STP Ltd Networking Project Report: Security and Business Continuity
VerifiedAdded on 2019/10/31
|20
|5002
|54
Report
AI Summary
This report provides a comprehensive analysis of the networking environment recently implemented at STP Ltd. It examines the project's background, scope, goals, and strategic alignment, focusing on network security, including ideal branch-office security solutions, data security measures (VPNs, firewalls, attack protection, content filtering, and segmentation), and mobile device security. The report addresses the risks associated with BYOD and WLAN attacks, proposing solutions such as employee training and security controls. Business continuity planning, including data backup and disaster recovery, is also discussed, along with risk management strategies for identifying, assessing, and mitigating potential risks. A security policy is defined, and recommendations are provided to ensure the long-term success of the implementation. The report emphasizes the importance of human resources, remote management, and the evolving landscape of security threats.
7 | P a g e
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Executive Summary
The objective of this report is to assess the networking environment which is recently
implemented in STP Ltd. Company. The focus of the report is on the environment
and its connections with the company employees. The report explains the background
information of the project and its objective. Because of the new installation, the
company is likely to face certain security issues and thus, STP needs to use its people,
products and policies in a cooperative manner such that the business remains
protected. Policies have to be implemented in order to keep the company data secure.
Moreover, the procurement processes used in the company must cause minimum
disruption to the networking environment. Business continuity reflects upon the
endurance capacity of a business. First, a backup of the organizational data has to be
taken for business continuity post which disaster recovery plans have to be
formulated for the physical security of the infrastructure. The report discusses these
steps involved in business continuity planning including succession planning. Risk
management details are provided in the report to explain how STP can manage risk
scenarios and identify the risk categories. For protection of the STP assets, security
policy has to be defined and implemented and thus, the same has also been discussed.
Finally, the report presents a list of recommendations that aim to make the
implementation successful for a long term.
The objective of this report is to assess the networking environment which is recently
implemented in STP Ltd. Company. The focus of the report is on the environment
and its connections with the company employees. The report explains the background
information of the project and its objective. Because of the new installation, the
company is likely to face certain security issues and thus, STP needs to use its people,
products and policies in a cooperative manner such that the business remains
protected. Policies have to be implemented in order to keep the company data secure.
Moreover, the procurement processes used in the company must cause minimum
disruption to the networking environment. Business continuity reflects upon the
endurance capacity of a business. First, a backup of the organizational data has to be
taken for business continuity post which disaster recovery plans have to be
formulated for the physical security of the infrastructure. The report discusses these
steps involved in business continuity planning including succession planning. Risk
management details are provided in the report to explain how STP can manage risk
scenarios and identify the risk categories. For protection of the STP assets, security
policy has to be defined and implemented and thus, the same has also been discussed.
Finally, the report presents a list of recommendations that aim to make the
implementation successful for a long term.
Table of Contents
EXECUTIVE SUMMARY...............................................................................................8
INTRODUCTION..........................................................................................................10
PROJECT BACKGROUND..........................................................................................10
PROJECT SCOPE..................................................................................................................10
PROJECT GOALS..................................................................................................................11
STRATEGIC ALIGNMENT OF THE PROJECT...........................................................................11
NETWORK SECURITY................................................................................................12
IDEAL BRANCH-OFFICE SECURITY SOLUTION....................................................................13
SECURING DATA.................................................................................................................14
MOBILE DEVICE SECURITY..................................................................................................15
WIRELESS LOCAL AREA NETWORK (WLAN) ATTACKS.....................................................15
BYOD RISKS......................................................................................................................15
PLAN FOR HARDWARE PURCHASES......................................................................16
ACQUISITION OF NEW HARDWARE......................................................................................17
END USER FEEDBACK AND REVIEWS...................................................................................17
PURCHASING STRATEGIES...................................................................................................18
ASSET REGISTER.................................................................................................................18
BUSINESS CONTINUITY.............................................................................................19
RISK MANAGEMENT..................................................................................................20
RISK MANAGEMENT STRATEGY.........................................................................................20
Risk Identification..........................................................................................................20
Risk Responsibilities.......................................................................................................20
Risk Assessment..............................................................................................................20
Risk Response.................................................................................................................20
Risk Mitigation...............................................................................................................21
Tracking and Reporting..................................................................................................21
SECURITY POLICY.....................................................................................................21
OBJECTIVE......................................................................................................................21
