify and

stop. However, there are ways to help minimize the risk. The use of a POLP (principle of least

privilege) can limit the damage of a misused user account. In a POLP, every user’s access to

various systems and databases on the network is restricted. Instead, the user account only has

access to things that the user needs access to perform their job.

The last common security risk that will be mentioned in this section is unpatched security

vulnerabilities. The risk comes from unpatched KNOWN vulnerabilities. Exploits used are

typically found and fixed quickly in most cases. However, the failure of the company to update

its software puts the network at risk. Most attacks occur through old exploits that have not

been updated and patched by the business. The simplest fix to this issue is to maintain a strict

schedule for keeping up with security patches and checking the current versions. Additionally,

making sure that all the devices on the network are running the same OS can help with

mitigating these problems as the list of possible exploits lessen, since all devices run on the

same software.

Describe a plan for standards to protect the users from

harming the network and system, both intentionally

and accidentally. Discuss how these will be enforced

This issue was addressed in the above section with the abuse of user accounts. However, this

section will go into more detail about the solution. A principle of least privilege (POLP) will be

implemented to keep the risk to a minimum. The purpose of a POLP is to enforce users to only

access programs that are directly related to performing their job. Under the PLOP each user is
3
granted permission to read, write or execute only files or resources that are needed to perform

their job—the least amount of privilege necessary. The POLP helps with restricting access rights

For applications, systems, processes, and devices to only those permissions that are authorized

to the user account. The network administrator will provide these permissions based on the job

of each employee. This will help with both intentional and accidental attacks on the network. If

a device is lost or stolen, that device does not have access to the main server of the network

and therefore the information is protected. Additionally, a user cannot accidentally access

something they should not be accessing because they will not have access to any of this type of

information. With fewer people having access to the main server, it the better to help prevent

any attacks on the network.

Include policies that protect the hardware and physical

Data security is one of the most important things to focus on now a day, especially in the

medical field. There are several things that a company can do to help protect this valuable data.

First of all, the doctor’s office should be equipped with CCTV cameras. This is important

because if anyone accessed data via a computer, the CCTV camera should provide video proof

of who it was. Additionally, the doctor officer should implement access controls. This will

include locks that can only be accessed with keycards and or biometrics. Furthermore, the data

server should keep all the hard drives in a locked server that has a special key to unlock the

server to access the hard drives. The server should also be in a room where there is only one

way in or out, and the door is equipped with a lock that requires either biometrics or an access

card to gain access to the room.

4
Identify hardware areas that need to be secured

Securing hardware—as mentioned above—is one of the most important aspects of a doctor’s

office. Patient medical files are highly personal and very important to keep secure. To keep this

type of information secure, there need to be certain things secured. As mentioned above, the

most important device that needs to be protected is the server room. This room should have a

locked door and additional locks on the server hard drives as well. Additionally, the client

computers should have a lock on the case to not allow anyone to access the internal

components of the computer. Furthermore, all the devices—especially those that are wireless

—should be encrypted with a bit locker. This will help prevent unauthorized users to access any

data on those devices in the event, they are lost or misplaced.

Describe steps that will be taken to ensure the security

of the operating systems and network files

Allowing files to be shared over a network makes accessing them by users easy, however, it is

also creating possible attacks on the network easy as well. To help prevent these attacks and to

ensure the security of the data and network files to encrypt the data. Encryption of the data will

help provide additional security if an unauthorized person is trying to access the data—much

like a bit locker. Additionally, there should be regular backups of all the data to prevent any

data loss. To help keep the OS secure, the OS should be regularly updated when updates are

available. As mentioned above, most exploits are performed through areas that are known

weak spots and the company failed to install the patch update(s). Furthermore, each of the

client computers should have an antivirus product on it to help with securing the OS. Lastly, the

use of user accounts and PLOP will help keep the OS secure by making sure no one can access

an area they should not be.

There are several ways a company can send and receive data. To help secure the

The information several different things can be done, depending on the type of information

being sent. For starters, emails and accounts will be encrypted. Additionally, the email itself will

be encrypted when sent, to help secure the data even more. For larger files, the doctor officer

might use an FTP (file transfer protocol). FTP can easily be intercepted. To help prevent this the

use of an SSL certificate—also known as FTPS. FTPS creates a secure connection from the server

to the host to transfer sensitive data.

Apply the concepts from the assigned practice lab

The lab, understand how software as a service (SaaS) works, was assigned for this

Assignment and discussed what SaaS was. SaaS is a software distribution model that third-party

providers’ hospital applications. The way SaaS can apply to this assignment is by applying a SaaS

to the doctor’s office. There are SaaS applications for basic business such as email, customer

relationship management (CRM), financial management, and much more. This is essential to

this assignment because the doctor’s office can essentially use a SaaS system for their basic

applications for their server.