JEM NETWORKING INC. XYZ Hospital Network Design Medical Facility Network Proposal Mr. Jonathan Kight - Mr. Jeffery Barkiewicz - Mr. Evan Machnic Mr. Matthew Kennedy - Mr. Jonathan McCaughan - Group N 11/20/2008 EXECUTIVE SUMMARY JEM Networking is a professional consulting firm that delivers well thought out business plans based on statistics, research, and organization. JEM Networking proposes that our company (herein known as XYZ Hospital) should take the following five critical points into consideration: A network planned and built around redundancy should be implemented for facilitating XYZ Hospital’s needs and tasks. A network that is easy to use, manipulate, and troubleshoot should be adopted. As far as hardware it is XYZ Hospital’s best interest to disregard cost due to the nature of the business. However, JEM Networking will only supply the highest standards of price to quality products ratio. All policies should govern the network to keep it secure, efficient, and productive. A disaster recovery plan should be implemented in order to prepare for lost data, uncontrollable disasters, and hardware failure. By implementing these changes within XYZ Hospital’s business environment, the company will better facilitate its employees, patients, and hardware. This will provoke a more productive and fluent flow of data which will allow the company to become more efficient. With a network developed around redundancy XYZ Hospital will have a close to zero percent of point failure. Many backup plans have been implemented in order to keep a 99.9% uptime for defense against many various uncontrollable situations that may occur on a daily basis. We understand what our affiliates do and make it our goal to specify customized plans for each project. This network will also be very simple to manipulate and change as growth and expansion of XYZ Hospital begins to play its role. It should also be noted that JEM Networking takes a pride in its research of perfect solutions to business needs. We incorporate the closest attention to detail and only suggest the best product based on quality for our companies services. The same can be said for our policies which we construct and develop around our customized networks. After gathering information about various products and services, as well as XYZ Hospital’s business plan and layout, JEM Networking has the following proposal and policies prepared to enhance connectivity, organization, and overall productivity… Page 1 ORGANIZATION LAYOUT Currently, the hospital facilities do not meet the requirements of modern network standards. Due to the tremendous risk involved with hospital needs of connectivity and maintenance, the current network that XYZ Hospital has implemented will be cut off and completely revamped. JEM has prepared a new layout of logical and physical topologies that will fulfill the hospital’s need of 99.9% connection uptime, full scale office range, security, and back-up capability. The current setup of XYZ Hospital consists of a one story datacenter and a four story fully operational hospital. The office contains two-hundred and twenty-five users, twenty-five of which who are wired. The wired users are made up of the Director, the Chief Medical Officer, three doctors that rotate in eight hour shifts, HR, Billing, Accounting, IT, Public Outreach, Medical Supplies, Medical Records, Counseling, an Office Manager, Receptionist and other various support personnel. Together these make up all of the staff that work and collaborate together to operate XYZ Hospital’s datacenter and hospital building. The network starts off with two server boxes that will be located within the datacenter across the street from the hospital. Both servers will run at all times, one as the primary server and the other as a backup. The second server which acts as a backup will thoroughly copy everything within the network every weekend, as well as store files that have been manipulated after a day’s work through Differentiation. The second server will also be available to kick in and take over the task of primary server if the first server ever fails for any reason. This setup will allow XYZ Hospital to have high hardware failure tolerance which will in the end make server or network downtime non-existent. These two servers will connect to DATA-Switch 1, which are connected to DATARouter1. DATA-Router1 is hardwired to a trunk line form of the Internet and to DATAP2PWAP. Through the internet, the datacenter will allow its information to be accessed by the hospital facility via Virtual Private Networking (VPN). The VPN allows DATA-Router1 to connect to MAIN-Router1, which is located in the hospital and is also hooked up to a trunk line form of the Internet. It should be noted MAIN-Router1 is connected to MAIN-P2PWAP as well, which will allow the DATA and MAIN-Routers to connect to each other if the Internet connectivity ever fails, thus giving XYZ Hospital a high tolerance for connection failure. Furthermore, MAIN-Router is connected to MAIN-Switch1, 2, 3, and 4, which are located on all four floors in correlation with their numbered names. This means each floor of XYZ Hospital’s care center will contain a switch for easy wire running, maintenance, and port allocation. Each floor will also contain five Wireless Access Points (WAPs) which are hardwired into the switches of their respected floors. The naming of these WAPs will be consistent with the floors, MAIN-WAP1A, B, C, D, and E for the first floor, MAIN-WAP2A, B, C, D, and E for the second floor, etc. The hard wired devices such as workstations, computers, printers, and others will be connected their floor’s respected switch as well. (See Datagram 1.1 and 1.2) Page 2 With this network setup XYZ Hospital will have a star topology with easy failure justification, troubleshooting, and efficiency. The main network of the facility will function through the Internet VPN, allowing personnel to access the hospital’s network offsite and conduct project file collaboration. The direct connection P2P WAP will serve simply as a backup that will only be turned on if the Internet connection fails for any reason. With this information flow, XYZ Hospital will be more efficient, productive, and have zero connection failure or time loss. Page 3 HARDWARE AND WIRING The following are the proposed hardware and network wiring configurations that JEM finds will suffice XYZ Hospital’s needs… The server is a very important element of a business’s network; it is the sole brain and computing device that dictates the information flow of the network. Therefore, it is very important to XYZ Hospital’s interest that they use top of the line servers. A trustworthy manufacturer with a good warranty that can support their hardware at any given time is a need in the medical field. JEM has decided to go with an IBM brand server to support XYZ Hospital’s new network based on their reputation, services, and high standard products. The model JEM has chosen is the IBM System x3350 based on its efficient infrastructure, quick task completion, and high reviews. After contacting IBM, they recommended this system because it will fulfill all of XYZ Hospital’s requirements of server needs. This hardware features “Go-Green” technology which allows for utility savings and energy efficiency, room for growth, security, and the newest system management tools. Both the primary and backup servers, ALPHA and BRAVO, will be of this hardware specification. It should also be noted that both servers will run Windows Server 2003 for easy workstation and device calibration. Server Specification Data Table 1.1: Page 4 When looking for a provider of routing and switching devices, one can trust no one more than Cisco Networking Systems. They provide the best in device warranties, support, price, durability, and function. Their systems are known worldwide and would serve well under XYZ Hospital’s command. Their networking infrastructures are superior technologies that integrate all network devices and operating standards together. XYZ Hospital needs a total of two P2P WAP routers, two Internet connectivity routers, twenty WAP routers, and five total switches. The models of Cisco devices JEM has decided to go with are Basic 5GHz Complete Wireless Bridge Kit (1/2 mile LOS) for the P2P WAP, two Linksys 4 Port Gigabit Security Router with VPN RVS4000 for the Internet/VPN connection, 24 Port 10/100btx 2- GBIC Ports DC-Pwrd STD Multilayer SW for the multiple switches needs, and Linksys Wireless-G Exterior Access Points for the WAPs required throughout the network. All of these devices allow room for expansion, multiple device connectivity with ease, and simple troubleshooting. These are all top of the line and come with full warranties and support. XYZ Hospital has the need for twenty-five workstations for the various wired users, as well as the need for two-hundred laptops. JEM has decided to go with Dell workstations for the network environment based on their low costs, reliability, and superior tech support. If a Dell computer ever fails under warranty, Dell will send out a representative to fix the problem as soon as possible, which is highly valuable in the high risk hospital environment. The model JEM has decided to go with is the Dell precision T3400. Workstation Table 1.1: Hardware Processor: Operating System: Warranty & Services: Video Card: Chassis Configuration: Memory: Optical Drive: Hard Drive: Monitor File System: System Documentation: Specification Intel™ Core®2 Quad Q6600 (2.40GHz/1066MHz/2X4MB L2) 375W Genuine Windows XP 3 Year Warranty and 3 Year NBD On-Site 256MB PCIe x16 nVidia Quadro FX570, Dual Monitor DVI Capable Mini-Tower Chassis Configuration 2GB, 667MHz, DDR2 SDRAM Memory, NECC (2 DIMMS) 16X DVD+/-RW w/ Cyberlink PowerDVD™ and Roxio Creator™ Dell Ed 80GB SATA 3.0Gb/s with NCQ and 8MB DataBurst Cache™ Dell 19 inch™ E1909W Widescreen Flat Panel NTFS File System Resource DVD - contains Diagnostics and Drivers As far as XYZ Hospital’s need for cabling, the network will need over 5, 500 feet of total cable that will allow little to no interference, and must have the durability to withstand the test of time of data flow and ever changing environment conditions. XYZ Hospital has zero tolerance for connectivity failure due to the high risk operations involved, so JEM has decided to utilize 24 Page 5 gauge shielded CAT6. Having shielded cabling will cut out interference of all other radio frequencies and disturbances throughout the hospital environment. The final hardware and devices that XYZ Hospital should be concerned with purchasing for the network infrastructure are disaster recovery devices. All of the workstations, servers, and important devices will need backup batteries to support the systems for a short period of down time for events such as power flickers or outages. The CyberPower Cp600LCD 340W backup utilities will fit this job well due to their long battery life and cheap price. Also, since power failure could be a life threatening situation, JEM suggests the purchase of a backup generator capable of powering the hospital facilities for a long amount of time. This will allow a large window of time for the fixing of the power or for management and staff to organize an evacuation. The Elite 100 kW Generator by Guardian is a reliable, quick, efficient, and well supported product that will keep the XYZ Hospital facilities fully functional during a power crisis. BUDGET The following is the budget of the hardware and devices that JEM proposes to implement within XYZ Hospital’s facilities… Budget Table 1.1: Quantity of Items x2 x30 x1 x6 x1 x20 x25 x5 x4 x200 Hardware/Devices IBM x3350 Server CyberPower Cp600LCD 340W Guardian Elite 100 kW Generator 1000ft Shielded CAT6 Cable Basic 5GHz Complete Wireless Bridge Kit (1/2 mile LOS) The Linksys Wireless-G Exterior Access Point Dell Precision T3400 Cisco 24 Port 10/100btx 2GBIC Ports DC-Pwrd STD Multilayer SW Linksys 4 Port Gigabit Security Router with VPN RVS4000 Laptops Total: Page 6 Price $5500 Each $30 Each $18,800 Each $170 Each $1000 Each $500 Each $1020 Each $3200 Each $160 Each Company Asset $84,860 IP INFORMATION The following specified information is in regards to XYZ Hospital’s new network infrastructure IP addresses… JEM has decided to go with a Class B IP address, 172.16.0.1, due to the fact that a class C may not contain enough hosts for all of the connected clients. A Class C will only allow up to a maximum of 254 total available hosts for the network, therefore JEM proposes the use of a Class B to allow 510 available hosts on one network. XYZ Hospital’s network will use this Class B IP and internal NAT subnetting to communicate the network designated IPs to the global network IPs, 90.44.22.5 and 90.44.22.6. IP: Class B - 172.16.0.1 Subnet Mask: 255.255.254.0 Total Available Hosts: 510 Network Address: 172.16.0.0 Range: 172.16.0.1 - 172.16.1.254 Broadcast: 172.16.1.255 Designated IP Table 1.1: DATA-RouterA: 90.44.22.5 MAIN-RouterA: 90.44.22.6 ALPHA (Primary Server): 172.16.0.1 BRAVO (Backup Server): 172.16.0.2 DATA-Switch1: 172.16.0.3 MAIN-Switch1: 172.16.0.4 MAIN-Switch2: 172.16.0.5 MAIN-Switch3: 172.16.0.6 MAIN-Switch4: 172.16.0.7 DATA-P2PWAP: 172.16.0.8 MAIN-P2PWAP: 172.16.0.9 MAIN-WAP1A: 172.16.0.10 MAIN-WAP1B: 172.16.0.11 MAIN-WAP1C: 172.16.0.12 MAIN-WAP1D: 172.16.0.13 MAIN-WAP1E: 172.16.0.14 MAIN-WAP2A: 172.16.0.15 MAIN-WAP2B: 172.16.0.16 MAIN-WAP2C: 172.16.0.17 MAIN-WAP2D: 172.16.0.18 MAIN-WAP2E: 172.16.0.19 MAIN-WAP3A: 172.16.0.20 MAIN-WAP3B: 172.16.0.21 MAIN-WAP3C: 172.16.0.22 MAIN-WAP3D: 172.16.0.23 MAIN-WAP3E: 172.16.0.24 MAIN-WAP4A: 172.16.0.25 MAIN-WAP4B: 172.16.0.26 MAIN-WAP4C: 172.16.0.27 MAIN-WAP4D: 172.16.0.28 MAIN-WAP4E: 172.16.0.29 Filing System: 172.16.0.30 DHCP: 172.16.0.31 Exchange Server: 172.16.0.32 DATAPRINTER1: 172.16.0.33 MAINPRINTER1: 172.16.0.34 MAINPRINTER2: 172.16.0.35 MAINPRINTER3: 172.16.0.36 MAINPRINTER4: 172.16.0.37 The rest of the IPs, ranging from 172.16.0.37 to 172.16.1.254, will allow up to four hundred and seventy-three dynamic IPs left for connecting hosts on the network for use. These will be designated to the two hundred wireless users, twenty-five wired workstations, and other devices connected to the network. Page 7 NETWORK POLICIES The following are the guidelines and policies pertaining to XYZ Hospital’s network that JEM believes fit to keep consistent integrity throughout the workspace… Email Policy 1.0 Purpose The purpose is to prevent tarnishing of the public image of XYZ Hospital. When email goes out from XYZ Hospital, the general public will tend to view that message as an official policy statement from the XYZ Hospital. 2.0 Scope This policy covers appropriate use of any email sent from an XYZ Hospital email address and applies to all employees, vendors, and agents operating on behalf of XYZ Hospital. 3.0 Policy 3.1 Prohibited Use. The XYZ Hospital email system shall not to be used for the creation or distribution of any disruptive or offensive messages, including offensive comments about race, gender, hair color, disabilities, age, sexual orientation, pornography, religious beliefs and practice, political beliefs, or national origin. Employees who receive any emails with this content from any XYZ Hospital employee should report the matter to their supervisor immediately. 3.2 Personal Use. Using a reasonable amount of XYZ Hospital resources for personal emails is acceptable, but non-work related email shall be saved in a separate folder from work related email. Sending chain letters or joke emails from an XYZ Hospital email account is prohibited. Virus or other malware warnings and mass mailings from XYZ Hospital shall be approved by XYZ Hospital VP Operations before sending. These restrictions also apply to the forwarding of mail received by an XYZ Hospital employee. 3.3 Monitoring XYZ Hospital employees shall have no expectation of privacy in anything they store, send or receive on the company’s email system. XYZ Hospital may monitor messages without prior notice, but is not obliged to monitor email messages. 3.4 Automatic Forwarding Employees must exercise utmost caution when sending any email from inside XYZ Hospital to an outside network. Unless approved by an employee's manager, XYZ Hospital email will not be automatically forwarded to an external destination. Sensitive information will not be forwarded via any means, unless that email is critical to business and is encrypted in accordance with the Acceptable Encryption Policy. 4.0 Enforcement Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Page 8 5.0 Definitions Email - The electronic transmission of information through a mail protocol. SMTP or IMAP - Typical email clients include Eudora and Microsoft Outlook. Forwarded Email - Email resent from an internal network to an outside point. Chain Email or Letter - Email sent to successive people. Typically the body of the note has direction to send out multiple copies of the note and promises good luck or money if the direction is followed. Sensitive Information - Information is considered sensitive if it can be damaging to XYZ Hospital or its customers' reputation or market standing. Virus Warning - Email containing warnings about virus or malware. The overwhelming majority of these emails turn out to be a hoax and contain bogus information usually intent only on frightening or misleading users. Unauthorized Disclosure - The intentional or unintentional revealing of restricted information to people, both inside and outside XYZ Hospital, who do not have a need to know that information. Internet Equipment Policy 1.0 Purpose The purpose of this policy is to define standards to be met by all equipment owned and/or operated by XYZ Hospital. These standards are designed to minimize the potential exposure to XYZ Hospital from the loss of sensitive or company confidential data, intellectual property, damage to public image etc., which may follow from unauthorized use of XYZ Hospital resources. The policy defines the following standards: Ownership responsibility Secure configuration requirements Operational requirements Change control requirement 2.0 Scope All equipment or devices owned and/or operated by XYZ Hospital (including hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by XYZ Hospital, must follow this policy. This policy also covers any host device outsourced or hosted at external/third-party service providers, if that equipment resides in the "XYZHospital.com" domain or appears to be owned by XYZ Hospital. All new equipment which falls under the scope of this policy must be configured according to the referenced configuration documents, unless a waiver is obtained from InfoSec. All existing and future equipment deployed on XYZ Hospital's un-trusted networks must comply with this policy. 3.0 Policy 3.1. Ownership and Responsibilities Equipment and applications within the scope of this policy must be administered by support groups approved by InfoSec for system, application, and/or network management. Support groups will be responsible for the following: Equipment must be documented in the corporate wide enterprise management system. At a minimum, the following information is required: o Host contacts and location. o Hardware and operating system/version. o Main functions and applications. Page 9 o Password groups for privileged passwords. Network interfaces must have appropriate Domain Name Server records (minimum of A and PTR records). Password groups must be maintained in accordance with the corporate wide password management system/process. Immediate access to equipment and system logs must be granted to members of InfoSec upon demand, per the Audit Policy. Changes to existing equipment and deployment of new equipment must follow and corporate governess or change management processes/procedures. To verify compliance with this policy, InfoSec will periodically audit equipment per the Audit Policy. 3.2. General Configuration Policy All equipment must comply with the following configuration policy: Hardware, operating systems, services and applications must be approved by InfoSec as part of the pre-deployment review phase. o Operating system configuration must be done according to the secure host and router installation and configuration standards. All patches/hot-fixes recommended by the equipment vendor and InfoSec must be installed. This applies to all services installed, even though those services may be temporarily or permanently disabled. Administrative owner groups must have processes in place to stay current on appropriate patches/hotfixes. Services and applications not serving business requirements must be disabled. Trust relationships between systems may only be introduced according to business requirements, must be documented, and must be approved by InfoSec. Services and applications not for general access must be restricted by access control lists. Insecure services or protocols (as determined by InfoSec) must be replaced with more secure equivalents whenever such exist. Remote administration must be performed over secure channels (e.g., encrypted network connections using SSH or IPSEC) or console access independent from the networks. Where a methodology for secure channel connections is not available, one-time passwords (DES/SofToken) must be used for all access levels. All host content updates must occur over secure channels. Security-related events must be logged and audit trails saved to InfoSec-approved logs. Security related events include (but are not limited to) the following: o User login failures. o Failure to obtain privileged access. o Access policy violations. InfoSec will address non-compliance waiver requests on a case-by-case basis and approve waivers if justified. 