Security Plan

Security Plan

Table of Content

• Introduction …………………………………………………………………..3
  • Purpose ……………………………………………………………….3
  • Target Audience ………………………………………………………4
  • Documentation ………………………………………………………..4
• Enterprise IT Overview
  • Composition of Enterprise set-up……………………………………….4
  • Concept of Intrusion Detection and Prevention Systems ………………4
    • Intrusion Detection Systems ………………………………..5
    • Intrusion Prevention Systems ………………………………5
  • Information Assurance …………………………………………………5
• Plan Development ……………………………………………………………. 6
  • System Maintenance Plan…………………………………7

References …………………………………………………………………………..8

Security Plan

1.0 Introduction

An organization requires security in its management to ensure it survives the market. Security can be in terms of physical security where the organization employs guards, financial security to ensure the finances are managed properly as well as information security against leaks of important cooperate information. To promote any type of security, there is a need to come up with working identity management and later offer training to the working person who will, in turn, implement the plan. Federal Agencies need to ensure that the minimum requirements set by the NIST are met. The policies and information technologies used in this plan need to be easy to learn and the necessary technology resources made accessible to the employees intended to apply them. Documentation of these plans is done in the organization’s system security plan.

• Purpose

This plan aims to come up with policies that are favourable to any organizational set-up to promote a secure working environment. After the framework is developed, a program to train the working personnel involved is outlined. This will help familiarize the employees with the modern technology involved in the plan. Regular revisit of the system security planning is a necessity in every organization to ensure the technology used is up to date. With this, the overall objective of company security will be achieved efficiently.

• Target Audience

The main direct stakeholders in the system security plan process are the system owners, developers and managers, and it is, therefore, crucial that they be familiar with the process. Secondly, the users of this technology and those involved in giving the system requirements are also a target group in the process. The system implementers, architects and engineers are also involved in the planning process. For a daily checkup routine of the process, the system administrators are required.

• Documentation

This document is designed to help the audience familiarize with the process involved in coming up with a functional contingency plan. The organization’s needs are considered with evaluation against the contingency plan based on factors such as risk assessment, the impact of the system, technical considerations

2.0 Enterprise IT infrastructure overview

2.1 Composition of the enterprise IT set-up

To understand the risks involved, it is essential to understand the nature of assets available in an organization. Most internal threats are not malicious and may occur accidentally; for example, an employee may delete an important file unknowingly and may lead to loss of vital organizational information. A company has assets that are resourceful in the running and value of the company. They include:

Hardware: these are tangible commodities in the company. For example, computers, servers, workstations, the facility, other equipment and office supplies.

Software: these are the IT systems used in the organization. They may be commercial software or in-house software depending on the nature of their development.

Data: These are a collection of information relevant to the company, be it the database of essential clients, files and legal documents involving the company.

Human Personnel: these are the employees working towards achieving the company’s objectives. Depending on the hierarchy, each employee has a well-defined task to perform

2.2 Intrusion Prevention and Detection Systems

After identifying the assets that are at risk in the organization, a proper IPS and IDS are developed to detect and prevent potential threats. Malicious agents in the network system are identified, studied and captured. Therefore the IPS and IDS work together in protecting the software assets of a company.

2.2.1 Types of IDS

According to the Network design: Firewall, IDS/ IPS

• Network intrusion detection system that identifies and analyses incoming network traffic
• Host-based IDS that monitors vital files in the OS
• Perimeter IDS physically senses the presence of an intruder within the company’s physical property
• VM based IDS monitors the virtual machines within the company keeping intruders away

2.2.2 Types of IPS

Based on types of intrusion prevention systems,

• Host-based IPS which prevents malicious activities
• Network behaviour analysis which maintains the behaviour of suspicious agents

• Wireless IPS which works to prevents malicious activities in the wireless networks
• Network-based IPS monitor the vulnerability of a network system

2.3 Developing Security

A proper base to deal with the potential risks on the assets is developed. NIST security division provides relevant documentation necessary in risk management. With the help of Federal Department and Special Publication, implementation of these guidelines becomes easy. The Department of Defense is also involved in providing directives on the use of military systems to provide and maintain the protection of an organization’s software system.

2.4 Information Assurance

An assurance from the security plan that the information contained in the company is secure is essential. This ensures that the activities in the company are done without fear. It is also crucial that the measures that ought to be taken in individuals who try to leak or access information illegally are stipulated clearly.

2.5 Security Rules Implementation

The initial step is to identify what assets should be given protection and the degree required since most assets are not equally valuable. Thus multiple layers of security are recommended where various approaches are used. Some of the strategies in an IT protection plan include firewalls at network entry points, passwords for computers requiring user authentication to log in, data encryption and physical lockdown of routers, servers and hubs.

3.0 Plan Development

This objective of this plan is to help a reader understand a system security plan. It is vital to note that the system protection plan is likely to change drastically concerning technological advances and personnel recruitment to ensure top security. The program should contain the following information:

• Name of system
• Category
• Owner of the system
• Authorization official
• Security responsibility
• Status of operation
• Governing laws
• Security control selection including the minimum requirements
• Information type and purpose
• Environment and interconnections
• Dates of completion and approval

3.1 System Maintenance Plan

As the IT changes, some of the critical aspects of the security plan that need regular revision include;

• Information on the owner of the system
• Representative in the security sector
• The architecture of the system
• Status
• Addition or emission of system interconnections
• The scope
• Authorizing official
• Status of accreditation and certification

References

Agrawal, S. C., Wimer, S. M., & Young, J. H. (2012). U.S. Patent No. 8,108,929. Washington, DC: U.S. Patent and Trademark Office.

Buer, M. L., & McDaniel, S. S. (2015). U.S. Patent No. 9,015,467. Washington, DC: U.S. Patent and Trademark Office.

Kang, A. N., Barolli, L., Park, J. H., & Jeong, Y. S. (2014). A strengthening plan for enterprise information security based on cloud computing. Cluster computing, 17(3), 703-710.

Xing, T., Huang, D., Xu, L., Chung, C. J., & Khatkar, P. (2013, March). Snortflow: A OpenFlow-based intrusion prevention system in a cloud environment. In 2013 other GENI research and educational experiment workshop (pp. 89-92). IEEE.