THE SECURITY POLICY ENSURES THAT:...............................................................................21
TRAINING AND AWARENESS................................................................................................23
INTEGRATION TECHNOLOGY...............................................................................................23
CONCLUSIONS.............................................................................................................24
RECOMMENDATIONS................................................................................................24
REFERENCES...............................................................................................................27
EXECUTIVE SUMMARY...............................................................................................8
INTRODUCTION..........................................................................................................10
PROJECT BACKGROUND..........................................................................................10
PROJECT SCOPE..................................................................................................................10
PROJECT GOALS..................................................................................................................11
STRATEGIC ALIGNMENT OF THE PROJECT...........................................................................11
NETWORK SECURITY................................................................................................12
IDEAL BRANCH-OFFICE SECURITY SOLUTION....................................................................13
SECURING DATA.................................................................................................................14
MOBILE DEVICE SECURITY..................................................................................................15
WIRELESS LOCAL AREA NETWORK (WLAN) ATTACKS.....................................................15
BYOD RISKS......................................................................................................................15
PLAN FOR HARDWARE PURCHASES......................................................................16
ACQUISITION OF NEW HARDWARE......................................................................................17
END USER FEEDBACK AND REVIEWS...................................................................................17
PURCHASING STRATEGIES...................................................................................................18
ASSET REGISTER.................................................................................................................18
BUSINESS CONTINUITY.............................................................................................19
RISK MANAGEMENT..................................................................................................20
RISK MANAGEMENT STRATEGY.........................................................................................20
Risk Identification..........................................................................................................20
Risk Responsibilities.......................................................................................................20
Risk Assessment..............................................................................................................20
Risk Response.................................................................................................................20
Risk Mitigation...............................................................................................................21
Tracking and Reporting..................................................................................................21
SECURITY POLICY.....................................................................................................21
OBJECTIVE......................................................................................................................21
THE SECURITY POLICY ENSURES THAT:...............................................................................21
TRAINING AND AWARENESS................................................................................................23
INTEGRATION TECHNOLOGY...............................................................................................23
CONCLUSIONS.............................................................................................................24
RECOMMENDATIONS................................................................................................24
REFERENCES...............................................................................................................27
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Introduction
STP Limited is an organization that is based out of Wollongong and has its head
office in the same city. The organization manufactures cabinets and is expanding to
the other regions as well. The sales and revenue are going good for the organization
and as a result, it recently bought office premises in Bathurst and Lithgow. They have
also set up a new office in Sydney. The company is currently located in four locations
and has warehouse machines and other equipment installed in these locations.
Project Background
There are new networking and communication technologies that are being used by
STP Limited to enhance its connectivity and integration capabilities. Every office of
the company is equipped with a modem and a switch and the Internet connection is
made active with the aid of ADSL. The members of the staff are allowed to Bring
their Own Devices at work which is also known as the BYOD scheme. The wireless
connections are also made enable by the organization.
The enhanced network connections will allow the employees to be connected with
each other at any hour of the day. It will aid in the resolution of the problems and
conflicts in a timely manner and will make it possible to experience enhanced
efficiency and productivity of the employees. The customers will also be able to
contact the organization in case of any query or complaint. There will be enhanced
help and assistance services provided which will make it easy to increase the levels of
customer trust and engagement (Cisco, 2008).
Project Scope
The scope of the project will include the design, development and deployment of the
measures so that the enhanced networking mediums are implemented. Privacy is one
of the essential properties that are required to be maintained in association with the
information and networks. The efforts will also be implemented to make sure that the
privacy of the information and the communication networks is not disturbed or
violated.
STP Limited is an organization that is based out of Wollongong and has its head
office in the same city. The organization manufactures cabinets and is expanding to
the other regions as well. The sales and revenue are going good for the organization
and as a result, it recently bought office premises in Bathurst and Lithgow. They have
also set up a new office in Sydney. The company is currently located in four locations
and has warehouse machines and other equipment installed in these locations.
