In this project, you will design a new network infrastructure for a five-hundred

Question

In this project, you will design a new network infrastructure for a five-hundred-employee law firm. The design of the network should incorporate several elements that demonstrate a defense in depth architecture.
The design of the network should incorporate protection against the following threats:
>Malicious software
>Phishing
>Spam
>Leakage of intellectual property
>Non-company-owned devices on the internal network (“bring your own device,” or BYOD)
>Rogue access points
For each type of threat, indicate the control or features in the architecture that reduces or eliminate the threat.
This project is not so much about network technology as it is about the concept of defense in depth. Do now worry about whether you have incorporated the latest or the most precisely correct technologies in
In this project, you will design a new network infrastructure for a five-hundred-employee law firm. The design of the network should incorporate several elements that demonstrate a defense in depth architecture.
The design of the network should incorporate protection against the following threats:
>Malicious software
>Phishing
>Spam
>Leakage of intellectual property
>Non-company-owned devices on the internal network (“bring your own device,” or BYOD)
>Rogue access points
For each type of threat, indicate the control or features in the architecture that reduces or eliminate the threat.
This project is not so much about network technology as it is about the concept of defense in depth. Do now worry about whether you have incorporated the latest or the most precisely correct technologies in
In this project, you will design a new network infrastructure for a five-hundred-employee law firm. The design of the network should incorporate several elements that demonstrate a defense in depth architecture.
The design of the network should incorporate protection against the following threats:
>Malicious software
>Phishing
>Spam
>Leakage of intellectual property
>Non-company-owned devices on the internal network (“bring your own device,” or BYOD)
>Rogue access points
For each type of threat, indicate the control or features in the architecture that reduces or eliminate the threat.
This project is not so much about network technology as it is about the concept of defense in depth. Do now worry about whether you have incorporated the latest or the most precisely correct technologies in

Explanation / Answer

The design of the network should incorporate protection against the following threats:

1. Malicious software -

Keep Your Anti-Virus Software Up to Date. - Having protection software is the first step; maintaining it is the second. Free anti-virus software is better than nothing, but keep in mind that it’s not the best solution. Microsoft does provide a security package for “free.” It’s free in that if you have Windows on your machine, you are granted access, but you did pay for your Windows license. Many users aren’t aware of this program, but it’s actually decent protection.

Run Regularly Scheduled Scans with Your Anti-Virus Software - This too may seem like a no-brainer, but many of us forget to do this. Set up your software of choice to run at regular intervals. Once a week is preferred, but do not wait much longer between scans. It’s difficult to work on your computer while your anti-virus software is running. One solution is to run the software at night when you aren’t using your computer. However, we often turn off our computers at night, and so the scan never runs. Set your anti-virus software to run on a specific night, and always leave your computer running on that day. Make sure it doesn’t shut off automatically or go into hibernation mode.

2. Phishing

3. Spam

4. Leakage of intellectual property

5. Non-company-owned devices on the internal network - BYOD is the practice of allowing employees to use their own computers, smartphones, and other devices for work purposes.

Have a policy in place - Ignoring the fact that employees will use personal devices for work purposes won’t stop them doing it, with the ubiquity of smartphones and tablets meaning that, regardless of company policy, the chances of an employee wanting to access their work email, at the very least, from a device of their own are high.

Know the devices employees are using - Oblige employees to register any personal devices they may be using for work-related activity with the company’s IT department. Prompt employees to keep this list updated so that if they sell on or stop using a device any permissions that may have been granted to it can be revoked, and any company-related data deleted.

Remind employees to enable 2FA - Two-factor authentication (2FA) should certainly be required to access any sensitive company data or information, but a company should also remind its employees to enable 2FA on any personal apps or online accounts they have where it is available. This reduces the chances of a hacker successfully gaining access to something like a personal email account that may result in them obtaining information that could allow them to access the individual’s work device or accounts, and subsequently the company network.

Require access by VPN - One of the easiest ways for hackers to spy on individuals’ internet activity, and potentially harvest information from them, is when people use unsecured Wi-Fi networks in places like hotels, airports and coffee shops. One way to ensure that employees don’t potentially reveal sensitive company information while using these unsecured networks is to require that they access certain company services via a virtual private network (VPN). A VPN offers a secure, encrypted connection, keeping the information you send online safe from prying eyes.

Enforce password protection - Require that employees secure their devices with a password-protected screen lock when they are not in use, in order to prevent anyone from snooping on an employee’s device.

Install mobile device management software - Mobile device management (MDM) software allows a company to secure its data when a device is lost, stolen, or improperly passed on to a new owner. Generally, a device owner must authorize MDM, and through it grant a number of permissions to the company’s IT department. MDM software allows IT departments to remotely wipe the device of any company-related activity, and some MDM software can even allow the IT department to reset the device to factory settings or wipe its hard drive entirely. The permissions and capabilities of a company’s MDM software should be clearly outlined to employees before they are asked to grant it permissions.

Please let me know in case of any clarifications required. Thanks!

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.