What are typical information security (IS) assets that are used by such a company, and what risks exist in the current model?

 

The case study company provided a situation in which threats pose a real risk to the infrastructure. The company assets are not well-protected, and they all share a common network. Little additional security mechanisms are in place other than the demilitarized zone (DMZ). What are typical information security (IS) assets that are used by such a company, and what risks exist in the current model? What will adding a flexible solution for the consultants to connect to the network do to this risk model? What are some safeguards that can be implemented to reduce the risk?