Project Background
There are new networking and communication technologies that are being used by
STP Limited to enhance its connectivity and integration capabilities. Every office of
the company is equipped with a modem and a switch and the Internet connection is
made active with the aid of ADSL. The members of the staff are allowed to Bring
their Own Devices at work which is also known as the BYOD scheme. The wireless
connections are also made enable by the organization.
The enhanced network connections will allow the employees to be connected with
each other at any hour of the day. It will aid in the resolution of the problems and
conflicts in a timely manner and will make it possible to experience enhanced
efficiency and productivity of the employees. The customers will also be able to
contact the organization in case of any query or complaint. There will be enhanced
help and assistance services provided which will make it easy to increase the levels of
customer trust and engagement (Cisco, 2008).
Project Scope
The scope of the project will include the design, development and deployment of the
measures so that the enhanced networking mediums are implemented. Privacy is one
of the essential properties that are required to be maintained in association with the
information and networks. The efforts will also be implemented to make sure that the
privacy of the information and the communication networks is not disturbed or
violated.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Project Goals
Ability to make sure that all the office locations and units of STP Limited are
integrated with each other as a single unit.
Ability to ensure that the security of the networks and the information
channels is maintained along with the assurance of privacy (Pareek, 2011).
Ability to make sure that enhanced revenues and customer engagement is
earned with the improved networking and communication medium.
Strategic Alignment of the Project
Alignment Perspective Description
Strategic Execution Project goals are in line with
organizational goals.
The design, development and
deployment of the networking,
security, privacy and integration
measures will be done to achieve
the goals.
Technological Potential The wireless connections and
networking equipment that have
been set up are compatible with the
organizational systems and
applications.
The integration and security
solutions that are proposed are
feasible on the basis of technical
feasibility study.
Competitive Potential Network security and privacy is a
much in demand trend in the
market.
Enhancement of the quality of
service
Service Level A networking strategy has been
designed and determined by the
Project Manager so that the
Ability to make sure that all the office locations and units of STP Limited are
integrated with each other as a single unit.
Ability to ensure that the security of the networks and the information
channels is maintained along with the assurance of privacy (Pareek, 2011).
Ability to make sure that enhanced revenues and customer engagement is
earned with the improved networking and communication medium.
Strategic Alignment of the Project
Alignment Perspective Description
Strategic Execution Project goals are in line with
organizational goals.
The design, development and
deployment of the networking,
security, privacy and integration
measures will be done to achieve
the goals.
Technological Potential The wireless connections and
networking equipment that have
been set up are compatible with the
organizational systems and
applications.
The integration and security
solutions that are proposed are
feasible on the basis of technical
feasibility study.
Competitive Potential Network security and privacy is a
much in demand trend in the
market.
Enhancement of the quality of
service
Service Level A networking strategy has been
designed and determined by the
Project Manager so that the
organization goals are met.
Resources have been allocated to
the project tasks and activities at
the operational and managerial
levels.
Network Security
There are various issues that must be addressed from the point of view of network
security. It must be made sure that there are enough human resources in the
department of local IT as the support staff. It would be necessary to understand the
significance of remote management of the security controls and mechanisms. The
device configuration that is set up shall be allowed to be accessed with the means of
HTTP, HTTPS, Telnet, SSL and likewise.
In a nutshell, the security solutions that are set up at the branch office must target the
needs and requirements of the office sizes and these shall also be easy to deploy and
economical in nature. Secure routing, WAN connections etc. shall also be included.
This will eliminate the requirement of installing separate networking devices and
equipment.
Another condition that must be considered is the changing landscape of the security
threats and attacks. There may be some extremely severe implications of these attacks
and threats. For instance, in the year 2003, Slammer worm infected 90% of the
susceptible hosts in 10 minutes with the doubling rate of 8.5 seconds. There are
signature based countermeasures that are being implemented in the organizations
which cannot be updated at such a short period of time (Canavan, 2001).
Supplementing of the reactive countermeasures will be required that may have the
ability to prevent the uncertainties and security attacks that are not predicted earlier.
The use of network focussed defence mechanisms shall also be used for preventing
the security attacks associated with application layer and services.
Resources have been allocated to
the project tasks and activities at
the operational and managerial
levels.
