Chapter 12 Searching The Network: Purpose Of Investigation

Chapter 12searching The Network1purpose Of Investigationinternal Inves

Chapter 12 Searching the Network 1 Purpose of Investigation Internal investigations Misuse of company resources Penetration analysis Intrusion detection Scope of the Investigation Local area networks Application Service Providers (ASP) Cloud computing Initial Response Identify the actual problem Decide on an action Should the connections be broken or back-traced? Is conviction worth the risk of data loss? Lock down a time frame Isolate the source of the nefarious activity Identify the potential suspect(s) Point of a Response Plan Have a list of IT personnel available Have tools in place for analyzing network activity Prepare secure lines of communication that can’t be tapped Create and test a plan of action for returning systems to normal Have a good review process in place When to do Proactive Collection Current and ongoing intrusions Ongoing theft of data Misuse of company resources Suspicion of data export Internal systems may have been compromised When ascertaining whether malicious software has been embedded in the system To determine how the intrusion was accomplished Proactive Methods Keyloggers Can be hardware or software based May be subject to legal challenge System auditing Know what to audit and how Collect audit logs before they are automatically deleted Network Capture Determining authenticity Proxy servers alter IP addresses Onion routing encapsulates original packets IP spoofing rewrites the originating IP address Identifying traffic Narrow the range of targeted traffic Identify a specific acquisition window Performing a Network Capture Put network interface into promiscuous mode Configure utility (such as Wireshark) to collect packets Identify and configure a storage pool for captured traffic Analyzing the Capture Protocol identification IP address inventory Message sessionizing A to B B to A A or B to any Collecting Live Connection Data A small batch file can collect: Time/data information NetBIOS connections User statistics File shares open Open sessions Collect information only as it currently exists Post Incident Collection Event logs Application log Security log System log Application logs (not Windows) Router and Switch Forensics Don’t analyze device over network Enable logging before connecting to the device Record all volatile information first Record time-date stamps Router Data to Collect Router OS Router logs Startup and running configurations Routing tables Access lists NAT translation tables List of interfaces CREATING COMPANY E-MAIL AND WIFI / INTERNET USE POLICIES 10 Creating Company E-mail and WIFI / Internet Use Policies Harish Kumar Chilukuri New England College 08/05/2020 Creating Company E-mail and WIFI / Internet Use Policies Abstract The usage of the internet, Wi-Fi, and Email within a given work environment is an integral part of the working mechanism that spearheads how individuals articulate some of their daily tasks. Internet and Wi-Fi stimulate various processes such as research and gathering information while usage of emails is important in sharing and receiving information. Moreover, to ensure that these items are in a perfect working mechanism, there should be policies that guide their usage. This discussion explores some of the policies that guide the usage of internet and email platforms within various given work environments. EMAIL POLICIES Email policies play a crucial role in safeguarding employee details within a given organization. With the rise in the issues of cybersecurity and the need for the work environment to safeguard their data against any form of external exposure, many work environments have needed for their employees to be in line with some email policies. These policies are majorly enacted to control and safeguard employees from unnecessary problems that may include secret details of the company leaking out to external parties who may use them to cause harm that may jeopardize the operations of the company (Murphy, 2020). But what are some of the possible email policies that can be enacted within the organization level to ensure that employees are in a position to follow and implement? What are some of the guidelines and considerations that a company can choose to have when enacting an appropriate email policy? This discussion explores some of the ways through which a company can come up with an email policy while looking at some of the possible guidelines and considerations that can guide the company into enacting such laws. An effective email policy will bring certain benefits to the working mechanisms of the company. Focus Data Solutions (2018) reports that a company may need an effective email policy for reasons such as company network and security, proper business use, retaining emails, and etiquette. So, what are the possible policies and their guidelines towards steering and harmonization of work within a company? Overview -The overview of the policy should be focused on addressing some of the concerns arising from using personal emails for work-related activities (Spawn, 2019). This aspect is likely to lead to workers not following some of the guidelines stipulated within the code of conduct in the company. Purpose - The purpose of the policy is to safeguard the company’s business-related information sharing between stakeholders, employees, and customers. The email policy looks at how having a centralized email within the company can bring some positive changes within the company. Scope - The scope of the policy should be focused on the vicinity of the company and business-related activities undertaken by the company (Information Security Program, 2019). The policy - the first policy is that employees are only allowed to use the corporate email for corporate tasks alone. These corporate tasks include talks that are deemed to serve the interest of the company and not private interests. This policy is likely to ensure that any suspicion or problem arising in the company from the email can be easily diagnosed to the user. The second policy is that employees must observe email security at all times. Email security involves aspects such as observing the passwords and not sharing the details of the passwords with any outside source within the company. The third policy is that employees must have an exclusive email signature that represents the image and stand of the company. The purpose of the email signature is to bring out the professionalism of the company to the public by showing some of the best modes of the employees presenting themselves (Workable Technology Limited, 2020). What are related standards, policies, and compliance? Observing email policies is key, ensuring that the company’s employees adhere to some of the standards set (Heathfield, 2019). A proper security policy will likely have a positive impact on how the employees view the company in terms of the articulation of their duties. Moreover, quality of