Data and Network Security

As far as the location of the company’s office is concerned, ‘enterprise Training solutions’ offices are located in 4 adjacent rooms situated on the ground floor of a 4 storied building. In addition, the company also maintains a single office room in the first floor of the building. Under the existing situation, anyone is allowed access up to the reception area through a shared entrance. This point signifies the fact that there are no notable security measures at least for the ground floor. The fact that a large share of ‘Enterprise training solutions’ offices are located on the ground floor adds to the threat of a potential security breach. Of course, anyone who goes past beyond the reception area has to enter his/her details in a register, but past incidents have gone on to show that such measures have done little to stop any illegal access of assets of notable importance.
Another interesting aspect that comes to light under the study of the existing scenario is that all employees are required only to carry ID cards, but even these can be forged with ease and used for unscrupulous purposes. Presently, the offices of Enterprise training solutions are accessible through the use of keypad system. …
It has also been mentioned that the changes to the passwords under the keypad system are notified by email, which is a very unsafe method of communicating passwords given the existing proficiency and skill of today’s online hackers. As all wireless accesses to the company’s data and resources are limited to within the hospitality suite, the security threat as far as this aspect is considered can be regarded to be minimal as any accesses through the wireless access point would always take place under the supervision of the network manager. In terms of future requirements, the company intends to provide access of all data, records, databases etc. to its sales staff in the near future thru a VPN (Virtual private network). Therefore, any possible solution towards suggesting the revamp of the existing network of the company has to take this future requirement into consideration under all circumstances. The answers to the questioned posed have been explained below:
1) USING VPN
The general medium of communication between the office’s servers and end users (Staff) through a VPN is as shown below:
Fig: Remote access VPN through IPsec.
A virtual private network or a VPN as it is known for short operates on an Internet backbone, wherein communication between registered entities (which belong to the VPN) are connected via a secure communication medium that is shielded from all forms of outside interference. As far as the proposed solution for Enterprise solutions is concerned, under VPN terminology, such a VPN framework is referred to as a Remote access VPN that allows mobile users such as sales staff who are