Action Plan thoughts

Well depending on what road you close to follow on your process model your action plan could be either a real pain or painless.  I chose to do my process model based off of the typical DOD computer system because I know it in and out.  I know the way the system operates and I am privy to the latest information from DISA about current attacks.  I knew that my action plan would be very simple because it didn't involve any hardware changes and anything that didn't work properly would receive guidance from DISA in order for any further changes to be made.  So the big threat here is the threat from Iran where they are hacking government computers in an attempt to gain financial information and data from military users.  There are two ways to fix this which the latter should fix the problem of vulnerability if the first is ignored.  The first means of action that I chose was a unit level memo that would originate from the security team that prohibits the visitation to online banking sites and any e commerce sites on a government computer either secured or non secured.  This would in theory stop any data from getting onto the system and if the computer was hacked there would be no information there to look for.  But we all know that since lower enlisted like to push the envelope that this will not work and they will do it anyway so we will have to make the needed system changes.  These changes will be relatively easy since they are done at the unit level on the server side by the communications section shop.  What we intend to do is to block all access to online banking on the non secure system and the secure system.  All e-commerce will be block on the non secure system with limited access for supply personnel to GSA listed sites for ordering supplies only on the secure system.  This problem will not hamper any supply personnel in doing their job in sustaining the unit.  So since there are no hardware changes this far this should not be a problem in getting done in a timely manner.  If for some reason this process fails, which I don't see it failing because there will be no access to those sites that would put financial information on the computer, we can go back to DISA and see if there are any hardware changes that may help out.  The only thing that I could think of would be to install additional firewall appliances and go from there.  We will receive all guidance from DISA so if these changes fail then the ball will be in their court.  The big thing here is making changes that will prevent the attack and make sure your process model starts over again once you have verified that the changes have worked.