Essay about Information Security

3228 Words Sep 12th, 2013 13 Pages
Portfolio Project
Michael Harker
ITS350-1 Information Systems and Security
Colorado State University Global Campus
Dr. Elliott Lynn

Summary and Explanation of Proposals
In order for ZXY Inc. to make sure that their entire organization is secure, some proposals have been put into place to protect the company. The company needs to make sure that the network, their employee’s, company devices, and communications are secure from the outside world. The proposals that have been put into place cover such areas as: access control methods, authentication, user’s accounts and passwords, cryptography, remote access, network attack mitigation, malware and device vulnerabilities, and web and e-mail attack mitigation. These proposals
…show more content…
Each employee should also be required to set up a password that only they know, that will be used with the username in order to log the user onto the network. In order to make sure that the passwords are safe, each password will be required to be at least eight character's in length, require one upper case letter and one special character such as #, $, %, &, *, etc... After initially setting up the password, there will be account lockout restrictions in place to safeguard against potential attacks. An account lockout threshold of 3 failed log on attempts will be in place, after which the account will be locked out and the employee will need to contact the IT department to have the account unlocked. One step to consider for the future if the company continues to expand is to put account restrictions into place that limit the day and times that employees are allowed to access the network. In order to make sure that all files are encrypted and kept confidential, ZXY Inc. should use asymmetric encryption. Asymmetric encryption “uses two keys that are mathematically related. Both keys when paired together are called the key pair” (Testout, 2013, section 2.4.2, para. 1). Asymmetric encryption uses a public key that is available to all users and a private key that is secret and only known by one user. The benefit to ZXY Inc. by using asymmetric encryption is through the use of the private key. Since only one user knows the

Related Documents