User Account

All Pages

Evaluate remote access to the networks

Assignment Help Computer Network Security
Reference no: EM131480275

GLOBAL FINANCE, INC. (GFI)

Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan application approval, wholesale loan processing, and investment of money management for their customers.

GFI employs over 1,600 employees and has been experiencing consistent growth keeping pace with S&P averages (approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational performance through automation and technological innovation has propelled the company into the big leagues; GFI was only recently profiled in Fortune Magazine.

The executive management team of GFI:

1082_Figure.jpg

Figure 1 GFI Management Organizational Chart

BACKGROUND AND YOUR GROUPs ROLE

Your Security Company is educated, trained, and hired to protect the physical and operational security of GFI's corporate information system.

Your group was hired by COO Mike Willy and currently report to the COO. You are responsible for a
$5.25m annual budget, a staff of 11, and a sprawling and expansive data center located on the 5th floor of the corporate tower.
CEO John Thompson believes that the IT problem is a known quantity - that is, he feels the IT function can be nearly entirely outsourced at fractions of the cost associated with creating and maintaining an established internal IT department; the CEO's strategy has been to prevent IT from becoming a core competency since so many services can be obtained from 3rd parties. Since the CEO has taken the reigns two years ago, the CEO has made significant headway in cutting the IT department's budget by 30% and reducing half of the staff through outsourcing. This has been a political fight: maintaining and reinforcing the relevance of an internal IT department is a constant struggle. COO Willy's act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology combined with a diminishing IT footprint gravely concerned Jacobson, and he begged to at least bring in a Company to whom these obligations could be delegated to. Jacobson's worst nightmare is a situation where the Confidentiality, Integrity, and Availability of the information system was compromised - bringing the company to its knees - then having to rely on vendors to pull him out of the mess.

GFI has experienced several cyber-attacks from outsiders over the past a few years. In 2012, the Oracle database server was attacked and its customer database lost its confidentiality, integrity, and availability for several days. Although the company restored the Oracle database server back online, its lost confidentiality damaged the company reputations. GFI ended up paying its customers a large sum of settlement for their loss of data confidentiality. Another security attack was carried out by a malicious virus that infected the entire network for several days. While infected the Oracle and e-mail servers had to be shut down to quarantine these servers. In the meantime, the company lost $1.700, 000 in revenue and intangible customer confidence.

There's no question that the company's CEO sees the strategic importance of technology in executing his business plan, and in this way you share a common basis of principle with him: that IT is a competitive differentiator. However, you believe that diminishing internal IT services risks security and strategic capability, whereas the CEO feels he can acquire that capability immediately and on the cheap through the open market. You're told that CEO Thompson reluctantly agreed to your position if only to pacify COO Willy's concerns.

CORPORATE OFFICE NETWORK TOPOLOGY

1646_Figure1.jpg

You are responsible for a corporate WAN spanning 10 remote facilities and interconnecting those facilities to the central data processing environment. Data is transmitted from a remote site through a VPN appliance situated in the border layer of the routing topology; the remote VPN connects to the internal Oracle database to update the customer data tables. Data transaction from the remote access to the corporate internal databases is not encrypted.

A bulk of the data processing for your company is handled by Oracle database on a high end super computer. The trusted computing based (TCB) internal network is situated in a physically separated subnet. This is where all corporate data processing is completed and internal support team has its own intranet web server, a SUS server, an internal DNS, an Exchange e-mail system, and other support personnel workstations. Each corporate department is segregated physically on a different subnet and shares the corporate data in the TCB network.

OTHER CONSIDERATIONS

1. Ever since the article ran in Fortune about GFI, your network engineers report that they've noted a significant spike in network traffic crossing into the internal networks. They report that they cannot be certain what or who is generating this traffic, but the volume and frequency of traffic is certainly abnormal. The management is very concerned over securing the corporate confidential data and customer information.

2. Increasingly, GFI's CEO Thompson attempts to outsource IT competency. In fact, you've been told of a plan from COO Willy to outsource network management and security functions away from your department and to a service integrator. COO Willy warns you that the political environment will only become more contentious over time; you must make a compelling case as to what value your department can bring over an integrator that can provide secure services at 40% less annual cost than you.

