SOLUTION: CMIT 370 University of Central Missouri Always Fresh IT Security Analysis

Hello! Attached is the final answer. Let me know if you have any questions or revision. Thanks!1Always Fresh IT Security Summary ReportXXX UniversityCourse CodeProfessor’s NameDate2ContentsExecutive Summary ………………………………………………………………………………………………………… 3Password management and Rationale ………………………………………………………………………………… 3Account Management and Rationale …………………………………………………………………………………. 4DMZ Setup and Rationale ……………………………………………………………………………………………….. 5LAN Access and Rationale ………………………………………………………………………………………………. 6Conclusion …………………………………………………………………………………………………………………….. 73Always Fresh IT Security Summary ReportExecutive SummaryThe company Always Fresh is interested in ensuring high security, availability and bettermanaged data and IT resources access control for its IT infrastructure. Its IT infrastructure isbased on the Windows platform and the scope of the project will cover hardening of data access,authentication and networking. Currently, the IT infrastructure serves two types of users, internalusers who are work for the company who either are account holders and external users who arewholly anonymous.Password management and RationaleCurrently, employees are having a problem managing their accounts and systemadministrators face challenges implementing security policies. Despite standing security policies,users are still using easy to guess passwords and/or writing down their passwords and leavingthem in easily accessible areas like their work area. To ensure the security of the company’s ITinfrastructure, the use of two-factor authentication is proposed in the short term (Stanislav,2015). The use of biometric authentication is planned for the long term.Since the employees already have workplace smartphones, they will use a combination of apassword and a passphrase sent to their verified workplace device. The passphrase will be asingle use passphrase that is randomly generated and users will be required to provide both thepassword and passphrase in order to gain access to the system. While not foolproof, users canlose the device or it can be compromised e.g., by stealing, cloning etc, it provides an extra layerof security that an intruder has to overcome in order to gain access to the company’s ITinfrastructure or data.4The use of biometric authentication will further harden the IT security of the company. Thecompany has the choice of either using the existing workplace-issued smartphones or acquiringdedicated biometric devices. The long-term nature of biometric authentication rollout is due totime and budget constraints. In the case of smartphones, the software has to be developed oracquired then deployed on both the devices and the authentication servers, while for dedicatedbiometric devices there is the additional cost of acquiring the gadgets. Furthermore, users willhave to be trained about biometric authentication and cultural resistance overcome for it to beeffective. Given that high quality biometric solutions based on smartphones already exist, thehigh cost of developing a custom biometric authentication solution and users are already familiarusing smartphones, the best course of action is to acquire phone-based biometric solutions.Account Management and RationaleEmployees are required to have at least one unique account in order to access the data andIT infrastructure of the company. Moreover, a user can have many accounts since they can servedifferent roles, necessitating the creation of multiple accounts for the same users. This has led toa proliferation of accounts that both the users and the system administrator must manage. This,multiplicity of accounts has led to some users using the same or similar passwords for differentaccounts and/or using accounts to access data and IT resources not mean for that role. This is dueto system administrators assigning some roles more privileges than they need in a effort toreduce account management overhead.To overcome the problem faced in managing the accounts, role-based access control(RBAC) mechanisms and privileged identity management (PIM) approaches will be utilized(Nickel, 2016). RBAC mechanisms will be used for both users and administrators whereas PIM5will be primarily used for system administrators and employees who require higher level accessto data and IT infrastructure like developers and database administrators.For RBAC, domains consisting of user and computer accounts will be grouped together inan Active Directory database. These domains will then be grouped together in a tree with furthergrouping of trees forming forests. The domains will enable the assignment of privileges based onorganizational hierarchy while the forests will enable the administration of security. Theseresults in an easier to maintain and reason about hierarchy while enabling roles to only have asmuch privileges as they require. Similarly, RBAC will also be implemented at the data level toensure that each user only gets access to the data they require. This will ensure non-repudiation,data confidentiality and security of the data without adversely affecting availability andperformance.PIM will be achieved by having a vault check-in and check-out system and generation ofone time pass codes that are time limit…

Order a unique copy of this paper
(550 words)

Approximate price: $22

Our Basic features
  • Free title page and bibliography
  • Plagiarism-free guarantee
  • Unlimited revisions
  • Money-back guarantee
  • 24/7 support
Our Options
  • Writer’s samples
  • Expert Proofreading
  • Overnight delivery
  • Part-by-part delivery
  • Copies of used sources
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

AcademicWritingCompany guarantees

Our customer is the center of what we do and thus we offer 100% original essays..
By ordering our essays, you are guaranteed the best quality through our qualified experts.All your information and everything that you do on our website is kept completely confidential.

Money-back guarantee

Academicwritingcompany.com always strives to give you the best of its services. As a custom essay writing service, we are 100% sure of our services. That is why we ensure that our guarantee of money-back stands, always

Read more

Zero-plagiarism tolerance guarantee

The paper that you order at academicwritingcompany.com is 100% original. We ensure that regardless of the position you are, be it with urgent deadlines or hard essays, we give you a paper that is free of plagiarism. We even check our orders with the most advanced anti-plagiarism software in the industry.

Read more

Free-revision guarantee

The Academicwritingcompany.com thrives on excellence and thus we help ensure the Customer’s total satisfaction with the completed Order.To do so, we provide a Free Revision policy as a courtesy service. To receive free revision the Academic writing Company requires that the you provide the request within Fifteen (14) days since the completion date and within a period of thirty (30) days for dissertations and research papers.

Read more

Privacy and Security policy

With Academicwritingcompan.com, your privacy is the most important aspect. First, the academic writing company will never resell your personal information, which include credit cards, to any third party. Not even your lecturer on institution will know that you bought an essay from our academic writing company.

Read more

Adherence to requirements guarantee

The academic writing company writers know that following essay instructions is the most important part of academic writing. The expert writers will, therefore, work extra hard to ensure that they cooperate with all the requirements without fail. We also count on you to help us provide a better academic paper.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2020 at 10:52 AM
Total price:
$26
The price is based on these factors:
Customer Academic level
Number of pages required
Urgency of paper