Describe your technical recommendations to address the security requirements in the overall technical design of the ABC Healthcare network
The detailed response below includes both internal and external aspects of security requirements. It includes both ‘untrusted’ and trusted aspects of the requirements. Untrusted security requirements will include user connectivity to the internet. The “trusted” aspect of the network plays a major role in supporting the business functions of known entities. The known entities, in this case, include such stakeholders as partners, suppliers, and customers. All of these stakeholders have a specific business relationship with the company.
It is important to note that the overall design of the ABC Healthcare network is very broad. In addition, technical solutions aimed at addressing the security of computer networks are numerous. A given organization has a wide variety of solutions to choose from. However, it is essential to note that before embarking on technical solutions for the identified problems, users of ABC Healthcare computer network should know their roles. Different users have different roles to play as far as the security measures are concerned. Their role in the security system reflects, to some extent, their role in the overall organizational structure. To this end, end-users, such as employees, have different roles compared to the developers of the system. It is also important to note that approximately 10% of the security requirements in any given organization are technical in nature. What this means is that this 10 percent needs to be handled by individuals who have the necessary skills to handle online security. The remaining 90% of security requirements for the network rely on the users. As such, the users have a very critical role to play in network security. In this case, the users include mainstream employees, customers, suppliers, and others. The users enhance security by, among others, adhering to proper computing practices. Such computing practices include safeguarding the passwords required to access the network and using the network resources responsibly.
As already indicated above, some aspects of network security are ‘untrusted’. With regards to ABC Healthcare network, this level poses the greatest risk to the organization. In essence, external stakeholders, such as suppliers and customers, pose the biggest threat to the security of the company’s network resources. As such, it is important to secure this network. The first step towards securing the network involves the elimination of, among others, physical vulnerabilities. Such vulnerabilities are brought about by physical applications used by the network, such as computers. To this end, physical communication media, such as servers and routers, should be located in secure locations. The servers should not be physically accessible to unauthorized parties. The areas where these physical media are located should have restricted access. In addition, such “acts of God” as earthquakes, lightning, floods, and mudslides should be put into consideration. The media should be secured such that it remains steady even when under assault from the elements. In addition, the media should be located away from areas prone to these calamities.
There are other features that should be put into consideration at the untrusted network level. Such features include enhancing the security and confidentiality of information relayed over the network. The need for passwords and such other codes comes in at this juncture. Confidentiality entails the encryption of data transmitted over the insecure network. The data is encrypted in such a way that it cannot be accessed by unauthorized parties. Another feature is the integrity of the information, which should be upheld at all times. Integrity involves identifying and dealing with any signs of alteration during transit.
There are a number of hardware components that can be used to secure the company’s network. For example, network firewalls are some of the major hardware components to use when securing ABC Network. The hardware is used to safeguard ABC Network from invasions carried out from other external networks. Cisco firewall hardware equipment would be essential for the protection of this level. However, it is important to note that firewall hardware has a number of inherent limitations. For example, such hardware only reduces the risk of intrusion. As such, there is a need for the inclusion of corresponding firewall software, such as Internet Security Systems’ BlackICE PC Protection. The software-based firewalls should be installed on individual computers used in the organization. When combined with the hardware component, software firewalls will minimize the risk of intrusion from external networks, such as the internet.
Screening routers can also be used to secure the network. The screening procedure facilitates effective protection of the internal or local area networks (LANs) from internet attacks. Routers are important as they are needed to establish a connection to the internet. As such, additional security configurations in such systems would be very important. The normal routers used in the organization can be transformed into screening routers. Such a transformation can be achieved through the installation of the Drawbridge software. As such, the use of Drawbridge will enhance the security of the ABS Health network.
It is a fact that the use of screening and firewalls can almost eliminate all the risks associated with the internet network. However, it is important to note that the sensitive nature of the information held by ABS Healthcare calls for much more. One such additional measure is restricting users’ access to the internet. Such a measure will make the system much secure.
