Research Paper on "Enterprise Technical Infrastructure Security Plan"

Research Paper 6 pages (2249 words) Sources: 6

[EXCERPT] . . . .

Enterprise Technical Infrastructure Security Plan

for ABBA Corporation

Information Technology Security: Implementation

The wrong it security plan can cause an enterprise millions of dollars of damages if breached by a number looming threats waiting to steal valuable information and resources from the organization. It is important to plan out a proper design that fits the needs and objectives of the organization, as well as providing it the flexibility and fluidity it needs to adapt to changes in those objectives but also changes in the external environment and its potential threats. This current research explores the contemporary environment for enterprise organizations as a way to evaluate potential security threats and prepare the most effective countermeasures in a fluid and functioning it technical infrastructure security plan.

Table of Contents

Title Page I - Completed

Abstract

Overview

Scope

Customer will complete

Table of Content

Possibility of Attacks

Attack Launches

Countermeasures

Intrusion Detection Systems

Penetration Testing

Vulnerability Assessment

Government Regulations

Security Plan

Summary

Conclusion

References Completed

Overview

The research presented here evaluates both the threats in the modern business environment, but also how to best prepare for them through strong and effective it security infrastructure system. Working enterprise especially puts the organization in danger in regards to various threats, as a reward for stealing organizational data is higher based on the volume being stored in data servers. Based on this evaluation, the research presents a number of clear countermeasures which will prove incredibly effective at helping prevent these threats from getting into the enterprises security system. The two main systems examined are Intrusion Detection System and penetration testing. These two systems adapted in a tailored security plan to help facilitate organizational goals is the ultimate protection and enterprise organization would seek. Additionally, based on unique data quantities, enterprise organizations may also opt into building internal servers into the security infrastructure in order to provide more reliable protection for restricted and other sensitive data. Thus, a combined strategy using external and internal resources is recommended for any enterprise organization looking to design its own it security plan.

Scope

In order to conduct the necessary evaluation needed to make clear assumptions in regards to environmental threats and the best countermeasures, his current research conducted a review of the recent discourse. A number of successful it security plans were examined, with notes taken in regards to their most prominent and efficient features. Additionally, academic research was also included in the scope of this research, to help provide potential future solutions, as well is justified by their particular elements jested for an effective it security plan. From this discourse, the research presented here was able to make clear recommendations in regards to the most important elements of a security enterprise plan for enterprise organizations.

Introduction

Possibility of Attacks

Along with the run-of-the-mill hackers are much more complicated security breaches that implement the newest evolution and technology, often before most security systems have a chance to adapt to them. One of the biggest rage in it today is the use of cloud computing and third-party hosting for data storage and maintenance. Yet, these brand-new and innovative technologies bring with them enormous new threats. According to the research, "data stored in the cloud may be located across the country or overseas," and as such, enterprise organizations can often become victim to breaches in third-party security systems (Quest, 2013). Data within most enterprise organizations is a lucrative opportunity for hackers and it criminals. In many instances very sensitive data, which could be used to access customer resources and funds, if stored by the use of third parties promising the security of the latest implementation of technology. As such, these become major targets themselves, and can often not prevent some of the newest and more complicated security it threats as they become apparent in the network.

Attack Launches

As technological changes begin to advance in a number of countries outside the United States, the threat of hackers is changing dramatically because the nature of the hacker is changing. More and more threats are coming from areas like China or India, where technology education is at an all-time high. China is especially dangerous because of the low level of creative content and copyright laws (Quest, 2013). If details of product designs or plans leaked into the hands of hackers through security breach, there is very little legal ramifications once a product is produced outside of the organization's control elsewhere around China.

Yet, even more dangerous is still the internal threat. In such conditions it is an internal member of the organization which is essentially conducting sabotage and dust putting the entire organization at risk. As such, who accesses what is important dominating factor in most enterprise security plans. A number of effective strategies include a tier of access restrictions in order to be constantly evolving with the staff. This unique and tailored access system can help provide the access that is needed, while not remaining victim to malicious current or former employees.

Countermeasures it is extremely important for contemporary security systems to be multifaceted. Here the research suggests that "a strategic and effective enterprise security architecture of today needs to be based on 'Defense of Depth' which is a concept used to describe layers of defense strategies. The components at each layer work in tandem to provide one cohesive security mechanism" (Arconati, 2002, p 4). This implies the need to generate security plans for the plethora of unique individual elements that act as a single security unit. This allows security systems to prepare for all types of security threats, external, internal, and one based on sheer negligence. The more multifaceted system more flexible and can be, and that more effective.