3.3. New Installations and Change Management Procedures All new installations and changes to the configuration of existing equipment and applications must follow the following policies/procedures: Configuration changes must follow the Corporate Change Management (CM) Procedures. InfoSec must be invited to perform system/application audits prior to the deployment of new services. Page 10 InfoSec must be engaged, either directly or via CM, to approve all new deployments and configuration changes. 3.4. Equipment Outsourced to External Service Providers The responsibility for the security of the equipment deployed by external service providers must be clarified in the contract with the service provider and security contacts, and escalation procedures documented. Contracting departments are responsible for third party compliance with this policy. 4.0 Enforcement Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. External service providers found to have violated this policy may be subject to financial penalties, up to and including termination of contract. 5.0 Definitions Terms Definitions Secure Channel - Out-of-band console management or channels using strong encryption according to the Acceptable Encryption Policy. Non-encrypted channels must use strong user authentication (onetime passwords). Un-Trusted Network - Any network firewalled off from the corporate network to avoid impairment of production resources from irregular network traffic (lab networks), unauthorized access (partner networks, the Internet etc.), or anything else identified as a potential threat to those resources. XYZ Hospital Computer Network and Internet Access Policy 1.0 Disclaimer The Internet is a worldwide network of computers that contains millions of pages of information. Users are cautioned that many of these pages include offensive, sexually explicit, and inappropriate material. In general, it is difficult to avoid at least some contact with this material while using the lnternet. Even innocuous search requests may lead to sites with highly offensive content. Additionally, having an email address on the lnternet may lead to receipt of unsolicited e-mail containing offensive content. Users accessing the lnternet do so at their own risk and the XYZ Hospital is not responsible for material viewed or downloaded by users from the Internet. To minimize these risks, your use of the Internet at XYZ Hospital is governed by the following policy: 2.0 Permitted Use of Internet and Company Computer Network The computer network is the property of XYZ Hospital ("Company") and may only be used for legitimate business purposes. Users are provided access to the computer network to assist them in the performance of their jobs. Additionally, certain employees ("Users") may also be provided with access to the Internet through the computer network. All Users have a responsibility to use Company's computer resources and the Internet in a professional, lawful and ethical manner. Abuse of the computer network or the Internet, may result in disciplinary action, including possible termination, and civil and/or criminal liability. 3.0 Computer Network Use Limitations 3.1 Prohibited Uses. Without prior written permission from Company, the Company's computer network may not be used to disseminate, view or store commercial or personal advertisements, solicitations, promotions, destructive code (e.g., viruses, self-replicating programs, etc.), political material, pornographic text or images, or any other unauthorized materials. Employees may not use the Company's Internet Page 11 connection to download games or other entertainment software (including screen savers), or to play games over the Internet. Additionally, you may not use the computer network to display, store or send (by e-mail or any other any other form of electronic communication such as bulletin boards, chat rooms, Usenet groups, etc.) material that is fraudulent, harassing, embarrassing, sexually explicit, profane, obscene, intimidating, defamatory or otherwise inappropriate or unlawful. Furthermore, anyone receiving such materials should notify their supervisor immediately. 3.2 Illegal Copying. Users may not illegally copy material protected under copyright law or make that material available to others for copying. You are responsible for complying with copyright law and applicable licenses that may apply to software, files, graphics, documents, messages, and other material you wish to download or copy. You may not agree to a license or download any material for which a registration fee is charged without first obtaining the express written permission of the company. 3.3 Communication of Trade Secrets. Unless expressly authorized to do so, User is prohibited from sending, transmitting, or otherwise distributing proprietary information, data, trade secrets, or other confidential information belonging to Company. Unauthorized dissemination of such material may result in severe disciplinary action as well as substantial civil and criminal penalties under state and federal Economic Espionage laws. 4.0 Duty Not to Waste Computer Resources 4.1 Accessing the Internet. To ensure security and avoid the spread of viruses, Users accessing the Internet through a computer attached to Company's network must do so through an approved Internet firewall or other security device. Bypassing Company's computer network security by accessing the Internet directly by modem or other means is strictly prohibited unless the computer you are using is not connected to the Company's network. 4.2 Frivolous Use. Computer resources are not unlimited. Network bandwidth and storage capacity have finite limits, and all Users connected to the network have a responsibility to conserve these resources. As such, the User must not deliberately perform acts that waste computer resources or unfairly monopolize resources to the exclusion of others. These acts include, but are not limited to, sending mass mailings or chain letters, spending excessive amounts of time on the Internet, playing games, engaging in online chat groups, uploading or downloading large files, accessing streaming audio and/or video files, or otherwise creating unnecessary loads on network traffic associated with non-business-related uses of the Internet. 5.0 No Expectation of Privacy Employees are given computers and Internet access to assist them in the performance of their jobs. Employees should have no expectation of privacy in anything they create, store, send or receive using the company's computer equipment. The computer network is the property of the Company and may be used only for Company purposes. 5.1 Waiver of Privacy Rights. User expressly waives any right of privacy in anything they create, store, send or receive using the company's computer equipment or Internet access. User consents to allow company personnel access to Page 12 and review of all materials created, stored, sent or received by User through any Company network or Internet connection. 5.2 Monitoring of Computer Internet Usage. The Company has the right to monitor and log any and all aspects of its Computer system including, but not limited to, monitoring Internet sites visited by Users, monitoring chat and newsgroups, monitoring file downloads, and all communications sent and received by users. 6.0 Blocking Sites With Inappropriate Content. The Company has the right to utilize software that makes it possible to identify and block access to Internet sites containing sexually explicit or other material deemed inappropriate in the workplace. Guidelines on Anti-Virus Procedures Recommended procedures to prevent virus problems: Always run the corporate standard, supported anti-virus software is available from the corporate download site. Download and run the current version; download and install anti-virus software updates as they become available. NEVER open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Delete these attachments immediately, then "double delete" them by emptying your Trash. Delete spam, chain, and other junk email without forwarding, in with XYZ Hospital's Email Policy. Never download files from unknown or suspicious sources. Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so. Always scan a floppy diskette from an unknown source for viruses before using it. Back-up critical data and system configurations on a regular basis and store the data in a safe place. If lab testing conflicts with anti-virus software, run the anti-virus utility to ensure a clean machine, disable the software, and then run the lab test. After the lab test, enable the anti-virus software. When the anti-virus software is disabled, do not run any applications that could transfer a virus, e.g., email or file sharing. New viruses are discovered almost every day. Periodically check the Lab Anti-Virus Policy and this Recommended Processes list for updates. Wireless Communication Policy 1.0 Overview The purpose of this policy is to secure and protect the information assets owned by XYZ Hospital. XYZ Hospital provides computer devices, networks, and other electronic information systems to meet missions, goals, and initiatives. XYZ Hospital grants access to these resources as a privilege and must manage them responsibly to maintain the confidentiality, integrity, and availability of all information assets. This policy specifies the conditions that wireless infrastructure devices must satisfy to connect to XYZ Hospital network. Only those wireless infrastructure devices that meet the standards specified in this policy or are granted an exception by the Information Security Department are approved for connectivity to a XYZ Hospital network. Page 13 2.0 Scope All employees, contractors, consultants, temporary and other workers at XYZ Hospital, including all personnel affiliated with third parties that maintain a wireless infrastructure device on behalf of XYZ Hospital must adhere to this policy. This policy applies to all wireless infrastructure devices that connect to a XYZ Hospital network or reside on a XYZ Hospital site that provide wireless connectivity to endpoint devices including, but not limited to, laptops, desktops, cellular phones, and personal digital assistants (PDAs). This includes any form of wireless communication device capable of transmitting packet data. The Information Security Department must approve exceptions to this policy in advance. 3.0 Policy Statement 3.1 General Network Access Requirements All wireless infrastructure devices that reside at a XYZ Hospital site and connect to a XYZ Hospital network, or provide access to information classified as XYZ Hospital Confidential, XYZ Hospital Highly Confidential, or XYZ Hospital Restricted must: Be installed, supported, and maintained by a approved support team. Use XYZ Hospital approved authentication protocols and infrastructure. Use XYZ Hospital’s approved encryption protocols. Maintain a hardware address (MAC address) that can be registered and tracked. Not interfere with wireless access deployments maintained by other support organizations. 3.4 Home Wireless Device Requirements Wireless infrastructure devices that provide direct access to the XYZ Hospital corporate network, must conform to the Home Wireless Device Requirements as detailed in the Wireless Communication Standard. Wireless infrastructure devices that fail to conform to the Home Wireless Device Requirements must be installed in a manner that prohibits direct access to the XYZ Hospital corporate network. Access to the XYZ Hospital corporate network through this device must use standard remote access authentication. 4.0 Enforcement An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. A violation of this policy by a temporary worker, contractor or vendor may result in the termination of their contract or assignment with XYZ Hospital. 5.0 Definitions XYZ Hospital Network – A wired or wireless network, including indoor, outdoor, and alpha networks that provide connectivity to corporate services. Corporate Connectivity – A connection that provides access to an XYZ Hospital network. Information Assets – Information that is collected or produced and the underlying hardware, software, services, systems, and technology that is necessary for obtaining, storing, using, and securing that information which is recognized as important and valuable to an organization. MAC Address – The MAC address is a hardware number that uniquely identifies each node on a network and is required for every port or device that connects to the network Page 14 XYZ Hospital Naming Conventions 1.0 Overview The purpose of this policy is to ensure that network components are named with the same standards. XYZ Hospital has many different networking components and for the IT department to quickly and effectively diagnose problems, the components must have a naming convention so that IT employees can find them quickly. 2.0 Scope This policy mainly affects Information Technology Department personnel. Said employees must abide by all of XYZ Hospital's naming conventions. This policy applies to all network hardware including but not limited to servers, workstations, routers, WAPs, etc. 3.0 Policy 3.1 Server Conventions XYZ Hospital has two servers, the primary and the secondary. The primary server is named Alpha and the secondary is Bravo. 3.2 Component Conventions Components other than servers will be named using a hierarchy based on abbreviations starting with building, department, component type and number. For example, the first workstation in human resources would be named as such: MAINHRWS1 (MAINHumanResourcesWorkStation1). 