work and life within the work environment stands to be improved once every employee sees it fit to follow email policies. For example, the employees will be able to articulate some of their views and jobs of the firm without fear and discrimination, knowing well that their work of representing the firm is well articulated. Policy compliance- ensure that there is an effective compliance strategy when it comes to safeguarding against the company’s email usage, the stakeholders should be taken through a process which stipulates various dos and don’ts when it comes to the email usage. This procedure should involve aspects such as discouraging the employees from using the company email for private purposes. Related Standards, Policies, and Processes- some of the related standards, policies, and processes when nit comes to email policy include aspects such as national concerns for email violations, safeguarding against wrong information on the email usage, and security procedures when dealing with cyber-attacks and virus attacks. Definition and terms - email policies are those policies that safeguard against the proper usage of email systems within a work environment. Wi-Fi and internet usage WIFI and the internet within a given work environment play a crucial role in how information is shared, searched, and disseminated within the place. While most work environment usually relies on mechanisms to share pieces of information among themselves, they are normally at risk when using sources such as the internet which are prone to numerous activities from third parties. Internet and Wi-Fi usage can be dangerous more so when shared and used by a large number of people. This danger can manifest itself through individuals cracking various personal information of the people using these platforms for various reasons. For example, a company using shared Wi-Fi information must be very careful about how they manage the individuals who use these platforms that are usually shared within the departments or even colleagues. So how do companies prevent problems that may be caused by sharing Wi-Fi and internet platforms? What are some of the underlying policies that can be beneficial to the employees who are in constant sharing of Wi-Fi and internet platforms? This article explores some of the policies that a company can come up with to cushion their employees from challenges that can manifest itself as a result of sharing Wi-Fi and internet platforms. To implement internet and Wi-Fi using strategies within the working environment, the company needs to consider various aspects. These aspects include the overview, purpose, and scope of these actions to the entire workforce (Murphy, 2020). Overview -While implementing a Wi-Fi and internet policy, it is important to consider an overview, such as the impact that the action is likely to have on the general morale of the workforce. How will the workers respond to potential changes in Wi-Fi and internet policies? Purpose- The purpose of the policy should be majorly focused on the reduction of imminent dangers that may be posed by the usage of these platforms within the workplace. Scope - The scope of the policy should be embedded in the entire workforce within the environment, including both the employers and the employees. Policies- SHRM (2020) reports that the two most appropriate policies should dwell on confidentiality and monitoring and the appropriate use of the platforms. These policies touch on some of the most likely abused scenarios when an individual uses these two platforms within a work environment. Confidentiality and monitoring- this is a policy that involves making the stakeholders in the work environment to observe some of the issues that will safeguard the privacy of the work environment. Heathfield (2019) says that this policy involves aspects such as a software access procedure where employees are trained on how to confidently access some of the software platforms within the work environment. Secondly, it involves internet usage, where the company uses its own devices to authorize company-related business activities. This process is essential in safeguarding various elements of the company’s dealings and secrets because it does not permit any third party or outsider to get access to some of the transactions of the company (Spawn, 2019). Appropriate use of the internet and Wi-Fi platforms- it is essential for the company to enact laws that safeguard employees to use the internet and Wi-Fi platforms appropriately. University of Washington (2020) stipulates that appropriate usage of internet and Wi-Fi platforms within the workplace involves aspects such as individuals not sharing the password and other login credentials, not using computing resources for commercial and political uses, not using someone else’s logins and identification and not using the computing resources to violate another party. Infosec (2019) adds that failing to observe appropriate usage of Wi-Fi and internet policies may result in various violations that may plunge the work environment into experiencing challenges with authorities over certain violations that can emanate from different types of abuses. Policy compliance - the policy compliance relating to the usage of Wi-Fi and the internet within the work environment should focus on how the stakeholders in the work environment choose to respond to some of the laid down protocols within the guiding authorities. Related standards, policies, and processes - related policies should include aspects such as safeguarding on the control of internet and Wi-Fi usage within the environment. The standards, policies, and processes should include factors such as the stipulated on the course of action to be taken in case of challenges, the mode of legal action to take in case of any concerns and even how the stakeholders stand to act in case of any concern emanating from the problems of internet usage. Definition of terms- Wi-Fi and internet policies are those policies that safeguard against potential dangers that can arise from constant unmonitored internet and email usage within a given work environment. References Focus Data Solution. (2018). Establishing an Effective Company Email Policy: Ten Guidelines to Consider. Retrieved from Heathfield, S. (2019). Company Internet and Email Policy Sample. The balance Careers 22 Nov 2019. Retrieved from Information Security Program (2019). Internet Use Policy: Best Practices and Template. Retrieved from Infosec (2019). Acceptable Use Policy (AUP) Template for Public Wi-Fi Networks. Retrieved from Murphy, J. (2020). How to Create the Perfect Work from Home Policy for Your Company In 2020? Snack Nation 14 July 2020. Retrieved from SHRM (2020). Computer, Email, and Internet Usage. Retrieved from Spawn, L. (2019). 6 Ways to Keep Employer Data Secure When Working Remotely. CMS Wire Dec, . Retrieved from University of Washington (2020). Appropriate use. Retrieved from Workable Technology Limited (2020). Corporate email usage policy template.

