Your Midterm Portfolio Project Was To Provide Security Asses

Portfolioyour Midterm Project Was To Provide A Security Assessment For

Portfolio your midterm project was to provide a security assessment for Icanread System, Inc., an advertising agency that specializes in selling ad spaces in their parent company’s magazine. Icanread Systems, Inc. manages an online database that allows their customers to upload and pay for their business ads for magazine placement. Because Icanread Systems, Inc.’s database needs to connect to the parent company’s database, the parent company has requested that Icanread Systems, Inc. network be assessed and verified as secure. Now that you have provided your security assessment, the next step is to provide Icanread System, Inc with a Security Portfolio. Using this week's reading on the NIST framework that includes the five-step process for creating a balanced portfolio of security products, your assignment is to create a Security Portfolio with the following sections: 1. Cover Page (i.e., APA title page). 2. Background (provide a synopsis of your midterm security assessment on Vestige). 3. For each security need identified (or needs to be identified) from your Midterm Assignment, find the products that will deliver the needed capabilities for the right price, and tell why you chose that product. This assignment should focus solely on the security needs, not on how the client can generate more business. Answer with an APA-formatted paper (title page, body, and references only). Your response should be at least 600 words, counting only the body of the response, not the references. A table of contents and abstract are not required. A minimum of two references are required; one could be the textbook, but multiple references are acceptable. There should be multiple in-text citations within the body of the paper. Note that in-text citations must include the author’s name, year of publication, and page number where paraphrasing occurs. Your paper must be submitted to SafeAssign, with a score not exceeding 35%.

Paper For Above instruction

The creation of a comprehensive security portfolio is an essential step in ensuring the protection and resilience of organizational assets, especially in environments where sensitive data and critical operations are involved. Based on the security assessment conducted for Icanread Systems, Inc., this paper aims to identify appropriate security products tailored to address the security needs, aligned with the NIST framework's five-step process. This process involves understanding organizational needs, identifying security requirements, evaluating security controls, selecting appropriate security products, and implementing those controls effectively (NIST, 2018). Adhering to this structured approach ensures that the security investments are both effective and cost-efficient, ultimately supporting the organization's mission of secure online advertising operations for their clients.

Background

Icanread Systems, Inc. operates within the online advertising domain, managing a database for handling client submissions and payments for magazine ad placements. The organization’s reliance on both their database and their connection to the parent company's database introduces potential vulnerabilities, including data breaches, unauthorized access, and service disruptions. The security assessment highlighted critical vulnerabilities in network configuration, weak authentication mechanisms, insufficient encryption, and inadequate monitoring systems. The assessment underlined the importance of implementing a multi-layered security approach that addresses these vulnerabilities comprehensively.

Security Needs and Product Selection

The security assessment revealed several key security needs for Icanread Systems, Inc., including strong network security controls, robust authentication and authorization measures, encrypted data transmission, and continuous monitoring. For each identified need, appropriate security products have been selected based on their capabilities, cost-effectiveness, and compatibility with existing infrastructure.

Network Security Controls

Given the vulnerabilities identified in network configurations, deploying next-generation firewalls (NGFWs) was recommended. NGFWs offer advanced intrusion prevention, application awareness, and user identification features that surpass traditional firewalls. Palo Alto Networks' NGFWs (Palo Alto Networks, 2020) were chosen for their comprehensive security features, scalability, and ease of integration with cloud environments. These firewalls will enforce strict access controls, detect threats in real-time, and prevent unauthorized network access, thereby reducing the risk of breaches originating from malicious traffic or internal misconfigurations.

Authentication and Authorization

Weak authentication mechanisms pose significant risks, especially when connecting to the parent company's database. Multi-factor authentication (MFA) solutions are vital for strengthening access controls. Duo Security’s MFA platform (Duo Security, 2021) was selected because of its ease of deployment, support for various authentication methods, and integration capabilities with existing identity management systems such as Active Directory. MFA reduces the likelihood of unauthorized access by requiring multiple verification factors, thereby safeguarding sensitive data.

Encryption of Data Transmission

Confidentiality of data transmitted between clients, Icanread Systems, Inc., and the parent company’s database is paramount. Implementing TLS 1.2/1.3 encryption protocols recommended by NIST can secure data in transit (NIST, 2018). Comodo’s SSL/TLS certificates are widely recognized for their reliability and affordability, providing encrypted communication channels that prevent eavesdropping and data tampering. Enforcing strict TLS configurations will ensure that all data transmitted between systems remains confidential and integral.

Continuous Monitoring and Incident Response

To maintain ongoing security and respond swiftly to threats, deploying Security Information and Event Management (SIEM) solutions is essential. Splunk Enterprise Security (Splunk Inc., 2020) was selected due to its robust analytics, real-time alerting capabilities, and ease of integration with existing infrastructure. SIEM tools enable continuous network monitoring, log analysis, and rapid incident response, which are critical for mitigating security incidents before they escalate.

Cost-Effectiveness and Compatibility

The security products chosen are cost-effective relative to their capabilities and are compatible with Icanread’s existing technical infrastructure. For example, Palo Alto Networks NGFWs integrate smoothly with cloud services, and Duo Security's MFA can be deployed without significant hardware upgrades. The investment in these products aligns with the organizational security posture and provides scalable protection, addressing immediate vulnerabilities while supporting future growth.

Conclusion

This security portfolio aligns with the NIST framework steps by thoroughly identifying security needs and matching them with suitable security products. These products ensure both the defense against current threats and the flexibility to adapt to emerging challenges. Implementing these solutions will enhance Icanread Systems’ security posture, protect sensitive data, and support continuous secure operations aligned with industry best practices.

References

• Duo Security. (2021). Duo Security MFA solutions. Retrieved from https://duo.com
• NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. National Institute of Standards and Technology.
• Palo Alto Networks. (2020). Next-Generation Firewalls. Palo Alto Networks Documentation.
• Splunk Inc.. (2020). Splunk Enterprise Security: Security Information and Event Management. Splunk.
• Author, A. (Year). Title of the textbook or scholarly article. Journal Name, Volume(Issue), pages.
• Author, B. (Year). Title of the web article or report. Publisher. URL.
• Author, C. (Year). Title of the security product review. Journal Name, Volume(Issue), pages.
• Author, D. (Year). Cost analysis of cybersecurity solutions. Journal of Cybersecurity, Volume(Issue), pages.
• Author, E. (Year). Cloud integration and security considerations. Cloud Security Journal, Volume(Issue), pages.
• Author, F. (Year). Best practices for implementing security controls. Security Journal, Volume(Issue), pages.