In the given situation of being the machine support tech at the Leading Collegiate Institution, performing a risk analysis of the school infrastructure is extremely important the moment wanting to secure the network. The school offers two web servers, one for administration and the other for young students which appears kind of strange. And provides a wireless gain access to for the scholars with their personal laptops.
There is one laptop lab that may be dedicated intended for the students to do their computer science research. The initially portion that comes to mind is definitely the access control security on the servers, sure they have two servers committed for independent values, but I would rather have the AD all on a single computer with all the permissions categorized out, and enjoying the secondary laptop to sponsor the student info and plot management software as that will be a heavier insert. If the school is looking into how much money in saving, buying a stronger server with VMWare Workstation will give the school multiple servers in a single build which could save them much funds on one unit.
As for the wireless get given to confidential laptops, the scholars should be positioned on a separate domain or at least offered access with limited access. Limited gain access to in a school seems thus small , although this is because the school should filter out what needs and does not require access even though the students will be in program. If there is a breach in the network, checking the students could possibly be a bit difficult, unless we can provide the wireless access like how ITT does their network.
Although the students can simply log into the computers within school argument using their ID, they can also use their ID to access the wireless network. In another percentage of a risk, the staff simply has the presented amount of computers to allow them to share. The security risk for this can be that a lot of teachers might leave all their user IDENTITY logged by which may cause as a risk for personal privacy.
Having some kind of secret for a timeout when the laptop is not really use will decrease the concern of intrusion of privateness and might increase secureness to where another person will need to log in having a different id.