User Account

All Pages

Identify and address any other security concerns

Assignment Help Computer Network Security
Reference no: EM131512836

Coffee and Company Security Case Study

Your client runs 4 coffee house locations in a single college town. For ease of management and expansion, the shops are all provisioned with a common set of foodservice and IT equipment, but each location has a unique theme applied for the décor. When the wireless network was deployed at the original location, the managers there started to maintain a presence in the public area of the store and circulating with the customers, they didn't stay "cooped up" back in the office. The name of the shop was changed to represent the "community feel" that this generated and which is now a hallmark of the "Coffee and Company" experience. Each manager is encouraged to put their own "stamp" on the flavor and décor of their store. Stores are referred to by clients, management and employees by nicknames relating to the décor - e.g the Green store, the Glass store, the Beach store, etc. To keep things fresh, stores are redecorated regularly, so a single store may have many identifiers depending on when a customer started coming or when an employee was hired.

Each store has a manager's office which is physically separate from the food preparation and customer service areas, but to which all employees are allowed physical access. The manager's office at the original location also serves as "corporate headquarters" for record keeping and IT purposes. Working files from this computer are copied to a USB hard drive to protect against file loss. Many of the choices that are currently in place were decided upon years ago and have simply been recreated as additional sites were brought online. There is currently no formal process in place for measuring network performance or evaluating the reliability or security of the network or of IT operations.

The company has purchased a "business bundle" of Internet access, telephone service, and cable TV from the local ISP. Managers in each location use FTP through the internet connection to upload sales and inventory information a folder on the "server" at the headquarters office which is really just a set of shared folders on that manager's computer named by store decor. All locations have a consumer-grade broadband router/firewall with a single wireless network configured. This network provides connectivity for the 2 thin-client based point-of-sale cash registers and a computer in the manager's office which hosts the point of sale application and is used for record keeping and scheduling of staff at that location. The wireless network also provides Internet access for customers of the coffee shop. For consistency between stores, the network is set to support 802.11 b and g clients, and uses a WEP key which is printed on all receipts and prominently posted for the convenience of the customers. The same key is used in all locations so that customers have easy access to the Internet from whichever location they happen to be visiting.

Each location manages their own employees' schedules and accounts in the scheduling and point of sales systems. Much of the workforce is made up of college students, some of whom work seasonally, work at multiple stores, and who may drop or add to their desired number of shifts based on their course load. Many long-time employees know each other's' access codes for the point of sale system. Sometimes when the shop gets busy, servers enter orders, payments, and tips for each other in the point of sale system. While this does sometimes help service customers more quickly, it has led to some problems appropriately managing the distribution of tips and sales commissions.

Customers were complaining that access speeds for the Internet have been slow at several locations, so the speed of the connection at all the locations was increased, but the responsiveness of the network has not improved much, if at all. Some customers are hesitant to make use of the network due to performance concerns or because their new devices won't connect, others have expressed concerns about data security.

Recently, a fire in a neighboring business required an evacuation of the headquarters location. While all store locations are in compliance with applicable building codes and have passed safety inspections (fire suppression, emergency lights, etc.), power was lost and due to the possibility of structural damage both the coffee house location and the management office were closed and inaccessible for several business days. During this time transactions from the other shops could not be uploaded as the headquarters computer was not accessible - no one could get to it to boot it up after power was restored. Once the location was brought back online, after a couple of days all transactions eventually sync'ed up.

The original owner of the chain has recently entered "semi-retirement" and is turning daily operations over to her daughter. The daughter has recently received a new set of standards from their credit card processing company and feels that it may be time to re-examine the IT infrastructure and the security of the current network. She has requested that you prepare a report detailing the current solutions that are in place and compare them to currently accepted practices. Where the current solution is not up to standards, she requests that you provide a recommendation to correct the situation. She has articulated the following goals. Those marked with an asterisk are conditions of the credit card payment processing contract and are non-negotiable.

- *Credit Card transaction processing traffic may not be transmitted wirelessly

- *Credit Card transaction processing traffic must be on a separate network from customer internet traffic

- Free customer wireless access must support modern laptops, netbooks, tablets, and smartphones

- There needs to be a way to track who is using the wireless bandwidth, both for performance tuning and marketing promotions (e-coupons for frequent surfers, etc.)

- Customers must feel confident using the network for shopping and finance transactions as well as for casual surfing and email use

- The store managers need the ability to access managerial information within the store while circulating with the customers

- Interruptions at any one location should not impact operations at any other location. The centralizing of inventory and sales information has been working very smoothly, but having it out of reach for several days should not happen again.

- Since personnel often move between store locations, point-of-sale and scheduling operations should be integrated across all the stores.

- There should be no question as to which store a particular record or report refers

- All sales and service transactions must be entered by the responsible server. It must be impossible for servers to access each other's accounts in the point of sale system.