Intrusion Detection Systems

one of the most successful software strategies is the use of an Intrusion Detection System, also known as an IDS. Essentially, these are software applications that consistently review and monitor the organizational it network in order to uncover potential threats lurking somewhere within the system (Sans Institute, 2011). IDS software has gotten incredibly complex in recent years, being able to help detect malicious threats before they can do as much damage as they intended to. Many IDS systems use very extensive logs that help generate a type of learning system for the design architects of the system to find common and frequent patterns and thus respond to them more thoroughly at a more rapid rate. IDS software sits as a silent observer, monitoring all activities in order to uncover threats hidden as normal business operations. Including IDS within the security plan is absolutely necessary within an enterprise organization.

Penetration Testing

Penetration testing is another major aspect of most successful security plans in the contemporary business environment. Also known as a pentest, these are essentially another security measure which tests network security by pretending to be a threat itself. Through attack simulation, and enterprise organization can determine whether or not its current security system is capable of defending itself against the most recent in dangerous it security threats. Penetration testing helps point out architectural flaws to be worked on, before hackers or other security threats can exploit them to the company's disadvantage. They also help show what is at the greatest risk, therefore directing the future of it security design within the context of the enterprise organization.

Vulnerability Assessment

Enterprise organizations fall victim to a wide number of vulnerabilities that are often exploited by hackers and other security threats. As in the case of all enterprise organizations, the need to protect the massive load of sensitive data makes a strong security it plan necessary to avoid potentially giving up customer information or other details which could lead ultimately to litigation. The organization must protect the sensitive information of its clients and customers (Clotfelter, 2013). Yet, this is hard to do on a massive scale, which enterprise is known for. When there is simply way too much data in a security system that may have been unable to cope with influxes of new entries, they're always threats lurking waiting to take advantage of the it security systems weaknesses. One of enterprise's greatest vulnerability is its need to secure high quantities of data that is constantly changing. This becomes especially difficult in situations where organizations turn to third-party companies to help deal with the massive loads of data. Additionally, the growing use of cloud computing also has its own unique threats in terms of storing and transferring sensitive data (Clotfelter, 2013). Unfortunately, the organization which is hosting the enterprise's data cannot always be counted on to have their own guaranteed security plan. Customers are not going to care whether or not it was you or the third party hosting service that gave up their credit card information, the only care that their data was leaked. Thus, it is important to ensure that this will not occur. One of the best ways to do so is to try to post as much sensitive data in-house as possible. Maintaining "enterprise storage and special storage areas… READ MORE

How to Reference "Enterprise Technical Infrastructure Security Plan" Research Paper in a Bibliography

Related Research Papers:

Enterprise Architecture Term Paper

Enterprise Architecture

New text is in red, sorry for the delay

The Disruptive Innovation of Software-as-a-Service

on Enterprise Application Architectures

Re-aligning the economics of enterprise software, Software-as-a-Service (SaaS) is changing… read more

Term Paper 4 pages (1781 words) Sources: 6 Topic: Business / Corporations / E-commerce

---

Information Technology (IT) Security Implementation Research Proposal

it Security Plan & Implementation

IT Security Plan and Implementation for a Small Corporation

IT Security Proposal Summary

Small corporations often have to deal with many conflicting it and often… read more

Research Proposal 16 pages (5733 words) Sources: 5 Topic: Computers / IT / Internet

---

Security - Agip Kazakhstan North Caspian Operating Term Paper

Security - Agip Kazakhstan North Caspian Operating Company N.V. (Agip KCO)

Agip Kazakhstan North Caspian Operating Company N.V. (Agip KCO) is the single operator of the North Caspian Sea Production… read more

Term Paper 35 pages (14948 words) Sources: 1+ Topic: Business / Corporations / E-commerce

---

Security Self-Assessment Coyote Systems Security Self-Assessment Organization Thesis

Security Self-Assessment

Coyote Systems Security Self-Assessment

Organization Description

The company Coyote Systems develops enterprise software applications for the world's leading manufacturing companies. It has development offices in Chicago, Illinois, throughout… read more

Thesis 7 pages (2030 words) Sources: 1 Topic: Management / Organizations

---

Security Awareness the Weakest Link Case Study

Security Awareness

The weakest link in an organization's security architecture is typically found in the user. This paper explores the concept of developing security awareness in the individual user. In… read more

Case Study 30 pages (8202 words) Sources: 10 Topic: Computers / IT / Internet

---

View 100+ more related papers  >>