The security consulting firm that you work for has been awarded a contract to implement a new IT Security Infrastructure to secure the Information Technology data assets of a local government agency. This agency has many remote workers that are in the field and need to connect back to the agency’s system servers. The remote workers use a wireless network infrastructure to connect their electronic pads to servers located within the local government’s facility. The remote workers have needs to access property records, cite zoning violations electronically, and validate building permits. The public demand to expand IT services has grown faster than its ability to provide an adequately secured infrastructure. In fact, this government entity was previously featured on the news for having minimal security controls and methods for accessing property tax information of citizens. The inadequate security allowed many construction trade businesses to illegally access property records and zoning violations. Your role in this project is to enhance and optimize the security mechanisms for accessing these systems.
Write a 7 page paper in which you:
1. Create an information flow diagram, using Visio or Dia, which:
a. Illustrates how remote users will securely connect to the government agency’s network.
b. Illustrates the patch of network devices that data packets must travel to get from server to remote user’s device and back to
Note: The graphically depicted solution is not included in the required page length.
2. Provide an equipment list of network security devices that would be needed to ensure the integrity and sensitivity of private information. In this list:
a. Propose 3 vendor brands per each device and the associate costs required to procure these items.
b. Identify the functionality each device serves and the expected benefits the government agency should experience upon the successful installation of this equipment.
3. Develop a maintenance plan that should be recommended to the government agency to ensure having the latest security measures available within the network in which you:
a. Describe the risks associated with not fulfilling the activities outlined within your maintenance plan.
b. Indicate specific activities, personnel / resources required, and frequency of execution.
4. Recommend 5 physical security measures that could be developed to ensure the electronic perimeter of electronic assets.
5. Recommend 3 physical security vendors that could achieve the four (4) security measures you identified. Justify your
recommendations with your response.
6. Evaluate and consider activities that the Human Resources Department could perform in order to complement and instill security from within the organization. Provide a rationale with your response.
7. Use 5 quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
- Include charts or diagrams created in Visio or one of its equivalents such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.
The specific course learning outcomes associated with this assignment are:
- Describe and apply the 14 areas of common practice in the Department of Homeland Security (DHS) Essential Body of Knowledge.
- Describe best practices in cybersecurity.
- Describe system, application, network, and telecommunications security policies and response.
- Evaluate the ethical concerns inherent in cybersecurity and how these concerns affect organizational policies.
- Use technology and information resources to research issues in cybersecurity.
- Write clearly and concisely about topics associated with cybersecurity using proper writing mechanics and technical style conventions.