Posts

Showing posts from October, 2025

ESP TASK 3 - 24/24

Image
  Task 3 – Security Management Project Proposal Candidate: Hardeep Singh (107557087) Centre: Thomas Telford UTC Date: 19 May 2025 1) Introduction – Current State & Key Security Issues Context. Longstaff Marketing Solutions (LMS) has grown from 5 to 25 staff and relocated to a new office. Much of the home‑office kit has been reused. The ISP‑supplied SOHO router currently provides DHCP, DNS and firewalling ; the NAS is accessed through a shared administrative account ; a VPN server provides remote access; Wi‑Fi uses WPA with a shared passphrase. The firewall policy is allow‑by‑default and includes inconsistent SMB rules (Control Document D). Observed issues and business impact (mapped to requirements): Identity & access: No centralised identity; shared credentials on NAS; local admin rights common → poor accountability and increased insider‑threat risk; non‑compliance with UK GDPR/DPA principles of integrity and accountability. Perimeter & segmentati...

ESP TASK 3- NOTES on Summer 2025

Your document should be professional, clear, and logically structured . Use Arial 12pt , black font, and save as PDF . Include: Title page : Task number, your name, student number, date. Headers & page numbers : “Page X of Y”. Sections : Introduction Overview of the Plan Updated Network Topology Diagram Justification of Equipment & Services Cost Analysis (with maths) Potential Security Issues & Mitigations Implementation Strategy Summary Outline current security issues : SOHO router vulnerabilities (default credentials, WPA encryption). Shared admin accounts on NAS. VPN reliance for remote access. Lack of centralized identity management. Misconfigured firewall rules. GDPR/DPA compliance risks. Explain how you will meet all project requirements : Centralized identity management (Active Directory or Azure AD). Replace SOHO router with enterprise-grade router/firewall. Remove VPN → implement Microsoft 365 Business Premium for cloud access. Replace NAS → ...