Computer Systems Security Foundations CS651

TechSolutions Network Extension Project

Maria Thomas

May 17, 2024

Table of Contents Introduction to Information Security (Week 1) 3 Organization Description: TechSolutions 3 The Need for Information Security 3 Potential Issues and Risks 4 Project’s Benefits 4 Challenges with On-Site Consultants 4 Post-IPO Challenges 5 IP Security Assessment (Week 2) 5 A Description of Typical Assets 5 Risk Assessment 6 Risks that the New Consultant Network Will Create 6 Testing for Risk and Security Assessment 7 Risk Mitigation 8 Access Controls and Security Mechanisms (Week 3) 9 Access Control Mechanisms Needed for Applications and Systems 9  Network infrastructure 9  Computers and Workstations. 9  Mail Server 10  Intranet Resources 10 Access Control Measures For Protecting the New Expanded Network 10 Network Segmentation 10 Network Access Control Policies 11 Encryption 11 Discussion and Applicability of Single Sign-On (SSO) and Virtual Private Network (VPN) Technology 12 Single Sign-On (SSO) 12 Virtual Private Network (VPN) 12 References 14

TechSolutions is a rapidly growing cybersecurity consulting company. The company identifies threats to the networks and computer systems of organizations, assesses risk, evaluates security issues, and implements solutions to protect against such threats. When assessing security systems, TechSolutions considers numerous aspects and designs multiple levels of protection in a rapidly evolving IT environment. Following a recent successful Initial Public Offering (IPO), the company has attracted significant interest from investors and stakeholders, resulting in a substantial increase in its customer base and revenue. In addition, TechSolutions has additional regulatory requirements due to IPO.

TechSolutions staff meets with representatives from organizations to gather systems requirements and then return to TechSolutions premises to develop solutions. However, the company's network is limited to its premises, which is a significant problem. To perform effectively, the consulting staff requires a network solution that enables secure connection from various locations, facilitating interaction with other consultants.

TechSolutions is responsible for the management of confidential client data, which comprises personally identifiable information (PII), financial records, and proprietary business information. Therefore, it is critical to provide strong information security protocols in order to preserve client trust, adhere to regulatory standards, and protect the organization's reputation. Inadequate data security measures may result in the compromise or unauthorized access of critical information, thereby compromising client satisfaction and causing damage to the company’s reputation.

Data breach is a significant risk. The ramifications of a data breach have far-reaching and profound impacts. These breaches have evolved from simple cyber security problems into instances of substantial financial losses, reputation damage, legal issues, and regulatory penalties (Alias, 2019). Although there is an increased focus on data security, hackers persistently discover novel methods to bypass defences and obtain vital corporate data and passwords. Hackers are employing every conceivable strategy to compromise, expose, and profit from confidential data, whether it is through malicious software, adept social engineering strategies, or third-party supply chain cyber assaults. Apart from data breaches, expanding the network infrastructure to accommodate on-site consultants introduces additional vulnerabilities, such as the potential for exposure to malware or cyber-attacks and unauthorized access to internal systems.

By expanding the network’s infrastructure, TechSolutions will significantly improve the efficiency of its operations. Consultants will be able to work seamlessly onsite. Besides, the network will facilitate real-time collaboration among staff. This will substantially enhance productivity and client satisfaction. Furthermore, the company will benefit by having an edge over its competitors. TechSolutions will be able to attract clients who emphasize data security and confidentiality.

Ensuring secure access for consultants working on-site while also limiting unauthorized access to critical data presents a challenge. Secure access pertains to a set of security measures or solutions that aim to prevent unauthorized entry into an organization's digital resources and safeguard sensitive information from being compromised (Whitman & Mattord, 2019). The dynamic and evolving nature of security risks has rendered safe access an indispensable component of the present-day IT environment (Whitman & Mattord, 2019). Another challenge is network segmentation. This refers to preventing data leakage and unauthorized access by isolating client data from internal systems.