Network Security
There are various issues that must be addressed from the point of view of network
security. It must be made sure that there are enough human resources in the
department of local IT as the support staff. It would be necessary to understand the
significance of remote management of the security controls and mechanisms. The
device configuration that is set up shall be allowed to be accessed with the means of
HTTP, HTTPS, Telnet, SSL and likewise.
In a nutshell, the security solutions that are set up at the branch office must target the
needs and requirements of the office sizes and these shall also be easy to deploy and
economical in nature. Secure routing, WAN connections etc. shall also be included.
This will eliminate the requirement of installing separate networking devices and
equipment.
Another condition that must be considered is the changing landscape of the security
threats and attacks. There may be some extremely severe implications of these attacks
and threats. For instance, in the year 2003, Slammer worm infected 90% of the
susceptible hosts in 10 minutes with the doubling rate of 8.5 seconds. There are
signature based countermeasures that are being implemented in the organizations
which cannot be updated at such a short period of time (Canavan, 2001).
Supplementing of the reactive countermeasures will be required that may have the
ability to prevent the uncertainties and security attacks that are not predicted earlier.
The use of network focussed defence mechanisms shall also be used for preventing
the security attacks associated with application layer and services.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Ideal Branch-Office Security Solution
It shall provide a fast and safe VPN connection based on the site-to-site
connectivity.
A direct and secure access to the internet shall be provided. This would be
significant in the avoidance of unknown Internet traffic re-directed through
any of the regional headquarters location.
Improved security services and solutions shall be provided for the internal
services and network connections (Alabady, 2009).
It shall be easy to use and shall also be cost-effective in nature.
Securing data
Virtual Private Networks: The establishment of IPSec VPNs will be a prime
necessity for the branch security solutions and services. The use of secure
encryption algorithms, such as tripe DES and AES shall be used with key
exchange and user authentication protocols (Joshi and Karkade, 2015). NAT
traversal and Microsoft VPN clients shall also be made available for the
maintenance of security.
Firewall: Firewall is one of the most significant measures for the security of
the data. The effectiveness of firewalls can be realized only by the mode of
application of the same, for instance, the implementation of firewall at the
network layer only will not be able to prevent the security risks associated
with the application layer.
Attack Protection: There is certain amount of traffic that passes through even
with the set up of the firewalls. It also does not identify certain types of
security risks and attacks. Intrusion detection and prevention is a technology
that comes in the picture to identify and prevent the entry of the bad elements.
There are anomaly based, signature based, network based and behaviour based
intrusion detection and prevention systems that have been developed for
preventing many of the denial of service, flooding and integrity attacks
(Strebe, 2004).
Advanced Content Filtering: There are many of the anti-malware packages
that are present such as, anti-viruses, anti-spyware etc. these are completely
reactive in nature but have the capability to control the file based attacks and
It shall provide a fast and safe VPN connection based on the site-to-site
connectivity.
A direct and secure access to the internet shall be provided. This would be
significant in the avoidance of unknown Internet traffic re-directed through
any of the regional headquarters location.
Improved security services and solutions shall be provided for the internal
services and network connections (Alabady, 2009).
It shall be easy to use and shall also be cost-effective in nature.
Securing data
Virtual Private Networks: The establishment of IPSec VPNs will be a prime
necessity for the branch security solutions and services. The use of secure
encryption algorithms, such as tripe DES and AES shall be used with key
exchange and user authentication protocols (Joshi and Karkade, 2015). NAT
traversal and Microsoft VPN clients shall also be made available for the
maintenance of security.
Firewall: Firewall is one of the most significant measures for the security of
the data. The effectiveness of firewalls can be realized only by the mode of
application of the same, for instance, the implementation of firewall at the
network layer only will not be able to prevent the security risks associated
with the application layer.
Attack Protection: There is certain amount of traffic that passes through even
with the set up of the firewalls. It also does not identify certain types of
security risks and attacks. Intrusion detection and prevention is a technology
that comes in the picture to identify and prevent the entry of the bad elements.
There are anomaly based, signature based, network based and behaviour based
intrusion detection and prevention systems that have been developed for
preventing many of the denial of service, flooding and integrity attacks
(Strebe, 2004).
