Business Plan On Nextgard Technologies Should Be Provided Answers To The Following Questions.
Type of paper: Business Plan
Topic: Information, Security, Company, System, Internet, Computers, Workplace, Business
Pages: 8
Words: 2200
Published: 2020/12/12
Proposal for Management of Nextgard
Business proposal
CHAPTER ONE
1.0 INTRODUCTION.
1.1 Background information.
Over the years, use of computers has become very important to individuals, single business people, partners, firms, companies and industries at large. Due to the advantages of computers that they serve the world, the need for network has become very high in the business market. Organizations have designed satellite employees who have a combination of desktops, wireless devices, and mobile computers to carry out their businesses across the world without much stress (Web.mit.edu, 2015). Companies use different kinds of kinds of computers which are running XP, Windows 7, Windows Vista and Windows 200. To coordinate with their satellite employees, Companies have designed a Windows Active Directory that has domain set up for each office in the respective countries where their employees’ are located. They also have a file and a printer server which are found in the headquarters office. They have also designed Microsoft applications that are used by all employees that are within the region office. Companies have ensured that they have proxy servers that are configured as an array that is used to provide Web Cache services and as well as internet access control for the company. Despite this, Companies face many challenges in the use of Computers to carry out their businesses. Some of the challenges are security of the business information, viruses, worms, logic bombs and many other created deviant codes. Therefore, the companies to overcome these challenges, they have to come up with good strategies that can deal with these problems. They must employee appropriate Microsoft Windows access controls that includes: standards, procedures and policies that define who are the users, they can and cannot do, which resources they can access and what operations they can perform on a system.
1.2 Statement of the problem.
These days’ businesses are faced with a lot of computer problems in carrying out their business activities. Many businesses have failed others closing the venture down simply because of their recklessness in safeguarding their information. Those problems include security of the business information, viruses, worms, logic bombs and many other created deviant codes. Hence, businesses have to look for ways of solving these problems (Web.mit.edu, 2015). Failure to do so, their businesses is in a great danger. For these companies to solve this problem appropriately, they have to look for experts who have skills and experience in dealing with those problems. This is because, these problems can cause a great harm to the business even leading to the closure of that particular organization. Information is power for any business. Therefore, integrity, confidentiality, non-repudiation and Authentication of the businesses needed. If a company’s information is not properly safeguarded, competitors can use the same information to cause harm to the organization thus killing the business in the market. Therefore, is high time for the organizations to ensure that their information is safeguarded properly? The objective of research is to provide network computer solutions to NextGard.
1.3 Objectives.
1.3.1 General Objective.
1.3.2 Specific Objectives.
1.4 Research question.
Who are the users of Microsoft Windows of the company?
What the users can do?
Which resources can they access?
What operations can they perform on a system?
1.5 Research Hypothesis.
At the end of the research, answers will be provided to NextGard Technologies.
The business information can be safeguarded for the good of the company.
The benefits of safeguarding the company’s information outweigh the cost incurred to safeguard it (Cgi.csc.liv.ac.uk, 2015.
1.6 Significance of the study.
NextGard Technologies will define the users of its Microsoft Windows.
The company will determine what the users can do.
NextGard will determine the resources used by its employees.
NextGard will regulate the operations that can be performed by the employees on a system.
1.7 Scope of the study.
The study aims at providing research solutions and details the appropriate Microsoft Windows access control. This will include policies, standards and procedures for the usage of the system. It will also formulate a plan to implement monitoring and analysis by determining system implementation and access as well as an incident response plan for security breaches. NextGard will be provided with the security guidelines for the proxy servers and internet access control (Cgi.csc.liv.ac.uk, 2015). The best practices for the security of NextGard will be provided.
1.8 Justification of the study.
Many organizations have been performing poorly in the business field over the world. The reason for this poor performance is inappropriate safeguard of their information. Other businesses have collapsed because of this. Therefore, there is a need for NextGard to employee good strategies that can perfectly ensure that their information is well safeguarded.