As a result of the recent IPO, TechSolutions is subject to increased regulatory scrutiny and is required to show adherence to industry standards and financial rules. This imposes further administrative and compliance responsibilities on the company. In addition, TechSolutions must now conduct its operations in accordance with investor expectations.

TechSolutions has an array of typical assets essential for its operations. The network infrastructure, which consists of routers, switches, firewalls, and additional networking devices, serves as the fundamental support system for TechSolutions' activities by enabling communication and the exchange of data. The organization also has computers and workstations. Computers are utilized by employees in the course of their daily activities. They contain confidential data and necessitate endpoint security protocols. While these devices are critical for facilitating staff collaboration and productivity, they also serve as potential points of entry for security threats. Mail server is also a crucial asset of the organization. With the dual purpose of safeguarding the internal network and enabling external email delivery, the mail server is situated within the demilitarized zone (DMZ) and is tasked with coordinating email correspondence within the organization. Additionally, TechSolutions has intranet resources. Company resources and applications, including internal systems and applications, are hosted on the same network as staff desktops within the flat network of the corporate site.

Without network segregation, TechSolutions is exposed to several risks. The first risk is data breaches. In a flat network, the lack of segmentation increases cybersecurity vulnerabilities. In the event that hackers successfully infiltrate a specific part of the network, they have the ability to effortlessly navigate to other parts, potentially leading to extensive security breaches (Jaeger, 2018). Segmenting network into subnetworks enhances the capacity to limit cyber threats and manage network traffic with greater efficiency. The second risk is insider threats. Insider threats refer to cybersecurity risks that emanate from authorized users, including contractors, business partners, and employees (Jaeger, 2018). These individuals may intentionally or unintentionally exploit their authorized access or enable cybercriminals to compromise their accounts. An unsegmented network is characterized by a flat internal structure that facilitates user movement across resources. An attacker may exploit this structure as well. However, segmenting a network establishes internal barriers alongside external ones (Lundgren & Möller, 2019). The third risk is malware attack. In the absence of network segmentation, there is a lack of clearly defined security boundaries between various network domains, including user, production, and critical system networks. Network segmentation is crucial for mitigating malware because it limits the extent and consequences of a malware attack.

Wireless technology enables a computer to connect to a wireless local area network (WLAN) using "access points" that transmit radio waves, eliminating the need for cables or wires. This enables several users to utilize the same Wi-Fi access point or 'hotspot' within a specific range. Although mobile Internet connectivity is beneficial for businesses, it also presents security concerns and the possibility of illegal activities. Unsecured Wi-Fi networks can be accessed and intercepted by unauthorized individuals, who can then steal, alter, or delete the transmitted data (Jaeger, 2018). The unsecured connection can also be utilized for illegal or undesired activities. “Hitchhiking”, "Wi-Fi mooching," "piggybacking," and "joyriding" are all common risks associated with an unsecured Wi-Fi connection. These several terms refer to the same practice of obtaining wireless Internet connectivity without the consent or awareness of the subscriber. In addition, excessive user logins can greatly impede the speed of Internet access for subscribers (Jaeger, 2018).

Wireless security assessment is an essential procedure that TechSolutions will undertake to guarantee the authenticity and privacy of its wireless networks and data. In the current era of widespread wireless communication, it is crucial to emphasize the significance of strong security measures. The wireless security assessment will aim to identify all access points and evaluate their vulnerabilities (Bergström et al., 2019). The assessment will also evaluate the strength of the network’s encryption security and user authentication.

