Reference no: EM132833228

Assignment: Assume you are part of a corporate level security team and your organization has just acquired a new company. The new company will have its own information technology team reporting up through the corporate team. The company being acquired is not security savvy, so a thorough assessment will be required.

The current environment you are asked to assess includes:

• The wireless network running WEP - employees often bring in their own access points because the reception is poor with the company access points.

• No security monitoring or review of security logs

• The data center has about 100 Windows servers that are patched using Microsoft Automatic Updates.

• The firewall is a Cisco PIX

• The backup strategy uses Windows built-in backup application. The backup is then sent to a main server every Friday night.

• The disaster recovery plan is to restore the server from the main backup server.

• There are no security policies or standards.

• Employees often bring in their own laptops to use for work because the company hardware running Windows 98 is outdated.

Write a 3- to 5-page analysis for the security posture of the newly purchased company and recommendations for upgrading security procedures and measures. Complete the following in your analysis:

• Summarize the risks in the current environment, the framework used, and key risk indicators.

• Evaluate and recommend improvements for the following:

• Wireless environment

• Backup and disaster recovery strategies

• Bringing your own access point and laptop policy

• Vulnerability assessment strategy

• Security and network monitoring

• Recommend hardware and software improvements.

• Recommend security policies and standards that should be written and put into place.

• Recommend an incident response plan that would escalate up through the corporate security team.

• Format your assignment according to APA guidelines.