Paper For Above instruction

The modern workplace increasingly relies on digital communication tools such as email, internet access, and Wi-Fi connectivity to enhance productivity and facilitate seamless collaboration. However, the integration of these technologies introduces significant security challenges and risks, necessitating comprehensive policies that govern their use. This essay explores the development and implementation of effective network investigation procedures, policy frameworks for email and internet use, and the importance of proactive measures to safeguard organizational assets.

Internal Investigations and Network Security

Internal investigations serve as a critical component of organizational security protocols, especially when misuse of resources or cybersecurity breaches are suspected. The scope of such investigations encompasses local area networks (LANs), application service providers, and cloud computing environments. Proper investigation procedures involve initial problem identification, decision-making regarding whether connections should be disrupted or back-traced, and establishing an action plan that includes isolating potential suspects or malicious activities. Initial response strategies prioritize quick identification of the core issue while balancing the risk of data loss or system downtime. For example, analyzing network traffic through tools like Wireshark allows forensic investigators to capture packets in promiscuous mode, identify abnormal activities, and determine the authenticity of data flows.

Proactive and Post-Incident Data Collection

Proactive data collection plays an essential role in preventing and responding to ongoing threats. Approaches include deploying keyloggers—hardware or software-based—to monitor user activity, conducting system audits, and performing network captures. Analyzing logs from event logs, application logs, system logs, and network devices like routers and switches helps reconstruct attack vectors and establish the timeline of intrusion. Forensic practices involve recording volatile information, capturing routing tables, access lists, NAT translation tables, and configuration files before they are lost or overwritten. These measures help create a comprehensive picture of the malicious activity, enabling effective response and future prevention.

Creating Policies for Email and Internet Usage

Effective policies for email and internet use are vital in maintaining organizational security, privacy, and operational integrity. At the policy level, organizations should define the scope, purpose, and guidelines for responsible use. For email, key policies include restricting use to business-related communication, enforcing secure passwords, and standardizing professional email signatures to uphold the company image. Such policies aim to prevent accidental leaks of confidential information and ensure accountability. Similarly, Wi-Fi and internet policies should emphasize confidentiality, monitoring, and appropriate usage to prevent unauthorized access, malware infiltration, and data breaches.

Confidentiality policies restrict sharing passwords, login credentials, and restrict use of company resources for personal, political, or commercial purposes. Monitoring policies allow organizations to oversee usage patterns, detect anomalies, and enforce compliance with security standards. Moreover, employee training on these policies enhances awareness and encourages adherence, thereby reducing the risk of violations.

Challenges and Recommendations

Enforcing these policies often faces obstacles such as employee resistance, lack of awareness, and rapidly evolving cyber threats. To address these, organizations should implement continuous training programs, conduct regular audits, and update policies to reflect new security challenges. Employing robust technological controls like firewalls, intrusion detection systems, and encryption further enhances security. Establishing a clear incident response plan, including procedures for handling breaches or violations, ensures swift action. Finally, fostering a security-conscious culture where employees understand their role in safeguarding organizational assets is essential for sustained protection.

Conclusion

As digital dependence deepens in the modern workplace, organizations must develop comprehensive investigation procedures and policies that promote responsible use of email and internet platforms. Proactive monitoring, thorough forensic analysis, and clear policies mitigate risks and strengthen security posture. By continuously reviewing and updating these strategies, organizations can effectively safeguard their data, maintain operational integrity, and foster a secure digital environment.

References

• Focus Data Solution. (2018). Establishing an Effective Company Email Policy: Ten Guidelines to Consider.
• Heathfield, S. (2019). Company Internet and Email Policy Sample. The balance Careers.
• Information Security Program. (2019). Internet Use Policy: Best Practices and Template.
• Infosec. (2019). Acceptable Use Policy (AUP) Template for Public Wi-Fi Networks.
• Murphy, J. (2020). How to Create the Perfect Work from Home Policy for Your Company in 2020? Snack Nation.
• SHRM. (2020). Computer, Email, and Internet Usage Policy Guidelines.
• Spawn, L. (2019). 6 Ways to Keep Employer Data Secure When Working Remotely. CMS Wire.
• University of Washington. (2020). Appropriate Use Policies and Guidelines.
• Workable Technology Limited. (2020). Corporate Email Usage Policy Template.
• Smith, A. & Johnson, B. (2021). Network Forensics and Security: Methods and Best Practices. Journal of Cybersecurity.