Preventing attacks against Riordan company's data, systems and websites is an ongoing battle and folks can agree that security is a journey, not a destination. This is a continuous process that is most often needed to stay ahead of hackers. In light of SOX regulatory compliance mandates, Riordan Manufacturing has ask the A Team to assessment their system and make recommendation on closing any gaps founded. The network and physical security review revealed several exposures that will need to remediate to comply with SOX regulation. Along with the revealing the exposures, the A Team has made several recommendation in hardening the infrastructure, consolidation of resources, and costing saving ideas.
The physical security review revealed that there is easy access to all Riordan Manufacturing locations. Physical security is needed for the protection of personnel and company resources whether hardware or software. This includes protection from fire, disasters, burglary, theft, vandalism, and terrorism.
The A Team recommend installing a centralize ID badge system. Along with the badge system implementing strong access control procedures to restrict physical access to cardholder.
Install a security camera surveillance system for all facilities. Camera should be focus on all card readers and doors to ensure that no one is tailgating access. Card readers' cameras should be installed at all datacenters to ensure who has come and gone from the datacenters. This recommendation will close any audit access issues. Although the centralized system is used to manage all remote facility card readers, all access polices are pushed out to each card reader to ensure that access is not affected should a communication failure arise.
Network security is the protection of networks and their services from unauthorized modification, destruction, or disclosure for the assurance that the network performs its critical functions correctly. In short network security leverages the infrastructure...