www.tech-sec.weebly.

com Jose Reyes, Vicente Limon & Brian Baba

VISITING NURSE ASSOCIATION & HOSPICE

TECH-SEC was founded in 2007 by three novice network engineers, graduated from ITT Technical Institute in San Bernardino California, the company was founded with the motivation of creating a more secure IT environment to companies with low budget. TECH-SEC focuses on vulnerability research and exploitation, network and application security testing, vulnerability assessments, network reviews, and penetration tests.
TECHSEC

The risk of losing patients information due to poor security measures has created a need for a more efficient way of attending to protection of personally identifiable information needs in the form of antivirus applications along with state of the art security barriers. This report examines the viability of integrating such a solution into the existing network. A modeling and simulation tool was utilized to evaluate the how well the existing network is meeting Healthcare Nurses Associations current needs and how well it would be able to accommodate future business demands and future growth. The new system upgrade would be the heart of the new consolidated security network infrastructure. The system network would streamline the way patient information will be expedited and processed and enhance the security protection.

 TECH-SEC will provide Security Assessment, Penetration and Source Code Review of VNA Hospice. This includes both buildings and networking devices, services and users. This is not limited to third parties or guests. They will also be added to it to provide the best assessment of security and provide solutions to real world problems.

Outdated Hardware Outdated Software Missing Policies Access Controls Monitoring Network Mobile Devices Out of Network. Backup location Users

 Upgrade Hardware & Devices with new efficient technology. Create & Implement new policies with detailed information that covers gaps found. Redefine Access Controls & Access Control Policy with missing information. Implement a Monitoring System into the network. Implement Backup System & Backup Facility. Provide Security Awareness Training to all

 Compliance
Loss of certification (HIPPA, PCIDSS, )

Data breach
Client information expose, lost of reputation, loss of compliance, Investigation

Legal liability
Law suits, monetary settlements

Financial liability
Costs of courts, cost of investigation, cost of mitigation.

Reputation
Lost reputation, lost of clients, uncertain future

Lost of clients
Lost of financial income, lost of recommendations, lawsuits.

 Policy creation and implementation

DCP, AUP, DRP, RAP, ACP

Mobile hardware implementation

Tablets,

Policy training lessons

Security awareness training

Network infrastructure
Secure rooms, access control

Hardware upgrade

Business continuity plan

Software upgrades

Upgrade workstations, DRP, servers, routers, firewalls, AP Backup solution wireless, repeaters Cloud backup solutions Workstation OS, Servers OS,

Hardware:
Dell WYSE C90LEW Dell Venue 11 Pro 5130 LTE Dell SonicWALL E-Class SRA EX6000 Dell Force10, S25V ARP Uninterrupted Power Supplies

Refer to Hardware Section on RTP.

Software:

Microsoft Office 2010 Terminal Server Licenses Windows 8 for Tablets Apache Linux for Web Server Windows Server 2008 Enterprise Microsoft Outlook

 Hardware
Three simultaneous phases Removal Installation Training

Software
Same procedure as hardware Installation Training Follow up & tracking of progress

Services: Surveillance system

Network monitor system Cloud base storage video

Access cards and passwords

Card inventory records, entry logs

Entrance documentation (service man, visitors)

Security surveillance monitor, log record

Guards
Main entrance

Manual locks
Inventory control of all locks

Thank You! Questions?