After a long while, I was finally able to start swimming and avoid being drowned by things to do at work! The new job is awesome, but the first couple of weeks were insane (lots to do and learn, etc)! But I confess I’m just loving it!
Well, we all face massive challenges on a daily basis (no secret there). New projects requiring security input, fire fighting security issues, keeping yourself abreast with new technology, security conferences and much more. But most of us find pleasure in doing that, and that’s exactly what I’m proposing here: to solve challenges we deal with at work, while sharing experiences with our fellow security colleagues!
That’s how it works: On a regular basis, I’ll come up with a challenging scenario where securitycontrols should be implemented. The scenarios will vary (network security, application security, security policies, PCI DSS compliance, encryption and many more). The idea is that you guys interact with the diagram by adding comments with your suggestion (you can even add attachments!), always keeping in mind the restrictions imposed (budget is one of them).
The challenge will aid “security rookies” to learn about information security, and “security ninjas” to demonstrate and share their knowledge!
To inaugurate this session, a very basic diagram with a scenario I’m sure we won’t find out there anymore (ha ha). Do your best! Feel free to mention products, brands and whatever else.
Ah! To further stimulate you, the person proposing the best solution will have a diagram representing their suggestion published, and their names will become part of MyInfosecJob’s hall of fame! With the sheer number of recruiters visiting our site, it’s always good to leave your mark for them to see!
As usual, feedback, suggestions, critics are always welcome!
So, get your neurons started and tell everyone how you would secure the network below! Be creative!
Update – 24/03/2011
I have to say that I’m impressed with the answers so far. Although you guys were given a budget of 20k (which is quite enough!), most of the answers were able to harden the environment to a very decent security state for close to nothing!
For those of you willing to present a Visio diagram with your solution, please send me an e-mail at adrianodiasleite at myinfosecjob.com and I’ll send the template!
I’m planning to choose the best answer on the 30th of March, so make sure to send your suggestions!