Week1Assignment1

To: YeildMore Senior Management

From: Brett Worrick, IT Manager

Dear Ladies and Gentlemen,

After a thorough review of our computer network here at YeildMore’s , I have prepared a risk management assessment and have identified the following to be potential threats which could directly affect the network. I see the biggest issues arising from remote access to the system as our sales force have access from all across the country. Heightened security measures must be enabled to maintain the safety of the system at all times. Proper care and use of portable devices must be ensured by all sales staff; this includes laptops and cellular phones with email access to the network.

* Unauthorized Remote Assistance……….Through mitigation, we can ensure all portable devices utilize VPN client software compatible with business specific needs, utilize VPN routers or firewalls to complete the secure tunnels for encrypted transmission.

* Stolen portable devices……….Through Avoidance we must have secure locations and storage for all of our portable business devices at all times. If a theft has occurred, apply real-time lockout as soon as theft is reported and encrypt hard drive to secure data.

* Credential attacks via brute force………Through Mitigation, we can tighten access to the system by utilizing credentials which require complex passwords and must be renewed every 30 days upon login as set by parameters in the credential manager.

* Multiple logon attempts……….Through Mitigation, we can set login attempts to 3 fails with lockout requiring administrative assistance upon entry, thus preventing any unwanted intrusions by a potential unauthorized user.

* Credentials stolen……….Through Avoidance, your credentials must be kept secure and never shared with anyone, or written down anywhere to be witnessed by anyone other than yourself. If your credentials have been compromised, apply real-time lockout, encrypt hard drive to secure all data, and deactivate the...