Final Project You are a security architect consultant. Your client is a medical practice that has four small offices in West Virginia. Currently, each office has its own physical network that includes...

1 answer below »

Final Project

You are a security architect consultant. Your client is a medical practice that has four small offices in West Virginia. Currently, each office has its own physical network that includes the following:

4 – workstations (three doctors and one administrative assistant)

1 – Database server for patient records.

1 – Windows server used for active directory.

1 - Windows server used for Microsoft Exchange.

1 - Firewall at the edge.

1 - Physical VPN endpoint for external access to.





The clinic also has their corporate website hosted at GoDaddy with a patient login area that queries the databases depending on which office the patient sees.

The offices currently do not have dedicated connections to each other, exchange patient records, etc. Staff is becoming frustrated and the upkeep on all these physical systems is too much work, too expensive, and overkill for the size medical practice they are.

This design and its frustrations are duplicated in each of the practice's small offices. Management wants to consolidate their network and "move to the cloud" to simplify things and increase efficiency and is very worried about the security of their client records.





You have been hired as a consultant to develop the security architecture for a cloud deployment using AWS that decommissions many of the physical systems being used at each location. The client wants the following:

Website hosting moved to AWS.

Back-end centralized patient database that is shared among all the offices and secured.

Migration to O365 for the clinic's productivity suite (Email, OneDrive, Sharepoint etc. etc.)

Cloud-based MS active directory

Secure remote access to clinic workstations and the AWS environment

Security considerations tackled such as security monitoring, alerting, logging etc. along with security best-practices put in place.


Develop a security architecture that addresses the above components.

Some things to think about when approaching this:

Access control and authentication:

Public facing area

Authenticated access for registered patients using MFA

Multi-Factor authentication for employees and administrators

Cloud-based active directory using Azure AD.

Being able to securely connect remotely to clinic workstations and the AWS environment.

Network Security

Monitoring and testing

Logging as many things as you can in a centralized place

Encrypted communications both at rest and in transit

Protection of customer records and HIPAA requirements.

Efficiency

Absolute minimization of physical hardware at offices

Approach with a "cloud-first" frame of mind meaning that migration to the cloud is the most important thing for the client

No hosted applications to worry about

Don't discount the use of managed service providers where you think it's necessary

Deliverables:

A network diagram of your design that is detailed (stressing detailed here!). Lucidchart has a free tier account. A helpful blog post is here - https://www.lucidchart.com/blog/how-to-build-aws-architecture-diagrams but there are other services for this also and plenty of examples and ideas online via research. I also highly recommend draw.io and you can download AWS icons here - https://aws.amazon.com/architecture/icons/. Cloudcraft.co is also a neat website.

A security technical implementation guide (STIG) on how to deploy this. Remember, you're not actually doing the work, you're just designing and providing guidance/recommendations.

You can design this any way you would like. This is meant to concisely describe your design and how to achieve it. Think of this as a playbook for the IT team to take and do implementation with.

There is no right or wrong way to produce a STIG document, and many you see online will be very concise checklists (as seen here) while others have more "meat" in them (as seen here). Choose the method that has more meat and detail in it, rather than a checklist.

Title Page - containing the following at a minimum: Title, Authors, Institution Name, Class number, Date

APA format

I will leave the length up to you, but please keep in mind that this should be detailed and well thought out. What you design in your diagram should be fully explained in your STIG.





Format requirements:

1. APA 7th edition format on all submissions

2. Title page with your name, class, and assignment

3. Minimum of three pages of content double-spaced using Microsoft Word. This is NOT including your title page or references pages.

4. References page.

5. Be advised, DO NOT plagiarize. Plagiarism will result in a zero grade and no re-do option.
Answered Same DayAug 11, 2022

Answer To: Final Project You are a security architect consultant. Your client is a medical practice that has...

Shubham answered on Aug 11 2022
70 Votes
SECURITY TECHNICAL IMPLEMENTATION GUIDE
Authors:
Institution Name:
Class number:
Date:
Network diagram
Figure 1: Network Diagram
A network diagram provides
a visual representation of the telecommunication network. This shows components that are made up of a network and it interacts with devices, routers, firewalls, and hubs. It depends on the purpose and scope of development of a network diagram that contains a lot of details for providing a broad overview of the network. In the current scenario, there are four workstations, one database server, one Windows Server that is used for active directory, and a Windows Server that is used for Microsoft exchange of Firewall and a physical VPN and point for external accessing (Sengupta et al. 2020). The deployment of resources to the cloud requires analysis of several aspects and sources that are needed for moving sensitive information. this requires an understanding of the cloud service providers for data storage and transfer into and out of the cloud system. It provides boundaries between different service models and shows functional units.
Security technical implementation guide
A network security plan provides the strategy that can help in defining techniques and approaches that are used to protection of the network from unauthorized users. It provides approaches that are used by the organization and it consists of the creation of procedures and policies that can help in describing intent for meeting security requirements for the system. The security plan provides documentation that requires maintenance and review at a specific interval that can help in...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here