In addition, installing such software programs as SmartFilter would regulate the internal users of the ABC Healthcare computers. The users will be prevented from accessing particular websites on the internet. The filter restricts access to a number of websites that are regarded as high risk. For example, some of these websites, such as pornographic sites, increase the vulnerability of the ABC Healthcare network. The vulnerability is increased through the introduction of viruses from the internet via these sites.
The operations of ABC Healthcare require the organization to interact with a number of trusted networks. Such interactions involve stakeholders like suppliers and customers. The organization may interact with the suppliers via the network by placing orders. It may also engage potential and existing customers through correspondence. However, it is important to note some of such interactions with the stakeholders are carried out over the unsecured network. Such interactions expose ABC Healthcare network to a myriad of security risks. It is important to address this problem in order to enhance the security of the network. The solution is not curtailing the interaction between the organization and the stakeholders, given that such engagements are crucial to the operations of this firm. However, the introduction of Virtual Private Networks (VPNs) significantly eliminates this risk. The network refers to a particular mode of transmitting data securely over an unsecured network.
A number of strategies can be adopted to integrate Virtual Private Networks into the ABC Healthcare network. One of the strategies includes a combination of various encryptions, tunneling, and authentication techniques. Such measures call for the introduction of various protocols into ABC’s Healthcare network. There are a number of protocols commonly used in Virtual Private Networks. They include Point-Point-Tunneling Protocol (PPTP) and SOCKS protocol. Others include Layer 2 Tunneling Protocol (L2TP) and Internet Protocol Security (IPSec). The suggested Virtual Private Network needs to be implemented through server-to-server configuration. To this end, the servers used by ABC Healthcare network are configured with those used by the stakeholders with the help of the various VPN protocols. Such a configuration will effectively enhance network security in the organization.
There are other strategies used to safeguard computers from both internal and external intrusion. One of the major strategies commonly applied to achieve this involves the use of Anti-Virus software. To this end, ABC Healthcare can invest in such software to protect its network against external intrusion from the internet and internal intrusion from the users. However, such a measure calls for an effective and updated version of Anti-Virus software. If this is not ensured, such efforts go to waste.
Internal and remote users of the ABC Healthcare computer network can easily expose the system to a number of risks. They can do this by introducing viruses or worms into the system through media accessories. Such media as flash disks, compact disks among others can be used to transmit these malicious soft wares. The transmission can either be deliberate or unintended. Whichever the case, the security of the network should be enhanced. Up-to-date Anti-Virus software can easily address this problem. The software can be used to scan these media and eliminate any malicious software in them before they are used in the system. The action would take place with or without the intent of the users.
The measures proposed above for safeguarding and improving the security of ABC Healthcare network will ultimately enhance the effectiveness of the system. However, the proposed measures will require the company to update its computer networks on a regular basis. New threats to computer network security emerge every day. As such, the importance of updating the network’s security systems cannot be underestimated.
Discuss the way you will address requirements for system monitoring, logging, and auditing, including complying with any legal regulations
Any organization operating in contemporary society is required to adhere to a number of rules and regulations in its operations. Compliance with these rules and regulations remains a major issue in these organizations. ABC Healthcare is no exception. The organization does not operate in a vacuum. Rather, its operations have to comply with a myriad of procedural guidelines put in place. For example, the company needs to comply with, among others, the Sarbanes-Oxley (SOX) regulations and the provisions of the Health Insurance Portability and Accountability Act (HIPAA). Organizational survival in any given industry is partly determined by adherence to the various regulations.
Logging focuses on the information collected and recorded by the IT systems. Such information gives rise to records known as logs. Logs result from information that is generated by monitoring activities conducted over the IT systems. Such logged information needs to be reported. Reporting entails the presentation of the information in a specified format for regulatory purposes. The information is used by developers and regulators or the system to determine whether any security threats are evident.