4.0 Definitions WAP – Wireless Access Point. These are used throughout the XYZ Hospital for the wireless network. Server – Computer that serves files and services to the hospital's network. Page 15 SECURITY POLICIES XYZ Hospital provides a wide variety of IT resources, including computers, networks, software, computer accounts, and wireless devices, for use by their staff. These resources are administered by the Computer Operations department, and they are intended for the legitimate business of the XYZ Hospital. Appropriate business use of IT resources includes instruction, research, and the official work of the offices, departments, and other agencies. In recognition of the World Wide Web as an important communication medium and facilities encourages its use as a means of supporting and fulfilling the mission and official work of XYZ Hospital. It is critical that technology systems maintain adequate security and we safeguard the confidentiality of data. The following are the guidelines and policies pertaining to the security of XYZ Hospital’s network that JEM believes will keep all malicious activity non-existent… Scope This policy applies to all XYZ Hospital personnel who administer, manage, maintain, or use XYZ Hospital’s IT resources, their supervisors, and their unit administrators. It applies to all locations of those resources, whether on site or from remote locations. Objective This policy statement is intended to support appropriate and effective use of information technology (IT) resources at the XYZ Hospital, while providing guidelines for allowable use. 1.0 User Account Access 1.1 Scope This outlines individual responsibilities concerning the legal and ethical use of XYZ Hospital’s computer systems, network resources, and electronic information. By definition, all XYZ Hospital’s information technology resources, including computer hardware, software, data, and physical and network infrastructure, as well as all personally owned devices connecting to these resources, fall within the intent of this policy. 1.2 Access 1.2.1: Accounts are to be made only by management 1.2.2: No user is to create, modify, execute or retransmit any computer program or instructions to gain unauthorized access to the XYZ Hospital. 1.2.3: Personal devices are not to be used to spy on activities of others is strictly forbidden. 1.2.4: Attempts to degrade the performance of the XYZ Hospital’s technology systems are prohibited. 1.2.5: Users are to refrain from controlling systems, overloading networks with excessive data, disk space and other information technology resources. 2.0 Password Requirements 2.1 Scope This includes all personnel who have or are responsible for an account or any form of access that supports or requires a password on any system that resides at any XYZ Hospital facility, has access to the XYZ Hospital network, or stores any non-public XYZ Hospital information. Page 16 2.2 Guidelines for Strong Passwords Creating Strong Passwords: 2.2.1: Passwords must contain both upper and lower case characters. 2.2.2: Passwords must be at least 14 characters long. 2.2.3: Passwords must contain a combination of numbers, letters and symbols. 2.2.4: Passwords cannot be a word in any dictionary. 2.2.5: Passwords must be changed every 90 days. 2.2.6: Passwords cannot be based on personal information, names of family, or username. 2.2.7: Passwords are not to be written down, stored on-line or shared with anyone. 2.2.8: Passwords are not to be sent out through email messages or via phone or instant messaging. 3.0 Network Access 3.1 Network access is made available for the exclusive use of XYZ Hospital employees and other agencies. 3.2 To ensure the functionality, availability and security of XYZ Hospital technologies, personal devices may not interfere with XYZ Hospital provided services, functions or roles. 3.3 Employees may not use any technologies that serve to bypass controls for ingress to or egress from the network, nor may individuals extend network access beyond that which is provided by the XYZ Hospital. 4.0 Hardware Firewall 4.1 Scope All hardware devices must be used in compliance with the applicable licenses, notices, contracts and agreements. Firewalls are used to establish a secure environment for the XYZ Hospital’s computer and network resources and will filter traffic to mitigate risks and losses associated with security threats to the XYZ Hospital’s network and information systems. 4.2 Firewalls Security Services 4.2.1: Needs to be updated by the Administrator to apply patches and other security enhancements and stay current on new vulnerabilities and incidents. 4.2.2: Access control between the internal network and un-trusted networks. 4.2.3: Block unwanted traffic, while providing security that does not place and undue burden on authorized users. 4.2.4: Hide systems names, network topology, network device types, and internal user ID’s from the Internet. 4.2.5: Provide stronger authentication than standard applications. 4.2.6: Log conspicuous traffic to and from the XYZ Hospital’s internal network. 4.3 Firewall Logging 4.3.1: Configured to detect emergencies, such as system unusable messages 4.3.2: Detect alerts, critical conditions and error messages 4.3.3: Log and detect failed and multiple unsuccessful login attempts Page 17 5.0 Encryption 5.1 Purpose This is to make certain that encryption keys are securely managed. It’s imperative that they are created, stored, used and destroyed in the appropriate manner in all situations so critical and confidential information is protected from unauthorized persons. It is important that these keys be accorded the highest levels of security available and that staff and managers are aware of their responsibilities. 5.2 Scope This affects all users of computer systems and networks responsible for the management and use of encryption keys. 5.3 Use of Encryption Encryption must be used to encode data where the risk of loss through theft or interception is high, where there is the potential for a major security breach should that data get into the hands of unauthorized persons and where the loss of the data would have a major impact on XYZ Hospital's business. 6.0 Log Tracking 6.1 Log Retention 6.1.1: Network and system logs related to personally identifiable health information must be retained for 6 years, payment card, debit or credit transactions, must be retained for 1 year. 6.1.2: All other network and system logs will be retained for 90 days, which include: server operating system logs, email records, VoIP activity, internet usage monitoring software logs, remote access logs, network edge routers, database transactional, firewall logs, IDS software logs, software security monitoring/violation logs. 7.0 Risk Assessment 7.1 Actions 7.1.1: Risks to critical and sensitive administrative information resources must be managed. Such risks may relate to the physical security of computer and communications systems, the integrity of data maintained or transmitted within those systems, as well as to the stability and reliability of the associated application. 7.1.2: This provides an approved risk analysis program and methodology for accomplishing the assessment of risk to XYZ Hospital administrative information resources. Every 6 months. 7.1.3: The Information Security Manager (ISM) periodically performs a risk analysis of all critical and sensitive central comp1anies systems and data. These systems which process critical or sensitive information must periodically perform the risk analysis for those information resources. Risk Analysis and security measures apply to administrative systems developed and/or maintained by the ISM. 8.0 Departmental Security Coordinator 8.1 Purpose Analysis of trends and types of security incidents and breaches is important to the integrity of XYZ Hospital’s data management and computer security. All security incidents and breaches must be reported to data custodians for investigation and analysis. 8.2 Actions 8.2.1: Each department or major organizational unit must have a designated Departmental Security Page 18 Coordinator (DSC). The function of the DSC is to communicate and coordinate access to administrative systems for employees in that department. 