- There is no plan to establish a permanent IT staff position. The current "parallel design" is comfortable and allows for simplified management as all stores are the same. The customer would like to see this continue.

- Proposed changes should tighten up security and operational reliability, but not change the customer experience or ambiance of the stores

- Identify and address any other security concerns. The client realizes that her expertise is in coffee and hospitality - she's looking for expert professional guidance in your area of expertise.

Reference no: EM131512836

Questions Cloud

Evaluate speeds of dsl and cable modem that you researched : Compare and evaluate the speeds of DSL and cable modem that you researched. evaluate the cost of DSL and cable modem that you researched.
Savings account at an annual interest rate : If you invest $1,000 into a savings account at an annual interest rate of 5% (APR), compounded semi-annually, how much will you have in the savings account.
Create an entity-relationship diagram for the scenario : create an entity-relationship (E-R) diagram for the scenario that you selected from Hands-On Database and based on the information you produced.
Prepare a international business report : Having now completed a major analysis of environment in which your business will operate you will need to prepare Part 2 of your International Business Report
Identify and address any other security concerns : Identify and address any other security concerns. The client realizes that her expertise is in coffee and hospitality
Comparative advantage in producing : What are some examples of goods that the United States has comparative advantage in producing?
What is the present value of the payments : The interest rate is 5% now and increases to 8% in the next year. What is the present value of the payments?
What was the bigger issue here : What was the "bigger" issue here? Who was for Apple complying, and, who was against? What were each side's reasoning?
Research a real life business example : HC1041 Assessment - Impact of IT on Business. You are to research a real life business example of your choice and the impact of IT on that business

Reviews

len1512836

5/31/2017 3:57:38 PM

Assignment Max Points All 13 bulleted Items are addressed in Detail 75 Conditions of the Credit Card Processing are addressed in Detail (*asterisks) 15 Tabular Report provided per requirement 5 Mid Term Case Study adheres to APA formatting No Spelling/Grammatical Errors 5 POINTS 100

len1512836

5/31/2017 3:57:25 PM

This is a report, I am working on another one. This report is on finding a better solution dealing with customer, wifi, management, etc. Functional Goal Technical Requirement Current Solution Proposed Solution Credit Card Processing A Must not be wireless Inadequate Establish wired network drops for point-of-sale registers B Must be separate from customer traffic Inadequate Install router/firewall between customers and business networks Free, secure Internet Access for customers A 802.11b/g/n Wireless Network Adequate for coverage area but not for speed or security New access points supporting (enter security details here).

Write a Review

Computer Network Security Questions & Answers

  Problem regarding the cyber-attack

This exercise is to identify and characterize assets. Imagine there is a severe natural calamity in your area and your personal vehicles have been rendered immobile. The local mayor is running school buses on their routes to evacuate residents and..

  Problem regarding the machine probability

The probability that two machines is related by , A to work is 0.7 and the probability that B works if A is working is 0.8 , and 0.35 if A fails work find that machine probability B does not work.

  What tool do we have to identify cover communication channel

CSIS 343- As network defenders, what tools do we have to identify cover communication channels, and is that something we should really be concerned about anyway?

  Important benefit of asymmetrical encryption

What is the most important benefit of asymmetrical encryption? Contrast with symmetrical encryption - Which part of CAIN is realized through the use of message digest functions and hashes?

  Udp programs allowing two parties to establish a secure

Whenever Alice wants to send a message M to Bob, Alice first computes H = Hash(K||M), and then computes C = EK(M||H) and sends C to Bob

  The performance of a wimax network appears to be lower than

the performance of a wimax network appears to be lower than expected and you suspect interference to be the cause.

  Explain the key inherent dangers of the chosen threats

SEC 420- Explain the key inherent dangers of the chosen threats, and indicate the key reasons why you believe such threats pose more of a risk than other current ones in existence. Justify your answer.

  Demonstrate how security can be instilled within the sdlc

How security can be instilled within the Systems Development Life Cycle (SDLC). Provide two examples on what users may experience with software products if they are released with minimal security planning.

  Cracking password management protocols

Identify and describe any obstacles, and explain your solutions for them. Given the access policy, evaluate whether or not Extensible Access Control Markup Language (XACML) could be used to express the contextual attributes.

  Explain efficiency issues and alternate method

Bob sending an encrypted, signed message to Alice and Carol.

  Research report on information system security

Research Report on Information system security - Become more knowledgeable about finding and using varied research sources in your chosen area in IT.

  Compare and contrast two natural disasters

Describe three factors that help to influence our nation's focus on natural or man-made disasters - what issues have been raised concerning some of the authorities granted to government agencies in the PATRIOT Act? How have those issues been addres..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd