logo

BYOD Security: Aztech Case Study

   

Added on  2020-04-07

11 Pages4779 Words90 Views
 | 
 | 
 | 
ITC 596 – IT RISK ASSESSMENT in AZTECH CORPORATIONNAMEUNIVERSITYROLL NOASSESSMENT TITLE
BYOD Security: Aztech Case Study_1

RUNNING HEAD: IT Risk Assessment in AztechEXECUTIVE SUMMARYThe following report is represented in the form of a risk assessment performed on the ITdepartment of Aztech with respect to the project proposal given by strategist to deploy theBYOD within Aztech’s workplace environment. The report is generated post-consideration of acollection of project portfolios in the hands of senior executives. Risk assessment has beenconducted keeping in mind the nature of industry the company operates in and its workforcestrength. The assessment also covers the legal frameworks, financial dimensions and securityconcerns over the use of “Bring Your Own Device” while identifying the potential risks that canhamper the company’s survival in the long run. To summarise the above points, the evaluationhas identified the risk of data security as the most vulnerable one in the entire risk domain forcompanies operating within financial service sector. PROJECT’S REVIEW BASED ON FINANCIAL ASPECTS AND GOVERNMENTAL REGULATIONSThe modern organisations that operate in the 21st century have seen a lot of advancements inthe field of Information and Communication technology. The ICT has been used extensively invarious areas to make the business processes easier to conduct. Almost all the private andgovernment sectors have adopted a series of IT applications and system software to facilitatetheir day-to-day departmental operations and improve the efficiency of whatever they carryout. The adoption has also been international and this thing get complicated with a lots ofintegrated functionalities associated with a single IT infrastructure. In the private organisationsthat offer financial services, accuracy and precision with numerical figures become highlysignificant because the same yields productivity for clients. For getting calculative and keepingelectronic records of everything, the organisational departments use the Enterprise ResourcePlanning or the ERP methods, cloud computation, tools & utilities for data analytics, secured orencrypted gateways for money transactions, digitized communication, integration of differentsoftware for coordinated operations and many more things. A well-recognised use of ITapplications can be observed in place where the investment options are dematerialized. It hasprovided a successful dimension for the relevant industry. All Australian organisations that offerfinancial services have emerged as strong portion of the country’s economy for years. This isevident from the way organisations could face the global financial crisis between the year 2008and 2011. These organisations have already developed high degree of readiness for meetingthe present regulations and technological barriers of the present century. Additionally theenvironmental challenges are also offered through stringent standards and regulatory bodies. Itbecomes an obligation to demonstrate higher degree of compliance with the government aswell as the society when the demographic and cultural dimensions witness quick changes.Technological trends make way for modified rules and regulations on the use of social media,platforms utilized in cell phones, data security, system changes at the core-level etc. Thus, therisk assessment of financial service providers in Australia becomes tough to conduct becausemultiple changes at once (Saini, et al 2011).
BYOD Security: Aztech Case Study_2

RUNNING HEAD: IT Risk Assessment in AztechIt was highly recommended by Drucker, the notable man behind management principles thatbusiness organisations of any size should analyse the market and anticipate the potentialchanges that could either lift or decline their current rate of commercial success. Heemphasised on capitalizing on the opportunities so that any type of business project can beeffectively executed. This report is designed to carry out an analysis of the risks andopportunities associated with the previously mentioned IT project in Aztek Corporation whichoperates in the financial service sector of Australia. Background to the Case Study Aztech Corporation holds the position as one of the leading organisations in Australian Financialmarket. After its incorporation in the year 1960, it established its corporate office in the districtof Sydney and the office soon became operational. The business firm deals in an extendedrange of financial services which includes primarily general and life insurances. It also offersinvestment products to retailers and other members of corporations who are active in equityand debt business. Apart from that, it also has a wide range of mortgage and loan services forspecific consumers who comprise a dominant part of its Aztech’s product segment. Presently,the company owns 20 regional offices where over a thousand employees have been working.As of the year 2014, the company has a fair reputation in financial sector of Australia and is onthe progress of achieving high CSR or Corporate Social Responsibility in its operational regions. The reaction of the company to capricious changes in the IT infrastructure and trends has beenproactive since it develops and upgrades its applications to meet the extended requirementsfrom time to time. Aztech became the first of its kind to introduce the online payment servicesin the year 1999 by featuring secured and gateways that are end-to-end encrypted.Introduction of payment gateways was a convenient factor for the investors who could executetheir business affairs from any location without facing geographical barriers. When thecompany introduced the SAP Enterprise Resource Planning systems in the year 2005, thingstook a slanted direction and the firm started observing increased efficiency ofinterdepartmental functions. Aztech’s segment of business and its administrative offices werelinked together based on a real time environment. Its operations became more transparentthus creating higher appeals to clients hailing from corporate and retail sectors. Aztech’s official website is secured and requires both its clients and its employees to registerthemselves with the site. While the clients and employees are remotely located at theirrespective places, their system IP’s are tracked by the ERP system incorporated within theorganisation’s main server. The login information of employees is recorded for attendancepurposes once they access their registered accounts. The application software installed in eachof the employee’s and client’s systems is designed to filter the users by means of a distinctivepasscode. For instance, the interface present inside a client’s system or an employee’s systemwould not allow the data regarding loan products to be accessed by someone who is associatedwith the department of insurance.
BYOD Security: Aztech Case Study_3

RUNNING HEAD: IT Risk Assessment in AztechBy accessing the company’s primary website, a registered user can have access to relevantinformation pertaining to investments and loan products. He/she can also do purchasing on thesame platform without needing the employees to get involved. The process is quite automatedbut the same is made possible because of a series of interconnected software, database andpayment gateways that make registration and online transactions possible. The rules and regulations laid down by the Australian government comes into play in the tradecycle around each kind of investment and the trade & business policies are defined separatelyfor each of the investment option. The differences in rules are as per the legislation drafted bythe Australian Commission of Securities and Investments. The transactions of various clients inAztech are carried out the company’s concerned IT department by means of virtualmanagement. The registered bank account of each client is linked to his/her respectivedematerialization account. This provides the clients with suitable interface for makinginvestments in various financial instruments from their personal locations. Even with such smoothness of virtual operations, the overall IT infrastructure of the company iskept simple for attracting large number of retail and corporate investors. Indeed, it is a well-known fact that technical complexities even on a computer screen can turn down prospectsbecause of individual’s apprehension of financial losses. On the other hand, applicationsoftware that provides a friendly interface and easily understandable functionalities is likely toappeal to any client. Aztech has its own dedicated department for resolving the customergrievances and responding to their business-related queries. The Customer Service Executivesprovide real-time support by means of telephonic conversation and the voice interactions arestored securely as digital data in the company’s database. The organisation’s website meant foronline trading is kept updated on hourly basis for delivering real-time information related toexchanges and buying & selling values of different commodities that are traded. To remaincompetitive in today’s global arena, it is highly expected of an organisation to have acompetitive IT infrastructure and professionals (Campbell, et al 2010).IMPACT OF PROJECT ON THE CURRENT SECURITY POSTURE OF AZTECThe BYOD project proposed by strategist refers to the concept of “Bring Your Own Device”. Itimplies that the employees of an organisation can bring their own personal devices to theworkplace for accomplishing their assigned jobs. These devices may include the personallaptops, cell phones, PDAs, tablets or any other device that supports an interface for officeworks. In case of Aztech, the works correspond to trading, business analytics, databasemanagement and handling of transactions. Several companies around the globe have alreadyadopted such an idea in their workplaces. The thing to notice is that the personal devices act asthe sole devices that their respective owners rely upon. However, this does not lower theessence of virtually located applications because devices only act as individual hardware. Thereis always an underlying need of integrating these personal devices with the ERP applicationsthat support the business activities. Precisely, employees are only advantaged in accessing thevirtual intranet or extranet of a corporation through their personal devices (Leavitt, 2013).
BYOD Security: Aztech Case Study_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents