- Using reliable sources, define academic skills and explain why it is important to master these skills: Kamila Assignment, UK
- Facebook continues to face major ethical and legal challenges. What challenges Facebook brand: Marketing Assignment, UWL, UK
- NL5108 Apply a comprehensive understanding of health improvement strategies across: Collaborative Working for Health and Well-being in Learning Disability Nursing Assignment, KUL, UK
- LAW1901 Offering legal opinions or advice is an activity that constitute the practice of law: Law Office Management Assignment, UK
- BM7060 Specifically, students should use the SOSTAC process to reidentify and develop the following: Digital marketing practice Report, NU, UK
- ENGR4035 Redesign the system of Fig 9.1 using only digital logic gates for the active components such as: Electrical Engineering Assignment, OBU, UK
- ENGR4035 Redesign the delay timer system of Fig 9.1 using only discrete components (Eg. transistors: Basic Electrical Engineering Assignment, OBU, UK
- ENGR4035 Simulate the system shown in Fig 9.1 using Multisim. Initially set the Variable voltage source VB=1.5V: Basic Electrical Engineering Assignment, OBU, UK
- W77576A Kodey Lopez has asked you to justify the recommendations you have made for the charity in Activities 2 and 3: Information Technology Assignment, UK
- W77576A Huggson Animal Rescue requires policies to communicate how IT should be used in the charity: Information Technology Assignment, UK
- W77576A Produce a report for Kodey Lopez evaluating how IT infrastructure could be used to meet: Information Technology Assignment, UK
- Explain the importance of continually improving knowledge and practice: CACHE LEVEL 5 Assignment, UK
- Describe the models of conflict management and conflict resolution 1490: Conflict Management Assignment, UOW, UK
- Describe different communication skills, methods and models: Communication Assignment, UOW, UK
- Discuss the benefits and potential hazards of using technology in communications for organizations: Health and social care Assignment, OU, UK
- Understand the role of communication in effective health and social care practice: Health and social care Assignment, OU, UK
- Critically discuss how the effective promotion of greater equality, diversity, and inclusion in organizations: CIPD Level 7 Strategic People Management Assignment, UK
- Critically evaluate theory and practice in the fields of corporate social responsibility: CIPD Level 7 Strategic People Management Assignment, UK
- Evaluate policy and practice aimed at improving employee well-being in an organization: CIPD Level 7 Strategic People Management Assignment, UK
- Propose initiatives aimed at improving an organisation’s ethics and values: CIPD Level 7 Strategic People Management Assignment, UK
30201140: Bombino is an international courier company well known as the most reliable delivery company in the world: Security Assignment, ATU, UK
|AlHussein Technical University (ATU)
Assignment Brief and Guidance
Bombino is an international courier company well known as the most reliable delivery company in the world. A large number of high-profile business entrust Bombino to deliver their goods including Banks to deliver credit cards,
Ecommerce business to deliver goods of all types including high value electronics and governmental agencies like hospitals and embassies to deliver medication and documents respectively. Customers are offered online service to track their shipments, and request pickups. They can also pay for their
Bombino Datacentre located in Jordan. They have branches in France, Saudi Arabia, Egypt, and USA. As a standard, each branch will have a warehouse that processes physical shipments using a conveyer system that sorts shipments by area. Besides, there is the office area where HR, Account, IT and Management sit, next to a computer room that processes local shares, print servers and connectivity with Jordan datacentre to access the Main tracking system and accounting application; Last there is a warehouse for items storage, with in/out requests received by customers to be delivered to their outlets.
Bombino is planning to move their main tracking application to the cloud in a hybrid model architecture (some other applications will be still hosted on premise). However, they are having security concerns around the move
of apps and data under a cloud provider after being hosted on premise for a long time.
You are hired by the management of Bombino as Information Security Risk Officer to evaluate the securityrelated specifics of its present system and provide recommendations on security and reliability related improvements of its present system as well as to plan the move to the cloud.
Part of your responsibilities is to ensure the confidentiality, integrity, and availability (C.I.A) of the data and related services, also your responsibilities extend to the Safety (S) which is very related to the nature of the industry you are in. You did a security check on most of the applications, systems, policies & procedures, and devices and noticed the following:
1- Not all existing devices (endpoints) within the offices are well secured.
2- One subnet is used for all devices in all monitoring stations.
3- Data processed by conveyer system (related to the shipments) in each branch well be uploaded to the system on the cloud via Internet connection and will be stored there in a database server for analysis and reporting. The transmission of data is done through a published web application over the Internet (front-end back-end architecture). Such information should be highly secured since it is considered of customer privacy and protected by law and regulations.
4- Customers are able to create profiles on an online tracking system hosted on premise and to be moved on the cloud. Such profile contains some personal and private information that should not be disclosed to other parties.
5- When you checked the current data centre as well as the warehouse in each branch, you noticed that the door is easily opened. So, shipments, servers and networking devices are easily accessed by anyone.
You also noticed that the humidity and temperature inside the servers’ room are not well controlled.
6- Some employees have VPN access to the data centre to run some applications remotely.
7- Some other third parties are granted VPN access for support reasons, like the companies that provided and installed the conveyer system.
8- Very minor security procedures taken by Bombino as well as some misconfigurations on some network security devices like firewalls and VPN.
Your manager asked you to prepare a detailed report and a presentation regarding IT security for Bombino services and environment in general. The report is to be submitted to and discussed with the CEO to get approval
for further security policy enforcement. In your report you should:
A. Discuss IT security risks that might put the customers’ and Bombino’s data into danger, taking into consideration all data situations (being entered, transmitted, processed, and stored). Your discussion should include:
1. Identifying those IT security risks from 3 different business stakeholders point views (CFO, CEO, COO, CHRO, etc)
2. Proposing a method to assess and present them to the 3 selected stakeholders.
3. Proposing a method to treat them.
B. Discuss risk assessment procedures
C. Explain how you can take benefit of the ISO risk management methodology (ISO 31000) by summarizing it and highlighting its application in IT security of this project.
D. Recommend ways to improve Bombino IT security via:
1. Describing different security procedures that Bombino could apply to protect customers & business critical data and equipment.
2. Explaining data protection processes and regulations that might help Bombino to enhance IT security.
3. Discussing the benefits of IT security audit and its impact to Bombino IT security.
E. Discuss, in details, the security impact of any misalignment of IT security with Bombino policy.
F. Design and implement a security policy for Bombino.
G. Evaluate the suitability of the tools used in this policy
H. A discussion of the roles of stakeholders in the Bombino to implement security audit recommendations.
I. List the main components of an organisational disaster recovery plan, justifying the reasons for inclusion.
In your presentation, you should be able to cover the followings in front of your manager:
1. Identify and discuss the potential impact of incorrect configuration of some network security devices on IT security.
2. Implementing different techniques in network security (such as DMZ, static IP and NAT). You should provide a detailed recommendation and explanation based on the scenario above for each technique showing how it will enhance security.
3. Discussing the benefits and justification of using a Network Monitoring Systems.
4. Evaluating a minimum of three of physical and three virtual security measures that can be employed to ensure the integrity of IT security.
Buy Answer of This Assessment & Raise Your Grades
If you’re struggling to get your 30201140: Security assignments are done on time, then Students Assignment Help UK is the perfect website for you. we have a team of Ph.D. and master degree experts who provide accounting assignment help, business assignment help, management assignment help, etc at a cheap price.