I. Analysis and Planning
A. Vulnerability Assessment
Requirements
The security and availability of the school network plays a huge role in the success of those who attend it. In order to provide a secure network environment for the betterment of the students and faculty a vulnerability assessment needs to take place. This vulnerability assessment is used to find where the weaknesses are in a network in order to assist in the protection of the network.
Proposed Solution
I have researched different vulnerability scanners to find out which will meet our needs for the vulnerability assessment. Weaknesses that he scanner will be looking for will be unused online ports, any applications that need to be used, critical patches necessary, any default passwords, and any misconfigured items. There are options for both free vulnerability scanners and ones which need to be paid for. I propose the use of Microsoft Baseline Security Analyzer or MBSA in order to find the issues with the current network configuration.
Justification
I chose MBSA because it gives an in depth security analysis. MBSA, because it has to be activated on each computer revealing their vulnerabilities, is most useful in a setting such as this where there are not thousands of computers. This way we get an in depth understanding of the vulnerabilities. Another advantage is that due to being created by Microsoft there are many resources that can be used to find out how best to utilize the scanner.
B. Security Policy
Requirements
Security policies for networks define the policies required to secure the network. A security policy can be split into four parts regulations, procedures, baselines, and guidelines. A security policy needs to take into account network devices, data loss prevention, software on the network, and most importantly employee background checks and user education on security policies.
Proposed Solution
Network security policies should start with user education on security policy and employee background checks. Before employment employees should be screened to make sure there is not a history of bad behavior and in the onboarding process they should be educated on the policies of what they can and cannot do on the network. Make sure that these very same users only have access to what they need to access, use the concept of least privilege to only give people the minimum privileges to do their job. Students should not have access to the teachers grading application and teachers do not need to be able to log into the network equipment. Unused ports should also be turned off as they present a security risk that can be avoided. And unnecessary programs should not be allowed to be added onto the computers.
Justification
The reason for these policies is that unused portions of the network and unneeded programs open up holes in the defense of the network that are unnecessary as those items are not needed for people to complete their duties. This is the same reason for implementing the principle of least privilege as unnecessary privileges lead to unnecessary risk if that user either gets hacked or decides to damage the network.
C. Risk Management
Requirements
Risk management is the process of securing the network in such a way that if an attack occurred there would be minimal damage to the network. There needs to be a recovery process for what to do after an attack. Things to take into account are assets, loss, threat probability, threat vectors, countermeasures put in place, and risk management. There needs to be an identification of the value of assets within the network and a threat prioritization so that risk management can decide what needs to be done to reduce the amount of damage from an attack.
Proposed Solutions
Analysis of all of the assets on the network needs to be taken place. In addition computer backups need to be in place in the case of the loss of data so that recovery can occur. One must find the vectors of attack that can be used and must decide whether it is worth keeping certain items such as specific programs that have these vulnerabilities in them. Threat probability can be estimated to decide if something is worth the risk to keep on the network.
Justification
This is all necessary in order to manage the risk on a network as the only way to be completely safe is to cut off the network completely in which case it is useless. Threats will be present and attacks will occur but if the risk is managed well the damage to the availability of the network and loss of resources will be minimal.
D. Business Continuity Plan
Requirements
The Business Continuity Plan is put in place to make sure that the business is restored to its usual operation in as little time as possible after an attack. A BCP has five steps analysis, solution design, implementation, testing organizational acceptance, and maintenance. A BCP indentifies and prioritizes critical functions, calculates time for recovery from an attack, and identifies how to recover damaged assets.
Proposed Solutions
A business impact analysis needs to be put in place in order to analyze threats to assets, find mission critical functions and systems, and finds the maximum down time that the business can survive caused by an attack. The BCP also needs a disaster recovery plan that plans how to resume normal use of applications and data, plans to change to alternate processing sites in a disaster, and plans how to convert the original site back after the disaster is over.
Justification
Plans such as the BCP can help determine what needs to be done before and after a disaster that causes loss of assets and data. The BCP will have short term recovery plans to allow for business to continue temporarily and has plans on how to fully restore original operations after the disaster is over.
E. Access Controls
Requirements
Access controls need to be used in order to keep users from accessing items which they do not need to access or should not access. Users can cause a lot of damage accidentally or on purpose by misusing portions of the network. A proper set of access controls is necessary in order to keep the network safe.
Proposed Solutions
Access controls to implement are things like the principle of least privilege that was mentioned above. Users do not need to have access to portions of the network that they do not use for their job. Separation of duties works well with this principle because it means that there are only specific people who have the privileges to do each job, this way if one person is compromised and hacked there is only a limited amount that the hacker can do with that persons privileges. Job rotation should also be used so that people can be rotated through each job in order to provide more oversight if someone is doing something malicious.
Justification
These items are required in order to make sure that the least amount of damage is done to the network in the case of a rogue user or in the case a hacker is impersonating one of those users. Access controls keep the damage contained so that the network can be more easily brought back to normal operation after an attack and makes sure that no one person can bring down the entire network.