Suppose you started working as a network manager at a medium-sized firm with an Internet presence, and discovered that the previous network manager had done a terrible job of network security. Which four security controls would be your first priority? Why? Please discuss the ideas of your classmates as well.
In such a situation, I believe that the severity of the blunder that has occurred in the presence of the previous manager has to be assessed first by running a full security risk analysis of the computer network. Following are the first four security controls that would be on my priority list.
- Assess the virus protection of the computer network.
- Check for the disaster mechanism and make it compliant with networking standards.
- Check the strength of the user login security policies to prevent against internal threats.
- Install a firewall for security against external threats.