8.3 Responsibilities 8.3.1: Teaching new employees the basics of terminal usage--signing on, changing passwords and locating keys. 8.3.2: Instructing new employees regarding data access, security and confidentiality and having them review the XYZ Hospital Data Access. 8.3.3: Impressing upon all users, new and existing, the necessity for preserving confidentiality of XYZ Hospital’s data. 8.3.4: Ensuring users periodically change their passwords. Especially, if they suspect someone else that might know it. 8.3.5: Encouraging users to sign-off their terminal anytime they leave it unattended, or activating a password protected screen saver. 9.0 Incident Reporting 9.1 Purpose Analysis of trends and types of security incidents and breaches is important to the integrity of XYZ Hospital data management and computer security. All security incidents and breaches must be reported to data custodians for investigation and analysis. 9.2 Actions 9.2.1: Each department or major organizational unit must have a designated Departmental Security Coordinator (DSC). The function of the DSC is to communicate and coordinate access to administrative systems for employees in their department as follows: 9.2.1.2: To request new user-ids or authorization for departmental employees to access On-line Administrative Systems files, the DSC should complete and sign the Request for On-line user-id and Administrative System Access form and mail to AIS. 9.2.1.3: Authorized file access can be granted only by the appropriate Application Security Manager (ASM). Each ASM will contact the DSC to discuss specific access and update authority to be granted users. 10.0 Administrator for Information Systems (AIS) 10.1 Responsibilities 10.1.1: Ensuring compliance with all Federal, State and XYZ Hospital regulations regarding security of computer files. 10.1.2: Approving and establishing user-ids, which define the user to the AIS Security System and forwarding the Access Form to the appropriate ASM(s). 10.1.3: Providing monthly, each DSC a current list of all user-ids in their department identifying the files each users can access and/or update 11.0 Documentation 11.1 Purpose The security risk to XYZ Hospital’s data is also related to the stability and reliability of the associated administrative systems and applications, which in turn, is related to the quality and accessibility of the technical documentation of those systems and applications. Page 19 11.2 Actions The level of detail required within such documentation is a function of the size, complexity and criticality of the system/application. System or application documentation should be viewed as "work in progress" and evolutionary, and thus must be constantly revised and updated throughout the life cycle of the system/application. 11.2.1: In keeping with paperwork reduction objectives, and to facilitate documentation currency, it is desirable that administrative system/application documentation, to the maximum degree possible, be maintained on-line. 11.2.2: Although no specific format can address all cases, documentation of critical and sensitive administrative systems and applications should, as a minimum, include: 11.2.2.1: Business case/analysis, or process description, 11.2.2.2: System description/design/architecture, 11.2.2.3: Data/database design and dictionary, 11.2.2.4: Programming logic, programmer notes, and 11.2.2.5: Operational procedures and help 12.0 Wireless Network Security 12.1 Purpose With the use of wireless communication brings security issues to XYZ Hospital, and wireless networks require an increase in cooperation and coordination to maximize the technology’s benefits to the employees of XYZ HOSPITAL This document sets forth the policies for using wireless technologies and assigns responsibilities for the deployment of wireless services and the administration of the wireless radio frequency spectrum in a distributed environment. 12.2 Scope This policy applies to all wireless network devices utilizing XYZ Hospital IP space and all users of such devices, and governs all wireless connections to the company’s network backbone, frequency allocation, network assignment, registration in the Domain Name System, and services provided over wireless connections to the company’s network backbone. 12.3 Guidelines 12.3.1: Wireless equipment and users must follow all network connection policies set forth. 12.3.2: Interference or disruption of other authorized communications that result from the intentional or incidental misuse or misapplication of wireless network radio frequency spectrum is prohibited. 12.3.3: Wireless access points must abide by all federal, state, and local laws, rules or regulations pertaining to wireless networks. 12.3.4: Wireless access points shall require user authentication at the access point before granting access to Internet services. 12.3.5: Wireless passwords and data must be encrypted. 12.3.6: Wireless networks must be designed and deployed to avoid physical and logical interference between components of different network segments and other equipment. 12.3.7: Institutional Security Office (ISO) will attempt to resolve any interference or security incidents by coordinating with the registered Point of Contact (POC) for the wireless network. 12.3.8: Any wireless network that poses a security threat may be disconnected from the company’s backbone network. Page 20 13.0 Physical Security 13.1 Purpose A balanced security program must include a solid physical security foundation. A solid physical security foundation protects and preserves information, physical assets, and human assets by reducing the exposure to various physical threats that can produce a disruption or denial of computer service. Managers are responsible for ensuring that corporate information assets under their control are properly protected through the implementation of cost-effective physical security measures. 13.2 Responsibilities 13.2.1 The manager in charge of a computer facility that operates any platform computer system is responsible for providing adequate physical protection of computer equipment and data media. 13.2.2 All the XYZ Hospital users are responsible for securing their access unit from unauthorized use. Whenever a user is away from his or her access unit during the day, he or she must protect the XYZ Hospital information assets by either logging off of the computer, or activating a password protected screen saver. 13.2.3 At the end of the workday, each user is required to log off of his or her access unit. 13.2.4 XYZ Hospital offices and building shall have normal physical security controls in place. Areas should be designed having limited accessibility with personnel access controlled by a biometric hand scanner. 14.0 Violations and Enforcement 14.1 Purpose Users who violate these policies may be denied access to Facilities IT resources and may be subject to other penalties and disciplinary action, within the XYZ Hospital. Violations may be handled through the XYZ Hospital disciplinary procedures applicable to the relevant user. Additionally, Facilities may temporarily suspend, block or restrict access to an account, independent of such procedures, when it reasonably appears necessary to do so in order to protect the integrity, security, or functionality of Facilities or other IT resources or to protect the XYZ Hospital from liability. The XYZ Hospital may also refer suspected violations of applicable law to appropriate law enforcement agencies. Page 21 DISATER RECOVERY PLAN Every business, regardless of location, should have a backup plan. The following is the Disaster Recovery Plan (DRP) that JEM has found that XYZ Hospital should envelop… JEM’s disaster recovery plan produces solutions for a wide variety of problems for the preparation of natural or man-made disasters that XYZ Hospital may be viable to. To completely protect our data entirely, as well as add a secondary backup for XYZ Hospital’s data, JEM has chosen CA ARCserve for the hot site. It is an integrated package including the CA ARCserve Backup base product, a client agent for high-performance backup, two CA XOsoft WANSyncHA licenses for continuous data protection, replication and failover to a replica server, plus CA XOsoft Assured Recover to test and verify the recoverability of XYZ Hospital’s backup. During the consideration process, JEM focused the majority of the time on adhering to the Recovery Time and Recovery Point Objectives. The CA ARCerve solution delivers the ability to align information protection with business requirements across the full range of data protection needs for both the speed of recovery and maximum allowable data loss which meets XYZ Hospital’s needs in case of an uncontrollable disaster. This system utilizes not only the function of tape storage, but disk storage as well. They provide extended protection capabilities for a server using continuous data protection, replication, and fail-over combined with guaranteed high-performance. They support multiple operating systems in case of changes in hardware as well, making calibration smooth and effortless. XYZ Hospital’s Recovery Time Objective (RTO) is extremely important considering the daily tasks that occur in their facilities. Since this is the case down time is not an option because it could result in more than just data loss. To help keep these two objectives at a minimum JEM also suggests the incorporation of a backup generator and battery packs to all workstations, servers, and important devices. The batteries will act as a small time frame battery filler to stop down time during power flickers or outages. The backup generator can then be turned on then with enough time allowed to start up its parameters if need be. JEM’s RTO is as follows: Hardware Down Time Estimate: Computers MAX 10 Minutes System Network MAX 10 Minutes Applications MAX 10 Minutes DISASTER RECOVERY POLICIES XYZ Hospital Management: 1. XYZ Hospital is responsible for the following established policies and procedures for the development and exercise of an agency disaster recovery plan. 2. XYZ Hospital is responsible for the development and testing of a disaster recovery plan for companies IT systems. Note: For most important and time critical data, a mirror system, or at least a mirror disk may be needed for a quick recovering. Page 22 Information Technology Policies Policy 100-00: Disaster Recovery The state of business is critical. It is essential we run 100 percent of the time. If such a disaster recovery planning and the capability for implementing a recovery is essential for all critical data processing applications and their peripheral support activities. Objectives: The objective of this policy is to enhance the operational capabilities all information technology resources, i.e. hardware, software and personnel that support the critical missions of the state in the event of a natural or man-made disaster. Scope: This policy applies to the data center. Actions: 1. In case of a natural disaster, such as a hurricane, floods, wild fires, if there is server damage, or servers cannot be access by the administrator, backups will be used for access to the same material that would be backed up every night. 2. Immediately contact all managers and advise them of the situation and status. 3. Actions to be taken are to access back up and implement them as soon as possible without exceeding Recovery Time Objective time. 4. Backups will be updated every night by Differential backup. 5. All backups must conform to the following best practice procedures: 5.1: All data, operating systems, and utility files must be adequately and systematically backed up. (Ensure this includes all patches, fixes and updates). 5.2: Records of what is backed up and to where must be maintained. 5.3: Records of software licensing should be backed up. 5.4: The backup media must be precisely labeled and accurate records must be maintained of back-ups done and to which back-up set they belong. 5.5: Copies of the back-up media, together with the back-up record, should be stored safely in a remote location, at a sufficient distance away, to escape any damage from a disaster at the main site. 5.6: Regular tests of restoring data/software from the backup copies should be undertaken, to ensure that they can be relied upon for use in an emergency. 6. In case of security breach or malicious code is places on hardware immediate shut down of infected server is to take place. Backup will replace the primary server before server shut down for no down time. 6.1: Shut down of servers will include full wipe of all files and a clean install will be necessary. 6.2: Possible capture of malicious code will be sent to government agencies for inspection. 7. UPS will be placed on all machines using building power. In case of power outage the UPS will provide sufficient power for the time the generator will kick in. 7.1: UPS will be tested every 4 months. This will ensure all UPS are working. Tests need to be documented every time test is issued. 8. Disk/ Fault tolerance will be handled by a RAID system of 0 + 1; this system will be striped mirrored disks. Data is striped across multiple mirrored disks. Failure of any one disk causes no Page 23 data loss and no speed loss. Failure of a second disk could result in data loss. This is faster than a single disk for both reads and writes. Enforcement: Policy 100-00: Disaster Recovery Reporting XYZ Hospital will be required to submit annual disaster recovery plans along with documentation of all test exercises. DATAGRAM The following are the datagrams of the logical and physical topologies that meets JEM standards of networking solutions. P2P WAP Datacenter P2P in case internet goes down, Data still accessible MAIN-P2PWAP: 172.16.0.9 DATA-P2PWAP: 172.16.0.8 Primary Server Backup Server 172.16.0.1 172.16.0.2 .25 .26 .27 .28 .29 MAIN-Switch4: 172.16.0.7 MAIN PRINTER4: 172.16.0.37 4 FL .20 .21 .22 .23 .24 MAIN-Switch3: 172.16.0.6 3 FL .15 .16 .17 .18 .19 DATASwitch1: 172.16.0.3 DATAPRINTER1: 172.16.0.33 MAIN-Switch2: 172.16.0.5 2 FL .10 .11 .12 .13 .14 DATARouterA: 90.44.22.5 MAIN-Switch1: 172.16.0.4 Legend Subtitle Symbol Count Description 2 Router 2 Server 5 Switch 22 Wireless access point 4 Laptop computer 4 PC 5 Printer 1 Ethernet 2 Firewall MAIN-RouterA: 90.44.22.6 VPN Page 24 MAIN PRINTER2: 172.16.0.35 MAIN PRINTER1: 172.16.0.34 1 FL Hospital Legend MAIN PRINTER3: 172.16.0.36