In order to mitigate the identified risks, TechSolutions will put into effect a comprehensive array of measures specifically designed to tackle each category of risk. The first measure is network segmentation. Network segmentation is a network security strategy that involves dividing a network into smaller, separate sub-networks. This allows network teams to isolate and protect each sub-network individually by implementing specific security measures and services (Jaeger, 2018). Another measure is to employ access control. Access control is a critical component of security that dictates the individuals who can access data and conditions under which specific data, applications, and resources can be accessed. Encryption is another crucial security measure. Encrypting Techsolution’s wireless data ensures that unauthorized individuals who may gain access to the organization’s network are unable to view it (Jaeger, 2018). In addition, employee training will be conducted in an effort to protect against risks. The organization will implement consistent security awareness training for workers and consultants to educate them on security protocols, rules, and procedures in order to minimize human errors and proactively prevent security incidents.

The applications and systems described in individual project two require access control mechanisms. The following is a description of the requirements for each:

TechSolutions should segment the new consultant network from internal systems using firewalls and VLANs to prevent unauthorized access to sensitive resources. Today's increasingly linked world has made network security a top obligation for businesses of all sizes. Network segmentation is a key component of network security. Network segmentation is an architecture that separates a network into smaller portions, known as subnets (Tourani et al., 2017). Each network segment serves as its own network, giving security teams more control over the traffic that enters their systems. Network segmentation will allow TechSolutions to protect unauthorized parties from accessing its most important assets, such as customer data, financial information, and intellectual property (IP). These assets are frequently spread throughout enterprises' hybrid and multi-cloud infrastructures, making it critical to safeguard all sites against intrusions (Tourani et al., 2017).

A network access control policy, often known as a NAC policy, is a collection of principles and regulations that manage device authentication and access when they try to connect to a computer network. It describes the requirements that devices and users must fulfill in order to be granted access and usage of network resources. A network access control policy's main goal is to improve network security by limiting the number of devices that may connect—only those that are compliant and approved (Tourani et al., 2017). It aids in defending against security risks such as malware infections, data breaches, and illegal access. TechSolutions may employ network control policy components such as device profiling, authentication and verification, and Access Control Lists (ACLs)

TechSolutions should implement encryption protocols for secure communication between the new network and internal systems. Network encryption is a means of securing data that flows via a network, both internally within a corporation and externally via the internet (Tourani et al., 2017). This is accomplished by transforming readable data to unreadable data. This information can only be rendered readable in the form of a decryption key. The primary goal of network encryption is to avoid illegal access to data as it travels over the network. It is critical to prevent sensitive data from being intercepted during transmission. TechSolutions can employ methods such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). These protocols encrypt data and aid in the authentication of servers or clients, providing an additional layer of protection.

A virtual private network (VPN) is an encrypted Internet connection between a device and a network. The encrypted connection ensures that confidential information is safely sent (Dastres & Soori, 2021). It avoids illegal eavesdropping on traffic and enables the user to operate remotely. A virtual private network (VPN) extends a business network via secured Internet connections, making it a proper solution for TechSolutions. Traffic stays private as it travels because it is encrypted between the device and the network. An employee can safely access the company network while working remotely.

Alias, R. A. (2019). Information security policy compliance: Systematic literature review.  Procedia Computer Science,  161, 1216-1224.

Bergström, E., Lundgren, M., & Ericson, Å. (2019). Revisiting information security risk management challenges: a practice perspective.  Information & Computer Security,  27(3), 358-372.

Jaeger, L. (2018). Information security awareness: literature review and integrative framework.

Savant, V. B., & Kasar, R. D. (2021). A review on network security and cryptography.  Research Journal of Engineering and Technology,  12(4), 110-114.

Tourani, R., Misra, S., Mick, T., & Panwar, G. (2017). Security, privacy, and access control in information-centric networking: A survey.  IEEE communications surveys & tutorials,  20(1), 566-600.

Whitman, M. E., & Mattord, H. J. (2019).  Management of information security. Cengage Learning.

Wolf, W., White, G. B., Fisch, E. A., Crago, S. P., Pooch, U. W., McMahon, J. O., … & Lebak, J. M. (2017).  Computer system and network security. CRC press.

2