The multiple subnets will allow for separation of the network. Using subnets, the pones will getquality of service (OAS), which will give them bandwidth priority to reduce the chance of adropped call. Subnets allowed for the separation of the developer network, employee network,and guest network. Finally, the team will incorporate multiple hardware unified threatmanagement (UTM) devices. The UTM’s allow for scanning of all traffic before it enters from
20NETWORK SECURITY PLAN FOR A MEDICAL RECORD ORGANIZATIONan external source and when it is coming from an internal source on a separate subnet. Themultiple UTM’s significantly reduces the risk associated with insider threats, by directlyreducing the aforementioned threats ability to damage equipment. Utilizing subnets inconjunction with the UTM’s also has the added convenience of allowing all persons on thenetwork to access all resources on the network, while simultaneously giving admin the ability torestrict said access. The subnets are broken down using large groups of usable IP address, thiswill be done to allow for potential growth in the future. Subnet TableDevicesSubnet addressAddressesUseable IPsPersonal Employees192.168.128.0/18192.168.128.0 -192.168.191.255192.168.128.1 -192.168.191.254Guest192.168.192.0/18192.168.192.0 -192.168.255.255192.168.192.1 -192.168.255.254Organization Dev Machines192.168.0.0/19192.168.0.0 -192.168.31.255192.168.0.1 -192.168.31.254Exec Machines192.168.32.0/19192.168.32.0 -192.168.63.255192.168.32.1 -192.168.63.254Help DeskMachines192.168.64.0/19192.168.64.0 -192.168.95.255192.168.64.1 -192.168.95.254Servers192.168.96.0/20192.168.96.0 -192.168.111.255192.168.96.1 -192.168.111.254Phones192.168.112.0/20192.168.112.0 -192.168.127.255192.168.112.1 -192.168.127.254
21NETWORK SECURITY PLAN FOR A MEDICAL RECORD ORGANIZATIONLogical and Physical DiagramsSource: (Paquet, 2013)3.8 Security PolicyIn any IT infrastructure one of the most important implementations, is a comprehensive securitypolicy for the network. There are several goals that a security policy must achieve but theultimate goal is to add to the networks confidentiality, integrity, and availability. The securitypolicy will define what a user is allowed and not allowed to do on the network. The securitypolicy will also define what can be connected to the network, password requirements, how tohandle external/ temporary users, how access is granted, and how to handle a terminated orexiting employees network access. Finally, the security policy defines procedures for approvingnew applications for use on the network, and threat prevention methods. The security policy iswhat users and administrators utilize as guidance when there are question regarding the network.It is important that an organization understands the security policy is a living document, this
22NETWORK SECURITY PLAN FOR A MEDICAL RECORD ORGANIZATIONmeans that the security policy is a document that will need to be consistently updated andreviewed to help mitigate complacency in the origination in regard to its surety posture. The CIOusually is the owner of the security policy and prior to any changes going into effect is oftenrequired to authorize said changes.