Advanced Content Filtering: There are many of the anti-malware packages
that are present such as, anti-viruses, anti-spyware etc. these are completely
reactive in nature but have the capability to control the file based attacks and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
many of the known threats and attacks. There is Web/URL filtering measure
that may focus on the outbound traffic and prevent the access to the web sites
that are not safe (Soriano, 2011).
Segmentation & Security Domains: Internal security at the branch office may
be improved with the aid of this measure. It makes sure that the associated
appliances have the capabilities such as multiple LAN interfaces along with
VLAN connections. A unique security policy is enforced on the basis of the
users and the computing resources.
Mobile device security
Mobile devices have become a crucial part of the IT infrastructure of a small
business. However, it also presents certain risks to the company that is not always
identified at the time of first implementation. Mobile devices give flexibility and
mobility but are also faced with issues like limitations of the hardware and security
concerns rising from downloading of un-trusted content.
A security strategy shall be developed and implemented to ensure the safety and
security of the mobile devices. There are also unknown devices that may be
connected to the office network with the use of BYOD technology.
Wireless Local Area Network (WLAN) attacks
Currently there are many staff at the company that are connecting wirelessly with a
mobile device such as a laptop. The risk of such an environment is significant as the
asset that holds the most value is very attractive to those who wish to steal or damage
vital information. Capturing wireless data is one of the most common enterprise
attacks external of the enterprise while rogue access points and evil twin access point
are internalized. WLAN attacks can be overcome by proper configuration of devices
and employee training programs.
BYOD risks
Currently, the staff of STP Ltd can connect to the organization’s wireless network
through their personal devices. This option has less financial constraints which is
convenient for the company but at the same time, it is also exposed to greater risks.
The confidential information of the company can get exposed because of user actions.
Malicious software can also attack the device or the network affecting the security
baseline of the organization. Thus, for the use of personal devices, minimum security
that may focus on the outbound traffic and prevent the access to the web sites
that are not safe (Soriano, 2011).
Segmentation & Security Domains: Internal security at the branch office may
be improved with the aid of this measure. It makes sure that the associated
appliances have the capabilities such as multiple LAN interfaces along with
VLAN connections. A unique security policy is enforced on the basis of the
users and the computing resources.
Mobile device security
Mobile devices have become a crucial part of the IT infrastructure of a small
business. However, it also presents certain risks to the company that is not always
identified at the time of first implementation. Mobile devices give flexibility and
mobility but are also faced with issues like limitations of the hardware and security
concerns rising from downloading of un-trusted content.
A security strategy shall be developed and implemented to ensure the safety and
security of the mobile devices. There are also unknown devices that may be
connected to the office network with the use of BYOD technology.
Wireless Local Area Network (WLAN) attacks
Currently there are many staff at the company that are connecting wirelessly with a
mobile device such as a laptop. The risk of such an environment is significant as the
asset that holds the most value is very attractive to those who wish to steal or damage
vital information. Capturing wireless data is one of the most common enterprise
attacks external of the enterprise while rogue access points and evil twin access point
are internalized. WLAN attacks can be overcome by proper configuration of devices
and employee training programs.
BYOD risks
Currently, the staff of STP Ltd can connect to the organization’s wireless network
through their personal devices. This option has less financial constraints which is
convenient for the company but at the same time, it is also exposed to greater risks.
The confidential information of the company can get exposed because of user actions.
Malicious software can also attack the device or the network affecting the security
baseline of the organization. Thus, for the use of personal devices, minimum security
requirements must be defined and the employees must be trained on the aspects of
data protection and security.
There are some essential tools that may be used for further enhancing the mobile
device security.
Fingerprinting: It is a mechanism that enhances and inspects the
characteristics that are associated with the mobile devices to understand the
device properties. It may highlight the unsafe devices and their presence in the
networks (Souppaya, 2013).
Network Access Controls: It is commonly abbreviated as NAC and is a
measure that may be used for advanced device management by the
organizations. An in-depth analysis of the device is done under NAC to
highlight the presence of any intruders associated with the device, anti-virus
and anti-span packages and so on.
Authentication: This is the security solution that comes after the
fingerprinting and NAC. It authenticates the users on the basis of the WLAN
standards such as 802.1x standard. The combination of the three controls will
provide the organizations with the required set of security controls and
network management (Sujithra and Padmavathi, 2012).
Plan for Hardware Purchases
Procurement strategy is an important area of operations of an organization as it keeps
the operations going on. Purchase planning is vital for a company. Research can be
used for aligning purchase processes with organizational strategy. This can improve
financial and operational performance of the business. Hardware purchases would put
some financial burdens to the organization and thus, contingency plans are required to
be developed for ensuring that business operations remain continued.
Acquisition of new hardware
Purchase of new hardware cannot be avoided as it can result from causes like loss,
failure, or damage to the devices. As the Gympie store is located in an area which is
flood prone and thus, it can be a concern for the company. STP limited has deferred
the procurement risks by insuring its business assets. However, for preparing to deal
with circumstances, certain documents and assets such as asset register, budget
data protection and security.
There are some essential tools that may be used for further enhancing the mobile
device security.
Fingerprinting: It is a mechanism that enhances and inspects the
characteristics that are associated with the mobile devices to understand the
device properties. It may highlight the unsafe devices and their presence in the
networks (Souppaya, 2013).
Network Access Controls: It is commonly abbreviated as NAC and is a
measure that may be used for advanced device management by the
organizations. An in-depth analysis of the device is done under NAC to
highlight the presence of any intruders associated with the device, anti-virus
and anti-span packages and so on.
Authentication: This is the security solution that comes after the
fingerprinting and NAC. It authenticates the users on the basis of the WLAN
standards such as 802.1x standard. The combination of the three controls will
provide the organizations with the required set of security controls and
network management (Sujithra and Padmavathi, 2012).
Plan for Hardware Purchases
Procurement strategy is an important area of operations of an organization as it keeps
the operations going on. Purchase planning is vital for a company. Research can be
used for aligning purchase processes with organizational strategy. This can improve
financial and operational performance of the business. Hardware purchases would put
some financial burdens to the organization and thus, contingency plans are required to
be developed for ensuring that business operations remain continued.
Acquisition of new hardware
Purchase of new hardware cannot be avoided as it can result from causes like loss,
failure, or damage to the devices. As the Gympie store is located in an area which is
flood prone and thus, it can be a concern for the company. STP limited has deferred
the procurement risks by insuring its business assets. However, for preparing to deal
with circumstances, certain documents and assets such as asset register, budget
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
forecasts, emergency plans, policies, procedures, reviews and strategies can be
created and maintained.
End user feedback and reviews
A review from employees as users of the hardware system can help identify concerns
around outdated or overloaded application. It can also be known if the user is
downloading or running certain applications on the devices causing load to the system
unnecessarily. Reviews can be scheduled for evaluation of the hardware performed
such that the management can take more informed decisions about procurement. The
review would help management identify current issues as well as potential risks that
can be faced in future.
created and maintained.
End user feedback and reviews
A review from employees as users of the hardware system can help identify concerns
around outdated or overloaded application. It can also be known if the user is
downloading or running certain applications on the devices causing load to the system
unnecessarily. Reviews can be scheduled for evaluation of the hardware performed
such that the management can take more informed decisions about procurement. The
review would help management identify current issues as well as potential risks that
can be faced in future.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Purchasing strategies
The management must make sure that the company has enough funds for the hardware purchase
which needs a careful, cash flow planning. Small organizations like the current one is more
likely to have close coordination between employees and thus, strategic alignment would be
better. If the organization needs to take the advantages of purchasing hardware at low price,
suppliers have to be identified appropriately and the business needs have to be understood
through exploration of the business requirements.
Asset register
There are many equipment necessary for installation and testing purposes. Some of the necessary
hardware may include the following:
Computer Systems: These may be required for accessing the tools and applications for
the purpose of installation and testing.
Servers: There are web and file servers that may be required for accessing various
information sets along with the database servers as well.
Peripheral Equipment: Networking equipment such as switches, bridges, routers, hubs,
gateways would be required for establishing and maintaining network connections.
