Hi, We are a human rights NGO that is looking to invest in the best possible level of network security (protection from high-level cyber-security threats, changing circumvention/proxy to protect IP address etc, encryption on endpoints and server, IDS/Physical and Software Firewall/File Integrity Monitoring, Mobile Device Management, Honeypots) we can get for a our internal network. I was wondering if people would critique the following network, add comments, suggestions and alternative methods/pieces of software. (Perhaps if it goes well we could make a short paper out of it, for others to use.)
-Windows 2012 Server -VMWare virtual machines running Win 8 for remote access -Industry standard hardening and lock down of all OS systems. -Constantly changing proxies -PGP email with BES -Cryptocard tokens -Sophos Enterprise Protection, Encryption and Patch management -Sophos mobile management -Encrypted voice calls for mobile and a more secure alternative to Skype via Silent Circle. -TrueCrypt on all drives - set to close without use after a specific time -Easily controlled kill commands -False and poison pill files -Snort IDS -Honeypots -Tripwire -Cisco Network Appliance -No wifi -Strong physical protection in a liberal country as regards human rights I know there are many other factors, good training, constant monitoring, avoiding spearfishing, penetration testing, etc but if possible I would please like to keep the conversation on the network design and software. Thanks guys. -Anon -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