1.9 Limitations of the study.
Respondents’ response. Respondents may resent giving useful information n the subject matter.
The time may be limiting factor. The time between normally allocated time and additional time required to do thorough research.
Organizations may not be willing to release their competitive concept in public.
The researcher may not have sufficient financial resources to purchase materials and meets all the research costs.
CHAPTER TWO
2.0 Introduction.
2.1 Research solutions.
2.1.1 Policies.
The policies will include: employees disciplinary code, Policy with dignity and respect, access rights, usage of the network, security and viruses, indecency, libel and privacy, licencing of software, Data and data protection and penalties and agreements.
Access rights.
When an employee is provided with the security, reasonable precautions must be taken to prevent unauthorized use of the security passwords (USD.ie, 2015). Practical and advice must be available to assist in safeguarding data, systems and networks.
Network usage.
The integrity, authentication and performance of the network must be practiced. Employees must ensure that any devices connected to the network must comply with the requirement of the company’s IT services.
Security and viruses.
The company must take care ensure that no transmission of viruses or other malicious computer code to other users.
Indecency, libel, and privacy.
The company’s computer system to publish or transmit any libelous to another computer system.
Data and data protection.
If any employee has access to data, he or she must ensure that accessibility, confidentiality, integrity and accuracy of that data must be maintained (Ucd.ie, 2015).
Penalties and agreement.
Those who fail to abide by the policies of the company are denied the access to the computer system.
2.1.2 Standards and procedures followed to identify the users.
Clock cards must be designed in order to identify the employee of the company who is reliable of using the computer system. Failure to clock in with your card you cannot access the network (Guru.psu.edu, 2015).
Thumb recognition. Thumb recognition technique should be introduced so that that employee that is reliable of using the network signs in by use of their thumb.
Any access to sensitive information requires authorization.
For one to be connected to his/her computer must be compatible with the Active Directory. Therefore, for anyone to connect to the organization network, he or she must join Active Directory.
Passwords and security codes must be provided to only the users of the computer system. This will ensure that, only the authorized users are using the network, and no unauthorized person can access the password or the security codes.
2.2 Risk management.
The analysis of NextGard technologies information networks and systems carried out on a periodic basis to make sure that the threats and vulnerabilities to stored and information transmission will be guarded. The analysis will be carried out to examine the kinds of threats that can be able to affect the ability to manage the information resources (Guru.psu.edu, 2015). The existing vulnerabilities will be documented in order to expose the information resources to the threats. There will be an evaluation of the information resources and the technology associated with its storage, dissemination, protection, and storage.
An estimation of risks to the integrity, confidentiality, and availability of the information will be determined by combining the threats, assets values, and vulnerabilities.
3.0 Methods of protecting organizational information.
3.1 Introduction.
The methods used to secure organization’s information, are designed to help developing strategies that protect the availability, confidentiality, authentication and integrity of data in an organization technology system (It.ouhsc.edu, 2015). Information Technology of an organization needs protection for the following aspects:
Confidentiality.
Integrity
Availability
Authenticity
Non-repudiation.
3.2 How to compile a security strategy.
Current policies reviewing
Identifying assets and vulnerabilities to know threats.
Attack methods, tools and techniques identification.
Proactive and reactive strategies establishment.
Testing.
3.3 Methods.
Proactive strategy.
Predefined steps will be set that will be taken to prevent attacks before they occur (It.ouhsc.edu, 2015). This done by looking the possible affect the computer system and the vulnerabilities.
Steps of a proactive strategy.
Determining the damage that will be caused by the attack.
Determining the weaknesses and vulnerabilities that will be exploited by the attack.
Reduce the weaknesses that are determined to be weak points in the system.
Determine possible damage resulting from an attack.
The type of the attack determines the damage caused by the system. If possible, a test should be carried out to clarify the damages that result from different attacks.
Determining the weaknesses and vulnerabilities that the attack can cause.
If this is discovered, the policies can be altered, or new ones implemented to reduce the vulnerabilities (Web.mit.edu, 2015).