Simulators and Emulators: It would not be possible to carry out testing activities on all
the devices and these tools will come into the picture for gaining a virtual experience and
testing purposes.
Diagnostic Equipment: The troubleshooting and diagnostic processes will be carried out
for network management and security using this equipment.
Communication Devices: These will be necessary for the sharing of information and data.
Business continuity
Data Backup
If the company makes use of cloud based applications then the need for creating backup on the
local devices is eliminated. However, the data that gets exchanged over the POS and other non-
cloud applications is also the company’s responsibility. Thus, an offsite backup of the store has t
be created such that data can be retrieved in case the site is damaged so that the business can be
continued without interruptions. A cloud based system can be used for creating this backup
17 | P a g e
The management must make sure that the company has enough funds for the hardware purchase
which needs a careful, cash flow planning. Small organizations like the current one is more
likely to have close coordination between employees and thus, strategic alignment would be
better. If the organization needs to take the advantages of purchasing hardware at low price,
suppliers have to be identified appropriately and the business needs have to be understood
through exploration of the business requirements.
Asset register
There are many equipment necessary for installation and testing purposes. Some of the necessary
hardware may include the following:
Computer Systems: These may be required for accessing the tools and applications for
the purpose of installation and testing.
Servers: There are web and file servers that may be required for accessing various
information sets along with the database servers as well.
Peripheral Equipment: Networking equipment such as switches, bridges, routers, hubs,
gateways would be required for establishing and maintaining network connections.
Simulators and Emulators: It would not be possible to carry out testing activities on all
the devices and these tools will come into the picture for gaining a virtual experience and
testing purposes.
Diagnostic Equipment: The troubleshooting and diagnostic processes will be carried out
for network management and security using this equipment.
Communication Devices: These will be necessary for the sharing of information and data.
Business continuity
Data Backup
If the company makes use of cloud based applications then the need for creating backup on the
local devices is eliminated. However, the data that gets exchanged over the POS and other non-
cloud applications is also the company’s responsibility. Thus, an offsite backup of the store has t
be created such that data can be retrieved in case the site is damaged so that the business can be
continued without interruptions. A cloud based system can be used for creating this backup
17 | P a g e
STP Limited
which would ensure that most valuable assets are well protected from any losses. Multi-general
backups can be created by administrators who would be responsible for the management of the
departmental servers.
Physical security
The internal and external environment of the organization affects its physical security. The
organizations physical infrastructure could be located in a place that is prone to security risks
such as network failures, power outages, road blocks, and floods. Thus, disaster recovery
planning is essential such that staff can be made prepared to deal with such situations and ensure
that business operations continuity is still maintained. In case of insider threats, it is the
responsibility of the administrator to ensure that the systems remain secure and protected from
insider threats.
Succession planning
There can be situations when an important employee or the owner of the organization is unable
to work because of unforeseen situations such as injuries from accidents. The company must
remain prepared to deal with such situations. Planning must include the details of the roles and
the process for appointment of the other people who can take over the work in such
circumstances. The strengths and weaknesses may be assessed and development opportunities
may be identified through monitoring, support and evaluation.
Risk management
Risk management is defined as a process that may include the measures for the identification,
assessment and treatment of the risks.
18
which would ensure that most valuable assets are well protected from any losses. Multi-general
backups can be created by administrators who would be responsible for the management of the
departmental servers.
Physical security
The internal and external environment of the organization affects its physical security. The
organizations physical infrastructure could be located in a place that is prone to security risks
such as network failures, power outages, road blocks, and floods. Thus, disaster recovery
planning is essential such that staff can be made prepared to deal with such situations and ensure
that business operations continuity is still maintained. In case of insider threats, it is the
responsibility of the administrator to ensure that the systems remain secure and protected from
insider threats.
Succession planning
There can be situations when an important employee or the owner of the organization is unable
to work because of unforeseen situations such as injuries from accidents. The company must
remain prepared to deal with such situations. Planning must include the details of the roles and
the process for appointment of the other people who can take over the work in such
circumstances. The strengths and weaknesses may be assessed and development opportunities
may be identified through monitoring, support and evaluation.
Risk management
Risk management is defined as a process that may include the measures for the identification,
assessment and treatment of the risks.
18
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 20
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.