User Account

All Pages

Describe which framework will work best for snowbe

Assignment Help Basic Computer Science
Reference no: EM133213940

Case Study Company:

Company: SnowBe

SnowBe is a lifestyle brand for those who love the beach and snow. The owners started the company with a laid-back culture. Their customers instantly connected with their brand taking them to $100 million in sales in three years. After being so successful, the management team decided to take the company public.

Technical Information:

  1. The majority of their sales are processed online through their website, housed on the AWS platform.
    1. All credit cards are accepted and stored on the company's website database.
    2. All customer information and purchase history are stored on the website indefinitely.
  2. They have multiple storefronts in the U.S. and Europe, which accept checks, cash, or credit cards. The credit card transactions are processed using bank-provided credit card terminals in each store.
  3. There are twenty desktops and thirty laptops in the main office in Los Angeles.
    1. The desktops are used to run the business and customer support.
    2. The thirty laptops are used for sales (retail and wholesale). The laptops use a VPN to log into the office to access company applications.
  4. There are six servers (on-premise and AWS) for access management, storage, customer relations management, order management, accounting, and vendor applications.
  5. As a result of SnowBe's laid-back culture, they neglected to implement technical controls and processes. As a result, they recently hired a technical consultant to get their neglected system and processes under control. The consultant started with implementing controls using the NIST 800-53 r5 framework.

    Additional Information:
    The technical consultant was impressed to find a well-run company with no reported technical issues or breaches despite SnowBe's laid-back culture. Although, there had been a few attempts that did not cause any harm or alerts to worry anyone. The technical consultant analyzed the risk of the company using the NIST Risk Management Framework. Here are some initial steps he suggested:

    - The need to update the firmware of all network devices.
    - The need to update the patches for all PCs and Windows servers to ensure they are using the latest Windows version.
    - The need to update their Anti-Virus and backup software.
    - The need to implement more processes into the access management system since most employees had access to almost all of the data on each server.
    - The need to lock the servers in a secured area of the office.
    - The need to update the company's WordPress shopping cart.
    - The need to implement the required PCI compliance items.
    - Login audit records need to be saved, and records older than 3 months should be archived to a cloud storage facility.
    - Mobile devices need to be reviewed and approved to have access to the company data. 

Instructions:

NOTES:

  • Please answer each question or section of a question separately.  
  • Elaborate on your answers to demonstrate your depth of knowledge for this week's topics.
  • SnowBe update: SnowBe wants to streamline its business operations a little better. In addition, the CEO of the company is getting nervous about all the recent supply chain news.  He wants to create his own software to help with streamlining, but he doesn't have anyone with enough development experience.  There is one person who has the experience to be the project manager, her name is Karen.  They are looking at bringing in initially a team of three to work on software development solutions.  

Deliverables: 

  1. SnowBe does not have a development process, and Karen is leaning towards using the Secure Software Development Framework (SSDF) or the Microsoft Software Development Life Cycle (MSDL).  Both frameworks are listed in the resources section below.

    You will be Karen for this situation. 

    Review both frameworks and the practices of each and document the following:
    1. Determine and describe which framework will work best for SnowBe, and why.
    2. Provide the steps you have taken to decide on the desired framework.  You will want to show your thought process that went into this decision. You will want to address some of the following items: programming practices from the framework, development processes, and methodologies that lead to secure software for SnowBe.
    3. For the framework that was not selected, document why it was not selected over the other.
  2. Document the roles and responsibilities of Karen and her three new developers. Each developer should have different roles and responsibilities. 
  3. Decide and describe the programming methodology you feel would work best for the new SnowBe development team.  You will want to list the methodology or a hybrid and list the why and why not of your decision.
  4. Go over the importance of secure software pertaining to the two development frameworks, practices, and methodologies.

Reference no: EM133213940

Questions Cloud

How are citrus fruit trees reproduced : How are citrus fruit trees reproduced? What vitamin do all citrus fruits have in high quantities? Which variety of oranges is known for its ruby-colored ?esh?
What did he do and what were the consequences of the action : Who was this golfing great and What did he do and what were the consequences of the action he took?
Describe advocacy strategies that they will apply : Describe 2 to 3 advocacy strategies that they will apply in your letter and Justify your selection of advocacy strategies.
What is the future of ethics in technology : What is the importance of legal and ethical standards in information technology?
Describe which framework will work best for snowbe : SnowBe is a lifestyle brand for those who love the beach and snow. The owners started the company with a laid-back culture. Their customers instantly connected
Should advocacy strategies be used for sex offenders : Should advocacy strategies be used for sex offenders? If yes, what advocacy strategies could be used to support sex offenders' access to programs
Compare the six different types of budgets : Dropkin, Halpin and LaTouche (2007) outline 6 different types of budgets. Compare and contrast these budgets highlighting which organization benefits the most
Describe role of moral ownership and moral efficacy : Describe the role of moral ownership, moral efficacy, and moral courage in taking moral action and demonstrating socially responsible leadership.
Clean house in terms of policy : clean house in terms of policy and personnel to make for the most ethical, legal, and efficiently run prison system. A few specific problems

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Find the maximum size of the send and receive windows

Find the maximum size of the send and receive windows, the number of bits in the sequence number field (m), and an appropriate time-out value for the timer.

  Differences between a peer-to-peer network

Provide a description of the differences between a peer-to-peer network using Windows 8.1 and a client/server (domain) network. What networking features does Windows 8.1 provide as a peer-to-peer operating system?

  Challenges facing health organizations with respect

Can you describe the specific challenges facing health organizations with respect to the impact of Antitrust laws on the nonexclusive joint venture relationship

  Explain the value added by an enterprise resource system

Explain the value added by an enterprise resource system in term of Porter's Value Chain. What are the risks and problems of brining.

  How many bits are required in the a/d converter in each case

The discrete-time signal x(n) = 6.35cos(π/10)n is quantized with a resolution

  Explain payment card industry compliance to the database

Explain Payment Card Industry compliance to the database administrator at a large retailer. Consider the consequences for non-compliance.

  Legal regulation and privacy

How is privacy now being affected by the high-tech companies. Currently, Google, Amazon, Twitter and Facebook collect information on every member they have

  Determine whether to perform the special processing

determine whether to perform the special processing of the and tags.

  Calculate the heat transfer per unit mass of water

A 110-volt electrical heater is used to warm 0.3 m3 /s of air at 100 kPa and 15°C to 100 kPa and 30°C. How much current in amperes must be supplied to this heater?

  Create a name class composed of three string objects

Create a Name class composed of three String objects (for First, Middle, and Last). Provide methods and operators for comparing Names, reading and writing Names, and for allowing the retrieval and changing of the components of a Name.

  Distinguish online learning with classroom learning

Write the exploratory essay in which you distinguish online learning with classroom (on-ground) learning. Your estimation may incorporate preparation time.

  Describing your experience in utilizing public service

Describing your experience in utilizing a public service that was facilitated through the use of technology..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd