- NVQ Level 5 Unit 510: Understand how to make effective and positive decisions: Decision Making In Adult Care, Assignment, UK
- CIPD Level 7 7CO01 : June 2024 – Assess the trend towards greater globalisation of international business activity: Work and working lives in a changing business environment, Assignment, UK
- Level 6 NVQ : Describe the nature and role of a positive health and safety culture within the organisation: Diploma in Occupational Health and Safety Practice, Assignment, UK
- Review relevant organizational behaviour theories, such as conflict resolution strategies, leadership styles, and team dynamics: People and organisations, Assignment, UK
- 3CO02: Explain what evidence-based practice is and how it might be applied within an organisation : Principles of analytics CIPD Level 3, Assignment, UK
- Wind tunnel testing plays an important role in the design of aircraft. It provides a check on the accuracy of the initial design: Aerospace Engineering, Coursework, UOL, UK
- Select and apply appropriate computational and analytical techniques to model complex problems, recognising the limitations of the techniques employed :AHEP- Assignment 1 , UK
- Cipd level 5 5HR01 Assignment 3 June 2024 : Employment relationship management, UK
- Pearson BTEC Level 3 Unit 6: Website Development : Website evaluation, Assignment, UK
- BTEC Unit 20: Explain, analyze, optimize, and enhance the operation of a simple combinational logic circuit with three (03) fail-safe sensors and one (01) emergency shutdown switch- Digital Principles Assignment 1, UK
- Complete a report to compare three academic sources to identify levels of relevance and application: Health wellbeing and social care, Assignment, UK
- Fluid Power Diagrams – Applications Of Pneumatics And Hydraulics, Tutor Marked Assignment 2, TU, UK
- Fluid Power Diagrams – Applications Of Pneumatics And Hydraulics, Tutor Marked Assignment 1, TU, UK
- Pearson BTEC Level 3 Unit 8 Mechanical Principles of Engineering Systems : Statics, Assignment, UK
- CBB508 – Understand the structure of the eukaryotic cell and the functions of the different components: Cells Assignment, OCN, UK
- Unit4003: Engineering Science I : Examine scientific data using both quantitative and qualitative methods, Assignment, HNC, UK
- COM4007 – Identify design, usability and accessibility issues involved in delivering websites: Introduction to Web Authoring Assignment, AU, UK
- Access to HE Diploma Assessment Materials Sourcing and Reading Information (2024-25) : Computing, Assignment, OCN, UK
- Level 5 This unit will develop your knowledge of the importance of leadership and management theories and styles: The Principles of Leadership and Management in Adult Social Care, Assignment, UK
- Unit 4 – Identify indicators of your wellbeing and wellbeing deterioration: Promoting Personal Wellbeing, Assignment, UK
30201140: Bombino is an international courier company well known as the most reliable delivery company in the world: Security Assignment, ATU, UK
University | AlHussein Technical University (ATU) |
Subject | 30201140: Security |
Assignment Brief and Guidance
Bombino is an international courier company well known as the most reliable delivery company in the world. A large number of high-profile business entrust Bombino to deliver their goods including Banks to deliver credit cards,
Ecommerce business to deliver goods of all types including high value electronics and governmental agencies like hospitals and embassies to deliver medication and documents respectively. Customers are offered online service to track their shipments, and request pickups. They can also pay for their
shipments online.
Bombino Datacentre located in Jordan. They have branches in France, Saudi Arabia, Egypt, and USA. As a standard, each branch will have a warehouse that processes physical shipments using a conveyer system that sorts shipments by area. Besides, there is the office area where HR, Account, IT and Management sit, next to a computer room that processes local shares, print servers and connectivity with Jordan datacentre to access the Main tracking system and accounting application; Last there is a warehouse for items storage, with in/out requests received by customers to be delivered to their outlets.
Bombino is planning to move their main tracking application to the cloud in a hybrid model architecture (some other applications will be still hosted on premise). However, they are having security concerns around the move
of apps and data under a cloud provider after being hosted on premise for a long time.
You are hired by the management of Bombino as Information Security Risk Officer to evaluate the securityrelated specifics of its present system and provide recommendations on security and reliability related improvements of its present system as well as to plan the move to the cloud.
Part of your responsibilities is to ensure the confidentiality, integrity, and availability (C.I.A) of the data and related services, also your responsibilities extend to the Safety (S) which is very related to the nature of the industry you are in. You did a security check on most of the applications, systems, policies & procedures, and devices and noticed the following:
1- Not all existing devices (endpoints) within the offices are well secured.
2- One subnet is used for all devices in all monitoring stations.
3- Data processed by conveyer system (related to the shipments) in each branch well be uploaded to the system on the cloud via Internet connection and will be stored there in a database server for analysis and reporting. The transmission of data is done through a published web application over the Internet (front-end back-end architecture). Such information should be highly secured since it is considered of customer privacy and protected by law and regulations.
4- Customers are able to create profiles on an online tracking system hosted on premise and to be moved on the cloud. Such profile contains some personal and private information that should not be disclosed to other parties.
5- When you checked the current data centre as well as the warehouse in each branch, you noticed that the door is easily opened. So, shipments, servers and networking devices are easily accessed by anyone.
You also noticed that the humidity and temperature inside the servers’ room are not well controlled.
6- Some employees have VPN access to the data centre to run some applications remotely.
7- Some other third parties are granted VPN access for support reasons, like the companies that provided and installed the conveyer system.
8- Very minor security procedures taken by Bombino as well as some misconfigurations on some network security devices like firewalls and VPN.
Your manager asked you to prepare a detailed report and a presentation regarding IT security for Bombino services and environment in general. The report is to be submitted to and discussed with the CEO to get approval
for further security policy enforcement. In your report you should:
A. Discuss IT security risks that might put the customers’ and Bombino’s data into danger, taking into consideration all data situations (being entered, transmitted, processed, and stored). Your discussion should include:
1. Identifying those IT security risks from 3 different business stakeholders point views (CFO, CEO, COO, CHRO, etc)
2. Proposing a method to assess and present them to the 3 selected stakeholders.
3. Proposing a method to treat them.
B. Discuss risk assessment procedures
C. Explain how you can take benefit of the ISO risk management methodology (ISO 31000) by summarizing it and highlighting its application in IT security of this project.
D. Recommend ways to improve Bombino IT security via:
1. Describing different security procedures that Bombino could apply to protect customers & business critical data and equipment.
2. Explaining data protection processes and regulations that might help Bombino to enhance IT security.
3. Discussing the benefits of IT security audit and its impact to Bombino IT security.
E. Discuss, in details, the security impact of any misalignment of IT security with Bombino policy.
F. Design and implement a security policy for Bombino.
G. Evaluate the suitability of the tools used in this policy
H. A discussion of the roles of stakeholders in the Bombino to implement security audit recommendations.
I. List the main components of an organisational disaster recovery plan, justifying the reasons for inclusion.
In your presentation, you should be able to cover the followings in front of your manager:
1. Identify and discuss the potential impact of incorrect configuration of some network security devices on IT security.
2. Implementing different techniques in network security (such as DMZ, static IP and NAT). You should provide a detailed recommendation and explanation based on the scenario above for each technique showing how it will enhance security.
3. Discussing the benefits and justification of using a Network Monitoring Systems.
4. Evaluating a minimum of three of physical and three virtual security measures that can be employed to ensure the integrity of IT security.
Buy Answer of This Assessment & Raise Your Grades
If you’re struggling to get your 30201140: Security assignments are done on time, then Students Assignment Help UK is the perfect website for you. we have a team of Ph.D. and master degree experts who provide accounting assignment help, business assignment help, management assignment help, etc at a cheap price.