General Security Plan for Richman Investments

The SSCP (Systems Security Certified Practitioner) consists of the following seven domains:
1. Access Controls – policies, standards and procedures that define who users are, what they can do, which resources and information they can access, and what operations they can perform on a system.
• Software - PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful guest management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
2. Security Operations and Administration – identification of information assets and documentation of policies, standards, procedures and guidelines that ensure confidentiality, integrity and availability.
• Software - Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network.
• AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats (e.g. dump and/or GNU tar) and can back up a large number of servers and workstations
3. Monitoring and Analysis – determining system implementation and access in accordance with defined IT criteria. Collecting information for identification of, and response to, security breaches or events.
• Software - Spiceworks, a free network monitoring software with network management tools, help desk ticketing app, network mapper and more. The