Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms

Preview (5 of 15 Pages)

100%

Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms - Page 1 preview image

Loading page ...

Improving IT Infrastructure: Addressing Authorization Policies andTroubleshooting MechanismsBased on the paper, discuss how an organization can improve its authorization policies andtroubleshooting mechanisms to enhance IT infrastructuremanagement. Specifically, explain thesteps to improve authorization policies, including the identification, authentication, andauthorization processes, and describe the systematic approach for diagnosing and resolvingnetwork problems. Additionally, highlight the importance of change and configurationmanagement in maintaining an efficient network infrastructure.Word Count Requirement:600-700 words

Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms - Page 2 preview image

Loading page ...

Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms - Page 3 preview image

Loading page ...

Problems with IT Infrastructure1.Improper gateway which leads intruders easily into the companynetwork.2.Not well defined and authorization policies.3.Infrequent automatic updates in the server.4.Lack of trouble experts and mechanisms.5.Improper server topologies.This paper will explains on, how to the problem2 and problem4 systematically.How to improve and authorization policy?1. IdentificationManagement of Identifiers▪Linked Identifiers.Maintain dual for all company employees. These records should haverelation betweencompanyID Network ID records.▪Uniqueness.Maintainunique which will relate to only one person.▪One Identifier per Individual.An individualnot havemore than onecompanyIDnumber and on personal NetID.▪Non-Reassignment.Once and is assigned to a particular person it is always associatedwith that person. It isshould not beoasignificant time ofwaiting period.▪Social Security Number.SocialNumbersshouldnot be used to identifyemployees.

Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms - Page 4 preview image

Loading page ...

2. AuthenticationAccess to non-publiccompanyITcanbe achieved bya personand unique logins willrequire authentication, a username and combination. Authentication credentialsshouldnot betranslatedintoother forms such asif it is notencrypted, and only no other reasonable optionsexist.Authentication MethodsAuthentication methodsofpresenting a public identifier private authentication informationsuch as a personal number (PIN), password, token, or derived from a cryptographic key.Authentication againstcompany’scomputing infrastructure is recommended when possible.One of the following methods be implemented:▪Password authentication▪Authentication can be achieved biometric sensors to maintain the accuracy.▪Tokens in conjunction a PIN Number▪LDAPAuthenticationNo Unencrypted AuthenticationUnencrypted authentication and mechanismsare secure in specific networks. Trafficoutsidethenetworkcanbe monitored,these mechanismstooperations.So it would be better ifcompanyservices use only encrypted mechanisms unless authorized.Specifically, insecureservices, such as Telnet, POP, and IMAPcanbe replaced by encryptedcomponent.

Improving IT Infrastructure: Addressing Authorization Policies and Troubleshooting Mechanisms - Page 5 preview image

Loading page ...

Message to company employees▪Official Actions.Use of a NetID andmechanismsto identify to an on-line systemconstitutes an official identification ofemployeeto the,similartothatofacompanyID carddoes.Employeeshouldbe for all actions taken during sessions.▪Integrity.Employeeshould usethe NetID and information that they have been authorizedto use (i.e. aEmployeemust never themselves falsely another person).▪Confidentiality.Employeeshouldkeep information confidential (i.e.should not disclose toan unauthorized person).▪Reporting Problems.Anyonefindingtheir authentication wasmisusesshould immediatelycontact the IT Help Desk.▪Security Precautions.Employeesare to change their password regularly (at least onceevery three months), to limit possible of passwords that may have been compromisedwithout the user’s knowledge. Passwords be chosen so that they are not easily guessable.▪Disciplinary Action.Individuals who are to have knowingly violated one of theseprovisions will be subject to action. The possible disciplinary actions for violations, whichcan include termination of employment, depend on the facts and circumstances of each use.3. AuthorizationAccess to information and IT system will be granted on aregularbasis andshouldbeauthorized by the immediate. Any of the following methods acceptable for providing access:▪Context-based access.Access control on thetransaction context. Thefactors might includetime of day, location of users, of user authentication, etc.▪Role-based access.Access control model permits the enforcement of enterprise-specificsecurity policies in a way that maps naturally to an structure and business activities. Each

Preview Mode

This document has 15 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Build and troubleshooting Integration Challenge

Company

Explore

Study Tools