There is a need to adhere to the regulatory requirements of logging, monitoring, and reporting. The need for adherence gives rise to major issues. The organization needs to come up with a number of control measures for logging, monitoring and reporting. Such measures are very important since the information held by the ABC Healthcare system is very sensitive. Access protocols would greatly facilitate logging, monitoring, and auditing purposes.
Information touching on logging and monitoring is collected from a wide range of ABC Healthcare system users. The users include employees, managers, and suppliers. What this means is that the various stakeholders cannot be regulated at the initial phase of entering the information into the system. As such, the need for central servers for the storage of the information collected becomes apparent. The servers would then be backed up in various locations. Back-up is a security measure put in place to ensure that the information in the servers is not lost in case of any unforeseen eventualities. Consequently, the privacy of information is upheld by requesting users to authenticate their details before they can access the databases.
There is a need to formulate additional policies to regulate the collection of information and regulate access to ABC Healthcare databases. The policies will regulate the actions of both internal and external users. The regulation will greatly enhance compliance requirements.
Describe how the system will identify and authenticate all the users who attempt to access ABC Healthcare information resources
Accessing the information contained in ABC Healthcare network systems is a very sensitive issue. As already indicated, the information contained in this system is very sensitive. It touches on, among others, the health status of the patients, which should be treated with the utmost confidentiality. Access by unauthenticated users of the system, as well as misuse of the accessed information resources, can jeopardize the operations of ABC Healthcare network systems. Therefore, a combination of authentication mechanisms would be very effective.
There are various basic user-authentication measures that can be used to enhance system security. Such measures include, among others, the use of usernames and passwords to access information in the database. Such measures, however, would be for low-level information, which is not very sensitive. Such information can be accessed by middle and lower-level system users. For the more sensitive information, biometric measures would be used to authenticate users accessing the resources.
Biometric measures fall into two major categories. The first is physical characteristic recognition (PCR). The second is behavioral characteristic recognition (BCR). Both categories are very essential in the identification and authentication of users. However, the suitable category of biometric measure to apply in ABC Healthcare would be PCR. PCR would rely on the physical characteristics of the users seeking access to the organization’s information resources. The physical characteristics entail scanning the retina or the iris. It also involves a fingerprint scan, facial geometry, and voiceprint identification and authentication. The PCR system is almost incorruptible, except for hardware or database failures.
Discuss how the system will recover from attacks, failures, and accidents
Attacks, failures, and accidents are bound to affect ABC Healthcare network. The eventualities are likely to occur in spite of the measures taken to safeguard the system. Therefore, planning and incorporating recovery mechanisms into the system in case of any failures is very essential. A combination of recovery strategies would be more effective in the case of the ABC Healthcare network. The first recovery mechanism includes making sure that recovery and backup servers are independently located from the main servers of the network.
Backup servers ensure that in case of any failure or attack, the operations of the ABC Healthcare network can go on uninterrupted. Their capacity to achieve this may be limited. However, their functionality can be sustained until the main network system resumes service.
The recovery method is the best choice for the system. It allows for time to troubleshoot the main network without halting the operations of the healthcare center. In addition, the likelihood of the main networking and backup systems succumbing to attacks or other forms of failure at the same time is reduced.
Discuss how the system will address user account management and related security improvements
User account management, as outlined earlier, falls under regulation. The management depends on the information’s level of sensitivity. System user policies developed under these security management upgrades would be fully implemented. However, all users of the system must have access credentials, including usernames and passwords. Every time a user accesses the network, the system would record their credentials. Furthermore, records of the information accessed and the duration of time spent logged into the system are archived.
A number of system administrators will share responsibility with regard to the maintenance of the network system. The administrators will be under the supervision of top-level managers and selected auditors. A combination of various security codes will be shared between the group members to curb sabotage. The team’s main task includes twenty-four-hour surveillance of the network’s hardware and software components. The surveillance function will also be automated.