Technical Paper
Autor: viki • July 22, 2012 • Essay • 2,047 Words (9 Pages) • 1,278 Views
Technical Paper
CIS329
6/7/2012
1. User Account Authorization Policies.
There have been unauthorized users on our systems, and we need to tighten up the security policies to stop it. Two user account authorization policies that will be implemented to prevent further breaches of our network are as follows:
a) Password must meet complexity requirements feature will be enabled.
b) Account Lockout Policies feature will be enabled.
2. All Employee Communication Memorandum
Security Department Memorandum 6102012a.
From: Senior Systems Administrator
To: Employees of Conseco Systems Corporation
Due to the recent unauthorized network activity at our company, we are going to implement several procedures to strengthen our ability to prevent persons from accessing our information. Below are some security best practices that we will educate you on and ensure compliance of. We will all do our part to continue to make our company a success.
a) We will evaluate our network and assets to determine if we are vulnerable, and what we can do to reduce these vulnerabilities. All unauthorized software and computers will not be allowed, and re moved.
b) Our network will be tested to evaluate if there is a hole in our firewall and any ports are open, and they will be patched. Microsoft Outlook will be used for local and remote email users.
c) To ensure that our servers and workstations are protected, we shall begin implementation of Windows Security Update Services (WSUS). This will automatically take care of Windows Updates and will be implemented by the IT department next week. Additionally we will install AVG anti-virus full versions on all assets to protect then, as well as the full version of MalareBytes to actively protect these same assets from malicious codes.
d) Our company is going to set up a new security team to monitor our network and ensure compliance of these practices. If you detect questionable activity on our network, your machines, or become infected by a virus or malware, this team will be notified and tasked with removal of the offending software and a re-evaluation of our procedures to prevent further nefarious activities. (Microsoft, 2012)
Your active participation in our security revitalization program will ensure that we will make it more difficult for intruders to penetrate our defenses in the future.
3. IT Department Communication Memorandum
Security Department Memorandum 6102012b.
From: Senior Systems Administrator
...