Free Paper Sample: Security Infrastructure Design for a Retail Company

The frequency of occurrence of internal and external data leaks in organizations has dramatically increased in recent years. It is essential for every company to protect its data from both external and internal threats for its future prosperity.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Apart from the normal security measures embedded in the Payment Card Industry Data Security Standard (PCI DSS), the company will need to implement more security measures in their external website to keep hackers as well as other external threats. Among the proposed enhancements to the security system of the company's website include:

Authentication System

The company will require a two factor authentication system to secure sensitive company data. These will render stolen credentials meaningless to ill-intending individuals as well as allow the flexibility to develop and accommodate access workflows for all groups (clients, staff as well as suppliers and vendors).

It will also be essential to integrate a Single Sign On system backed up by the strong authentication system. An SSO will play a key role in ensuring minimum exposure to risks while at the same time increasing the ease of accessing the system for authorized personnel.

For the organization's most critical data, a biometric authentication system could be implemented to protect critical information. The levels of access will also need to be well defined for extra security.

An effective authentication system incorporates identification and authorization.

Internal Website Security

Digital Hygiene Training programs - these will be aimed at equipping employees with requisite knowledge to refrain from errors that could expose company data to spam or phishing in their day to day online activity. This can be effected by letting company staff know of the dangers associated with opening emails or atttachments whose source they are nt aware of.

Caution over social media usage - Most hackers often use employee data obtained from social media to gain access to a company,s information system. It is therefore imperative that the company

Upgrades to the external website

These will include: Back up and redundancy, Compliance to PCI regulations, encrypton, DDos protection and firewalls.

Remote Access Solution

For the company's remote access activities, a cloud computing network was proposed. A cloud computing network will allow easy sharing of files across offices in a virtual office setup. The benefits to be accrued include cost benefits and increased flexibility.

VLAN Recommendations

Ensure that management data is separate from user data

Distinguish the native VLAN from user VLAN's

Refrain from using the dynamic auto or dynamic desirable modes in the ports.

Laptop security configuration, Application policy recommendations

Ensure all software is up to date - outdated software is one of the most used weak points in a company's data security system among hackers. Keepng updated software will play a key role in protecting company data from hackers.

Strong passwords for each site and application used - Passwords are the primary security feature for most systems. It is therefore basic knowledge that passwords protecting critical company data be strong and also be kept safe.

Beware of SQL injections - Parameterised queries could go a long way in aiding avoid SQL injectons.

Protections from XSS (Cross-Site Scripting) attacks - A content security policy will be essential in the implementation of this.

Awareness on error messages - Minimize the information provided in error messages to avoid attacks such as cyber injections.