A visual network security plan template to show what is being done, what should be done and what is at risk.
This is a work in progress but is at a point where the idea can be shared for additional input. The goal is to represent technical security in a way that non-technical people can understand and to facilitate conversations around what to do next.
-
The Security tab covers the mental model I use for Information Security. I haven't adapted it to this document, I use the version shown during training for new Management staff.
-
There are two overviews in this document, I am trying two different ways to represent the overall status.
a. Overview (page 1 in the PDF): This shows a visual of what is in side of our network and what is outside.
b. Alternate Overview (page 2 in the PDF): This uses swimlanes to show segmentation of the network and what types of devices would be in each segment.
On each overview tab the circles are linked to other pages. The intent is that someone could drill down to the details until they get so a specific type of control for a specific type of device. For example, clicking on Managed Devices will bring up a tab that shows some types of managed devices. Clicking on Workstations will bring up a tab with different types of controls and clicking on those would bring up a page with a summary about that control with a link to more information.
If you want to test this the following clickable path has demo data:
Managed Devices > Workstations > Patching