Assume you are part of a corporate-level security team and your organization has just acquired a new company. The new company will have its own information technology team reporting up through the corporate team. The company being acquired is not security-savvy, so a thorough assessment will be required.

The current environment you are asked to assess includes:

· The wireless network running WEP – employees often bring in their own access points because the reception is poor with the company access points.

· No security monitoring or review of security logs

· The data center has about 100 Windows® servers that are patched using Microsoft® Automatic Updates.

· The firewall is a Cisco® PIX®.

· The backup strategy uses Windows® built-in backup application. The backup is then sent to the main server every Friday night.

· The disaster recovery plan is to restore the server from the main backup server.

· There are no security policies or standards.

· Employees often bring in their own laptops to use for work because the company hardware running Windows® 98 is outdated.

Write a 3- to 5-page analysis for the security posture of the newly purchased company, as well as recommendations for upgrading security procedures and measures. Complete the following in your analysis:

· Summarize the risks in the current environment, the framework used, and key risk indicators.

· Evaluate and recommend improvements for the following:

· Wireless environment

· Backup and disaster recovery strategies

· Bringing your own access point and laptop policy

· Vulnerability assessment strategy

· Security and network monitoring

· Recommend hardware and software improvements.

· Recommend security policies and standards that should be written and put into place.

· Recommend an incident response plan that would escalate up through the corporate security team.

Format your analysis according to APA guidelines.

pur-new-sol

Related Questions