Minimizing weaknesses and vulnerabilities exploited by a possible attack.
Make contingency plans.
In any case there is an attack penetrating the system and damages data as a result of halting normal business activities and hurting productivity; a contingency plan should be developed (Web.mit.edu, 2015). This plan should:
The person who must do what, when, and where to keep the organization functional must be addressed?
Be rehearsed periodically for keeping staff up-to-date with current contingency layout.
Reactive strategy.
This is implemented when the proactive strategy has failed.
Assess the damage.
The damage that was caused must be determined, during the attack.
The cause of the damage determination.
Repair the damage.
Contingency plan implementation.
3.4 Information classification.
Classification promotes proper controls to safeguard the confidentiality of information. The integrity and accuracy of all information should be protected (Cs.virginia.edu, 2015). Information is classified according to the sensitive detail it contains. Levels used to classify information.
Protected health information.
Confidential information.
Public information.
Internal information.
3.5 System implementation.
System implementation occurs where may be the older system is replaced with the new system.
The old system of NextGard technologies will be stopped completely to give way to the new system. When the new system starts to be operational, the old data will be running in parallel for some time. The new system starts to work effectively, the old system will be stopped completely (Igcseict.info, 2015).
3.6 Best practices for the security.
Use security software.
Practice the principle of least privilege.
The computer must not log in by the administrator rights. By doing this, it leaves your computer exposed to security risks.
Maintain current software and updates.
Maintain the current software and keep your software updated (Kb.iu.edu, 2015). This is done by applying the latest service packs and patches.
Backup of important documents and files.
Avoid threats to your computer.
Keep your passwords and passphrases and keep them private.
3.7 Conclusion.
For any company to prosper, its information must be safeguarded. Ineffective securing of a company’s information leads to poor performance even to the closure of the company. Therefore, the company must ensure that its information is properly guarded. To do this, a company must hire experts to work for them. Also, the company must employ best practices for its security. Methods of protecting the company’s information must be designed in such a way that they do not affect the information’s confidentiality, authenticity, integrity, and repudiation. Therefore, NextGard must hire a security professional to secure their value information.
3.8 References.
Cgi.csc.liv.ac.uk,. (2015). COMP204Computer Systems and their Implementation. Retrieved 8 March 2015, from http://cgi.csc.liv.ac.uk/~trp/COMP204.html
Cs.virginia.edu,. (2015). Saltzer and Schroeder, The Protection of Information in Computer Systems. Retrieved 8 March 2015, from http://www.cs.virginia.edu/~evans/cs551/saltzer/
Guru.psu.edu, (2015). Penn State - Administrative - Policy AD20 Computer and Network Security. Retrieved 8 March 2015, from https://guru.psu.edu/policies/AD20.html
Igcseict.info,. (2015). IGCSE ICT - Implementing the New System. Retrieved 8 March 2015, from http://www.igcseict.info/theory/8/implem/
It.ouhsc.edu, (2015). IT Policies - OUHSC Information Technology Department. Retrieved 8 March 2015, from http://it.ouhsc.edu/policies/
Kb.iu.edu,. (2015). Best practices for computer security. Retrieved 8 March 2015, from https://kb.iu.edu/d/akln
Ucd.ie, (2015). Acceptable Usage Policy New - UCD IT Services. Retrieved 8 March 2015, from http://www.ucd.ie/itservices/itsupport/acceptableusage/
Uky.edu,. (2015). Systems implementation. Retrieved 8 March 2015, from http://www.uky.edu/~dsianita/695A&D/lecture5.html
Web.mit.edu, (2015). The Protection of Information in Computers. Retrieved 8/03/ 2015, from http://web.mit.edu/saltzer/www/publications/protection/
Web.mit.edu, (2015). The protection of the information available in computers. Retrieved 8/02/2015, from http://web.mit.edu/saltzer/www/publications/protection/
- APA
- MLA
- Harvard
- Vancouver
- Chicago
- ASA
- IEEE
- AMA