3. The interrelationship between data and operations concerns your company. Increasingly, some of the 10 remote sites have been reporting significant problems with network latency, slow performance, and application time-outs against the Oracle database. The company's business model is driving higher and higher demand for data, but your capability to respond to these problems are drastically limited.

4. Mobility is important for the organization to interact with the customers and other co-workers in near real-time. However, the CEO is concerned with the mobility security and would like to research for the best practice for mobility computing. The CEO is willing to implement a BYOD policy if security can be addressed.

5. Employees enjoy the flexibility of getting access to the corporate network using a WiFi network. However, the CEO is concerns over the security ramifications over the wireless network that is widely open to the company and nearby residents.

6. The company plans to offer its products and services online and requested its IT department to design a Cloud Computing based e-commerce platform. However, the CEO is particularly concerned over the cloud computing security in case the customer database is breached.

ASSIGNMENTS

- Identify and describe the organizational authentication technology and network security issues.
- Make a list of access points internal and external (remote).
- Design a secure authentication technology and network security for GFI.
- Make assumptions for any unknown facts.
- List all known vulnerabilities your group can identify in this environment and address them by proposing a new design. Your group may use any combination of technologies to harden authentication process and network security measures.
- Address the CEO's concern over the mobility security and design a secure mobile computing (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.
- Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and network security to protect data should be implemented.
- Design a cloud computing environment for the company with a secure means of data protection at rest, in motion and in process.

You are given a fictional scenario above describing security issues affecting organizational assets. You will identify the risks associated with the assets, and recommend mitigating procedures. You will prepare a quantitative / qualitative risk assessment to address risk factors on organizational assets. Your final paper will be 15-25 pages long in a Word document

Evaluate remote access to the networks.

Inventory assets and prioritize them in the order of mission criticality.

Verified Expert

GFI is a multinational financial company and they got their offices and customers in USA, Mexico and Canada. They got 1600 active employees in all their offices. They wanted to cut the IT infrastructure and operational costs by 30%. They planned to cut this cost by out sourcing some of the services and by moving some of the infrastructure to cloud systems. They wanted to achieve the above without any breach in security and data loss. The network infrastructure diagram is given. Main network devices are shown. Lot of other considerations are given. The inventory assets are listed based on their priority and criticality. GFI got 10 remote locations from where lot of users will be accessing the IT hardware and software facilities from a centralized data center. Remote access technologies and the governing protocols are investigated.

Reference no: EM131480275

Questions Cloud

Identify the demographics and resources available : Identify the demographics and resources available that can be used to support your mission and purpose for your community organization, and create a list of these available resources.
How would you resolve the problem of heteroscedasticity : Refer to the hours worked regression model. Use log of hours worked as the regressand and find out if the resulting model suffers from heteroscedasticity.
Explain your definition of production operations management : Discussion: "Smooth Operator"- Explain your own definition of production operations management, including manufacturing and service operations.
Percent growth might affect living standards in the nation : Predict how the 5 percent growth might affect living standards in the nation. How does economic growth affect population growth?
Evaluate remote access to the networks : Evaluate remote access to the networks - Inventory assets and prioritize them in the order of mission criticality - Make a list of access points internal and external
Find the historical average rate of inflation : Macropoland is currently experiencing a recession--consumption and investment are very sluggish, and unemployment is quite high at 9%. Currently, inflation.
Public transportation and the automobile are two methods : Public Transportation and the automobile are two methods an employee can use to get to work each day.
Explain the different corporate strategies used by ceos : Explain the different corporate strategies used by CEOs Management. How CEOs use concentration, vertical integration, or diversification in planning function.
Companies invest in plants-equipment and other assets : Which of the following is a general term that refers to capital that flows out of the home country as companies invest in plants, equipment, and other assets?

