You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the...

You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director of Information Systems and Telecommunications. Your assignment is to assist security posture of the firm and develop a security structure for this new company. Write your recommendations and reasons to the firm’s CEO.

The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India and California. Ten accountants will be hired at each site. USA customers’ data from the Houston and California offices will be transmitted to the India and Japan offices for processing of payroll. The results are then sent back to the Firm’s USA office in Houston. Currently, only TCP/IP (public Internet) is being used. The firm’s network is a Windows environment, using CISCO products, with IPv4 address space, 211.156.13.0/22

. You may create any subnet as needed.

Assume no security applications are in place since this is a new company. Design a detailed logical and physical security system to be used in the new firm’s plan. Provide information about specific hardware and software.

Also include needed policies and procedures. Provide security details and address policies, government

regulations and industry regulations as needed.

Your high level areas of requirements are as follows (this is a big list – focus on priorities!):

Install critical infrastructure that provides business continuity

Implement IDS/IPS solution

Investigate next generation technology

Implement VPN for Remote Users

Email Filtering (scanning for viruses, spam, etc)

Web Filtering

SIEM Solution (malware analysis, vulnerability scanning, internal penetration testing)

Penetration Testing and Security Auditing (outside service option)

HTTP to HTTPS Conversion

Centralized Management Services for all Networking/Security Devices

Recommend Standards for configuration of all devices and servers

ACL standards (allow/deny), Turn off services, ports, block protocols, etc.

Disaster Recovery (just backup at the config level & data)

Standard for offsite device config backup and recovery

Standard for data backup and recovery

Physical Security (recent incidents indicate espionage risk is high)

Standards for device and physical access (ex: BitLocker, disable USB, biometrics, cameras, security guards)

User awareness & training

Your project must clearly articulate methodologies that address the business needs, determining the infrastructure and operations, developing timelines, and an implementation plan.

The network design must be robust, secure, functional, and support the speed of business. Your organization has a mix of email, web-services, patch/change management, virus protection, basic perimeter based security. Your team is free to make assumptions and recommendations so long as they are clearly documented and relayed to the stakeholders; include anything that your team believes will be needed.

To meet the stakeholder’s needs your solution and presentation will be assessed on:

I. Scope

II. Plan of Implementation (what will be implemented in months 1-3, 4-6, 6-9 and 9-12)

III. Design Document

IV. High Level Project Plan (Time to Implement)

V. Overall cost (guess since you will not have access to discounted prices)

There is a LOT of room for creativity and exploration in this project. You will be graded on the practical nature of your proposal, the realistic nature of implementation and cost. When developing this project, think about what you would want as a business owner. What is your most valuable asset and how do you protect it in the environment given?