User - The User Domain is the critical backbone of our network and we must pay close attention to user activity and shape user behavior on our network. I list this as a high priority due to the fact that it is the one that will most likely open up threats on our network from file downloading and surfing the web. My proposal for a solution for this would be to restrict web browsing to only required users. This will allow us to focus our concentration on those users, monitoring for potential network vulnerabilities. I also suggest we implement a basic training course on the proper use of sensitive data and best common computer practices.
Workstation - The Workstation Domain is where we can focus our energy on maintaining a clean network. We should do nightly anti-virus scans which will report any found issues back to the IT Department. This will then allow the IT Department to track down the user responsible for infecting the network and allow us to pursue corrective action.
LAN - For the wired portion of our network, I propose a few solutions that will help secure our network. First we will need to ensure the safety of our equipment from tampering. We should have all switches and sensitive equipment (i.e. Servers and Network Attached Storage (NAS) Devices) in a room that is locked at all times. If available, we can use a card access system to monitor employees that gain access to this portion of our network.
Wireless connections open our network to potential threats. We should do everything possible to limit the number of allowed wireless devices on our network. I suggest that we enforce a policy of a primary and secondary wireless network. This would allow us to give our employees the functions they need while maintaining a secure network. Our primary network will be secured with Wi-Fi Protected Access version 2 (WPA2) and the user of a complex passphrase to prevent brute force attacks. This section of our network will have a limited number of users allowed,...