Reviews

inf1480275

5/20/2017 4:29:41 AM

We did not do the full work in this assignment. Checked marking criteria (Rubric). It got 9 grade indexes. We were asked to cover only two indexes. I covered it in the given word count. Already professor feedback obtained for our work before final submission. We did rework too as per your professors comments. So requirements already met. 1. We need to list out the assets and prioritize them critically. We did it. 2. We need to evaluate the remote access protocols and mitigate options. We did well. We covered the above in detail. Out of 9 grade indexes we covered only 2 grade indexes. Remaining 7 grade indexes were covered by your yourself and you did not cover anything usefully in your work. So certainly ended with poor grade

inf1480275

5/20/2017 4:29:34 AM

Please ask the expert to modify this part for me, and can you ask him/her to have in done in like 8 hours? It's quite urgent. Thanks a lot. Ok thanks please let me know when the expert gets it modified Please have a look at the doc file as the whole paper of my group, with my parts in it. And this is the feedback from my professor: - I do not really understand the first section. You have the table security stuff but the follow on paragraphs talks about all kinds of things. - I like the ASA 5525 but that is a small FW. Make sure you meet the throughput requirements when selecting security devices. Not sure I understand your thought around encrypting Web Servers?? .

inf1480275

5/20/2017 4:29:07 AM

Thanks for the response. Is there any way that you can give me a lower price quote? Thank you. Please give me a new link to make payment. can you make sure that the expert will deliver me a good solution? Thanks Hi there, I just made the payment. hi there, can you check if you received my payment yet? It's already Wednesday, did the expert finish the paper? My professor reviewed the paper and said that there's something I need to add to the inventory assets according to this case. Besides those assets that the expert stated (they are related to a more security measures/methods), while we need to add more type of inventory assets. Since the company manages thousands of accounts (please look at the the diagram in the pdf file), the inventory assets should be related to, for example, information/server information, or something related to the money, or accounting information, the credit card department that holds the credit cards information of people, their accounts or personal information stored inside out servers, or the data on the servers <== so these are the actual assets that I'm talking about.

len1480275

5/1/2017 6:04:44 AM

Please read through the entire pdf file and its requirement. This is a group assignment, therefore, my responsibility is to write about the parts of "Inventory assets and prioritize them in the order of mission criticality." and "Evaluate remote access to the networks." (highlight parts from the rubric). You do NOT need to write about other parts in the rubric except the 2 parts I have highlighted and mentioned above. Length of this paper is 4 pages, 1.5 line spacing, font 12 (NOT 13.5), the due date is on Wednesday. This is a very important assignment for me, so please give this to an expert who can ensure that he/she has a good knowledge about this kind of topics. Please check and give me a quote. Thank you.

Write a Review

Computer Network Security Questions & Answers

  Determine what the risk to an organisation is

Determine what the risk to an organisation is, you need to know what the problems could be - how it performs its attack and the mitigation strategies. The risk to an organisation using vulnerable systems should also be determined.

  Can you use a master key to search mcbrides locked desk

Can you or Mr. McBride's supervisor use a master key to search McBride's locked desk for digital evidence, after McBride has left the premises? Support your answer.

  Which of risks gci faces are most significant to company

What measures would you propose to senior management to try to prevent a breach of data held by GCI? Your response should include recommendations for mitigating vulnerabilities identified in part (a).

  Using the prime p 2621and encryption key e 7 encrypt the

1 using the prime p 2621and encryption key e 7 encrypt the message sweet dreams using modular exponentiation.2 what

  Pros and cons of very simple plans versus detailed plans

Write a 3-5 page report that discusses the pros and cons of very simple plans versus detailed plans, although the standards mandate very specific requirements for the plans that add a level of complexity

  Analyze three specific potential malicious attacks

Analyze three (3) specific potential malicious attacks and / or threats that could be carried out against the network and organization.

  Develop organizational information systems security policy

Develop an organizational information systems security policy. Include the Overview, Purpose, Scope, Policy, and Compliance sections of the policy. Present the policy in a manner that complies with standardized system policies.

  Explain what the control helps mitigate in a scada system

Select one control, identify whether the control falls under Management, Operational or Technical Controls and explain what this control helps mitigate in a SCADA system?

  Explain concisely and clearly your protocol a and b

Describe concisely and clearly your protocol A and B. Make the protocolsrealistic (think that you play it with your friends). Present small concrete examples for both protocol A and protocol B, and show how your protocols run in these cases.

  What will be the minimal length of the key

If Encrypt-It-Rite would like to increase the average cracking time to at least 100 years, what will be the minimal length of the key?

  Research on the internet what is health data stewardship

research on the internet what is health data stewardship? why does it matter in the discussion of a national health

  Experience developing web pages or web sites

A non-profit organization would like you to lead a Web site development project for them. The organization has Internet access that includes space on a Web server, but has no experience developing Web pages or Web sites.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd