Homework Help is Here – Start Your Trial Now!
Business
Operations Management
Case study You have recently been appointed as the new IT risk manager of a countrywide online trading business called DirectToCust which sells items directly to the public. Its headquarters are located in Cape Town, in the Western Cape and have warehouses in Gauteng, KZN, and the Free state. The company employs over 200 call center agents and about 10 business managers for both inbound and outbound transactions and logistics. They work both day and night shifts in an open-plan workspace of around 40 x 38 m with each agent having their own desk, networked computers and essential office stationery to conduct business. Most, if not all, call center agents’ desktop PCs are connected to a local network using Ethernet cabling while most line managers’ laptops are wirelessly connected to enable free movement around the premises. All the servers, switches, router, gateways, firewalls, etc., are located at the adjacent IT office and maintained by one network administrator and six support technicians (four dayshifts and two nightshifts), the company opted for software-as-a-service, through various cloud computing services provider for all their software needs and therefore the presence of IT personnel is for day-to-day business support only. Before your recruitment, the company was experiencing a couple of complaints such as: 1. Theft of personal belongings during working hours. 2. The network policy can be amended by the IT support team without the knowledge of the IT administrator. 3. Employees spending more time on social media than working. 4. Theft of customers’ details for own and commercial use, using USB and other portable storage. 5. Infected and corrupted employees and customer databases. 6. The local IT team often experiences issues when communicating with the overseas cloud service provider team. 7. All employees must change their password every week, and as a result, many employees who cannot memorise their new password simply write them down for safekeeping. 8. Regular firewall breaches were observed during the last couple of months and resulting in a bottleneck and unauthorised access. 9. Some employees can easily guess their colleague's password to log in. 10. The website was recently hacked, disfigured and propaganda message posted, and it took the local IT team 48 hours to take back control of the website. 11. Misappropriation of business funds by some employees. 12. Easy access to the server room and malicious reconfiguration of proxy-server mostly during the night shift. 13. Managers are unable to monitor employer activities live. 14. Poor financial accountability and traceability; all managers are able to edit log files without authorisation. 15. Information and communications were being hijacked or looked into before reaching their destination. Refer to the above case study: Write a report which, if implemented, will address all the issues identified in the case study. The report must have the following structures: Q.2.1 Your report must be structured in the following approach: - Executive summary.  - Background (case study’s IT security issues only).  - Development of the proposed solution.   -The role of the IT risk manager in addressing physical and network risk. - The best methods of combating the network-based attack.  - The impact of social engineering when combating network security.  - The most appropriate mechanism in implementing network access authentication and authorisation without compromising network security. - The implementation of the best strategy to fight against hacking, hijacking and maintain the online presence. - The most appropriate location and strategy for the DMZ and firewall implementation. - Conclusion

Case study You have recently been appointed as the new IT risk manager of a countrywide online trading business called DirectToCust which sells items directly to the public. Its headquarters are located in Cape Town, in the Western Cape and have warehouses in Gauteng, KZN, and the Free state. The company employs over 200 call center agents and about 10 business managers for both inbound and outbound transactions and logistics. They work both day and night shifts in an open-plan workspace of around 40 x 38 m with each agent having their own desk, networked computers and essential office stationery to conduct business. Most, if not all, call center agents’ desktop PCs are connected to a local network using Ethernet cabling while most line managers’ laptops are wirelessly connected to enable free movement around the premises. All the servers, switches, router, gateways, firewalls, etc., are located at the adjacent IT office and maintained by one network administrator and six support technicians (four dayshifts and two nightshifts), the company opted for software-as-a-service, through various cloud computing services provider for all their software needs and therefore the presence of IT personnel is for day-to-day business support only. Before your recruitment, the company was experiencing a couple of complaints such as: 1. Theft of personal belongings during working hours. 2. The network policy can be amended by the IT support team without the knowledge of the IT administrator. 3. Employees spending more time on social media than working. 4. Theft of customers’ details for own and commercial use, using USB and other portable storage. 5. Infected and corrupted employees and customer databases. 6. The local IT team often experiences issues when communicating with the overseas cloud service provider team. 7. All employees must change their password every week, and as a result, many employees who cannot memorise their new password simply write them down for safekeeping. 8. Regular firewall breaches were observed during the last couple of months and resulting in a bottleneck and unauthorised access. 9. Some employees can easily guess their colleague's password to log in. 10. The website was recently hacked, disfigured and propaganda message posted, and it took the local IT team 48 hours to take back control of the website. 11. Misappropriation of business funds by some employees. 12. Easy access to the server room and malicious reconfiguration of proxy-server mostly during the night shift. 13. Managers are unable to monitor employer activities live. 14. Poor financial accountability and traceability; all managers are able to edit log files without authorisation. 15. Information and communications were being hijacked or looked into before reaching their destination. Refer to the above case study: Write a report which, if implemented, will address all the issues identified in the case study. The report must have the following structures: Q.2.1 Your report must be structured in the following approach: - Executive summary.  - Background (case study’s IT security issues only).  - Development of the proposed solution.   -The role of the IT risk manager in addressing physical and network risk. - The best methods of combating the network-based attack.  - The impact of social engineering when combating network security.  - The most appropriate mechanism in implementing network access authentication and authorisation without compromising network security. - The implementation of the best strategy to fight against hacking, hijacking and maintain the online presence. - The most appropriate location and strategy for the DMZ and firewall implementation. - Conclusion

Practical Management Science
Practical Management Science
6th Edition
ISBN:9781337406659
Author:WINSTON, Wayne L.
Publisher:WINSTON, Wayne L.
Chapter2: Introduction To Spreadsheet Modeling
Section: Chapter Questions
Problem 20P: Julie James is opening a lemonade stand. She believes the fixed cost per week of running the stand...
See similar textbooks
icon
Related questions
Question

Case study
You have recently been appointed as the new IT risk manager of a countrywide online trading
business called DirectToCust which sells items directly to the public. Its headquarters are located
in Cape Town, in the Western Cape and have warehouses in Gauteng, KZN, and the Free state. The
company employs over 200 call center agents and about 10 business managers for both inbound
and outbound transactions and logistics. They work both day and night shifts in an open-plan
workspace of around 40 x 38 m with each agent having their own desk, networked computers and
essential office stationery to conduct business. Most, if not all, call center agents’ desktop PCs are
connected to a local network using Ethernet cabling while most line managers’ laptops are
wirelessly connected to enable free movement around the premises. All the servers, switches,
router, gateways, firewalls, etc., are located at the adjacent IT office and maintained by one
network administrator and six support technicians (four dayshifts and two nightshifts), the
company opted for software-as-a-service, through various cloud computing services provider for
all their software needs and therefore the presence of IT personnel is for day-to-day business
support only. Before your recruitment, the company was experiencing a couple of complaints
such as:
1. Theft of personal belongings during working hours.
2. The network policy can be amended by the IT support team without the knowledge of the
IT administrator.
3. Employees spending more time on social media than working.
4. Theft of customers’ details for own and commercial use, using USB and other portable
storage.
5. Infected and corrupted employees and customer databases.
6. The local IT team often experiences issues when communicating with the overseas cloud
service provider team.
7. All employees must change their password every week, and as a result, many employees
who cannot memorise their new password simply write them down for safekeeping.
8. Regular firewall breaches were observed during the last couple of months and resulting in a
bottleneck and unauthorised access.
9. Some employees can easily guess their colleague's password to log in.
10. The website was recently hacked, disfigured and propaganda message posted, and it took
the local IT team 48 hours to take back control of the website.
11. Misappropriation of business funds by some employees.
12. Easy access to the server room and malicious reconfiguration of proxy-server mostly during
the night shift.
13. Managers are unable to monitor employer activities live.
14. Poor financial accountability and traceability; all managers are able to edit log files without
authorisation.
15. Information and communications were being hijacked or looked into before reaching their
destination.

Refer to the above case study:

Write a report which, if implemented, will address all the issues identified in the case study. The
report must have the following structures:
Q.2.1 Your report must be structured in the following approach:


- Executive summary. 
- Background (case study’s IT security issues only). 
- Development of the proposed solution.  

-The role of the IT risk manager in addressing physical and network risk.

- The best methods of combating the network-based attack. 
- The impact of social engineering when combating network security. 
- The most appropriate mechanism in implementing network access authentication and authorisation without compromising network security.

- The implementation of the best strategy to fight against hacking,
hijacking and maintain the online presence.

- The most appropriate location and strategy for the DMZ and firewall
implementation.

- Conclusion.

Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Practical Management Science
Practical Management Science
Operations Management
ISBN:
9781337406659
Author:
WINSTON, Wayne L.
Publisher:
Cengage,
Operations Management
Operations Management
Operations Management
ISBN:
9781259667473
Author:
William J Stevenson
Publisher:
McGraw-Hill Education
Operations and Supply Chain Management (Mcgraw-hi…
Operations and Supply Chain Management (Mcgraw-hi…
Operations Management
ISBN:
9781259666100
Author:
F. Robert Jacobs, Richard B Chase
Publisher:
McGraw-Hill Education
Business in Action
Business in Action
Operations Management
ISBN:
9780135198100
Author:
BOVEE
Publisher:
PEARSON CO
Purchasing and Supply Chain Management
Purchasing and Supply Chain Management
Operations Management
ISBN:
9781285869681
Author:
Robert M. Monczka, Robert B. Handfield, Larry C. Giunipero, James L. Patterson
Publisher:
Cengage Learning
Production and Operations Analysis, Seventh Editi…
Production and Operations Analysis, Seventh Editi…
Operations Management
ISBN:
9781478623069
Author:
Steven Nahmias, Tava Lennon Olsen
Publisher:
Waveland Press, Inc.
SEE MORE TEXTBOOKS