Guidelines For Managing Of Mobile Devices -Myassignmenthelp.Com

Question: Discuss About The Guidelines For Managing Of Mobile Devices? Answer: Introducation STP Limited is a company that is located in Wollongong and the head office of the company is also located in Wollongong. The primary product in which the organization deals in is cabinets. The business is now expanding to other regions. With the increase in the revenues and sales, the organization has bought new offices in different locations and a lot of new equipment as well. Currently, STP Limited has its offices located in four locations and each of these four locations is equipped with hardware and tools necessary for the execution of the operations. It has become required for the company to improve and maintain its networking architecture and the same has emerged as a primary area of concern as well. STP Limited is making sure that there are newer forms of tools and concepts that are used and implemented in the area of networking and associated technology. There are also networking equipment and gadgets that have been made available in the organization. Every organization is connected to the Internet using ADSL. There are also permissions granted to the members of the staff to carry their personal devices at work. An effective communication channel is required to be present in the organizations. It is because of the reason that with the aid of communication and networking, the stakeholders and employees are provided with updated information and there are no ambiguities involved. Sharing and transmission of the information also gets easier. The networking channel that is going to be developed will make it possible to achieve these benefits and the sharing, transmission and passage of information and files will become smoother and easier. The relationship and engagement with the customers will also improve as advanced networking will keep the customers updated with latest company offerings and details (Cisco, 2008). Scope Statement The project scope includes the mechanisms, operations and activities that may make it possible to develop and improve the security of the networks and the communication channels. An analysis of the requirements of STP Limited in terms of its needs to carry out improve its networking channel and the activities that shall be done in order to accomplish the same shall be identified. The set of these activities shall include the design and development of the network and communication mediums along with the integration and deployment of the networks. Project Objectives Integration of all the four locations of STP Limited as a single unit so that an integrated networking channel can be formed. Maintenance and implementation of the concepts of security in the newly designed networking mediums and equipment that are used (Pareek, 2011). Improvement of the customer relationship and customer engagement levels with the ability to provide the services in such a manner that the customer trust is also improved. Strategic Alignment Parameter/Attribute Details Description Strategies and Decision-making abilities The goals and business objectives of STP Limited are customer centric with an aim to improve the organizational integration and performance. These goals also apply to the project as well. There will be different phases and activities that will be carried out so that the desired communication and networking channel is developed and deployed. The project activities will also make sure that privacy and security of the information is maintained. Technical Aspect STP Limited has network connection and communication equipment that are in place along with the rest of the technical tools and components. The new system and channel will be compatible with the existing tools. The technical feasibility in terms of compatibility, integration and cohesiveness has positive results. Competitive Advantage The customers and market experts prefer the use of business services that have strong privacy and security. The use of secure services will make sure that the service quality is improved which will have a positive impact in terms of the ability to gain competitive advantage. Service Level The Project Manager along with the senior management that is involved with the project will carry out networking strategy and necessary methodology. There are resources that have been tagged for the accomplishment of the project activities. Network Security Management Network security has come up as an important matter of concern for the business organizations in the present times. This is because of the increased probability of the network related risks and attacks that may emerge. In case of STP Limited, it must be analyzed that the local IT department has the required number of resources with adequate skills to provide support services. Remote management is now an integral part of the maintenance of security so that the network monitoring and control may be done with much ease. There are various security protocols and concepts that are present and these protocols shall be implemented in case of STP Limited. Some of these concepts include HTTPS, SSL etc. The configuration of these protocols shall also be done securely. The requirements of the head office that is set up in Wollongong along with three other offices must be met in terms of security and privacy. These solutions shall also be within the defined budget and shall come with the ability to be used and deployed easily. There must also be additional services that must be carried out in terms of secure routing and the ability to set up WAN connections. In this manner, the need to install separate security solutions for networking equipment and channels will be avoided. The controls that are currently in practice for the detection and avoidance of the security attacks are still based upon traditional protocols and the signature based methods. These controls cannot handle the newer forms of security risks and the uncertainties that are involved. It is therefore required to develop and implement security controls in such a manner that the changing nature and landscape of the security threats is targeted and the countermeasures are accordingly developed and implemented (Canavan, 2001). There are reactive and proactive controls that are now being created with the use of latest technologies and advancements. These controls shall be used so that the avoidance and prevention of any form of the risk is avoided. Security Solutions Recommended for the Branch Office The branch office of STP Limited must be equipped with the following security controls and mechanisms. End-to-end connectivity shall be designed and implemented by making use of fast and safe Virtual Private Network (VPN). The centrally hosted and managed applications will be handled easily and remote management will also be carried out with much ease. The internet connection and network that is being used shall be modified to a secure connection as there may be risks and attacks that may come up through any of the regional location. There are many services and applications that are carried out internally in the head office and in other locations. These internal processes shall be made secure by using applicable security code and service (Alabady, 2009). The solution that is developed and deployed must have high usability and performance and it must also be reliable in nature. Data Security Virtual Private Networks: It would be essential to develop and deploy secure Virtual Private Network (VPN) channels so that the security of the overall organization is maintained. There may be simultaneous management of the tunnels that may be involved. The information sets shall be encrypted by making use of the latest encryption algorithms, such as, Tripe DES and Advanced encryption. There shall also be use of NAT traversal in the management of security (Joshi and Karkade, 2015). Firewall: There are various basic to advanced mechanisms that are used in the maintenance and setting up of the security. One such filtering mechanism is firewall and there have been much advancement that has been done in association with firewalls. Network firewalls and system firewalls with Business Intelligence techniques have been created that shall be used. Also, the implementation of firewall must be done at all the layers of the networking channel. Attack Protection: Firewalls are the basic mechanisms and step towards security and simply the implementation of firewalls is not enough to deal with the security risks and attacks. There shall be use of many other advanced security tools and applications that must be done so that different types and forms of the attacks do not occur (Strebe, 2004). Advanced Content Filtering: Network filtering is necessary so that the network based security attacks are automatically avoided. URL filtering shall be used for this purpose. There shall also be use of content filtering and anti-malware and anti-denial tools that must be done in order to ensure that only the authentic and valid entity passes through the filter that is applied (Soriano, 2011). Segmentation Security Domains: There are many business operations and activities that are carried out in the organization. These organizational activities shall be divided on the basis of the nature of operation and activity along with carious other categories. Security policies and controls shall be developed accordingly. Security of Mobile Devices There is almost every single user that is now using mobile device at the professional and personal level. The increase in the use of these devices has been witnessed because of the ease of access that is associated with these devices. Any of the services and applications can be carried out easily on the mobile devices and mobile platforms. Because of such increase in the usage, there are many risks and attacks that have been witnessed. There are controls that can also be applied in this regard. Fingerprinting: Complete information on the mobile device and the associated aspects and details are also provided. Any of the loopholes in security can be detected and highlighted with this technique (Souppaya, 2013). Network Access Controls: STP Limited needs to implement the access controls at the network level as well. This is due to the reason of the presence of a large number of network access points in association with the business organization. The network access controls shall be used and implemented in order to prevent the problems that are associated with the violation of network security. There are certain tools such as network monitoring, network scans, anti-malware etc. that must be done. Authentication: There are many standards and practices that are followed in the field of wireless connection. There must be use of two-fold authentication that must be done (Sujithra and Padmavathi, 2012). Plan Followed for Hardware Purchases Hardware would form an essential part of the networking system and project that will be designed and deployed. Computer Systems: Network design and deployment, network integration, testing of the networking and communication system etc. will be done by using computer systems and platforms. Servers: Database servers are essential for the management and storage of the data. There will also be web servers that will be used. Peripheral Equipment: Networking and communication is made possible only by using a number of peripheral devices. There are many such devices that are present, such as, switches, hubs, routers etc. Simulators and Emulators: These are the tools that are used to provide and represent virtual behavior of the system that may be used in this case. Diagnostic Equipment: There are a number of automated tools that have been developed for the purpose of diagnosis. Communication Devices: The ability to share information and maintain the necessary level of communication will also be essential which would be made possible by using tele-health communication tools. Business continuity The business continuity suffers badly in case of the security risks and attacks. However, with the presence of a disaster recovery plan and processes, the continuity of the business is always maintained. These plans shall also be updated in a timely manner. The information and process around backups and other recovery operations shall be carried out. There shall be advanced backup process that must be used by the management staff members along with the administrative and support staff. There shall be assurance that must be provided for the management of the servers. The process shall be followed by the administrators. Risk Handling Management There are many risks that are associated with every business unit and it holds true for STP Limited as well. The risks need to be handled and managed by making use of a defined process and approach. This process is termed as risk management process and there is a strategy that is followed in this process. Risk Management Strategy There will be a risk register that will be prepared in this approach which will provide information on the risks that may be possible with their nature and description. Responsibilities of the Risks The stakeholders must be assigned to every risk on the basis of its description and the nature of the risk. The stakeholder that would manage and resolve the risk shall be identified (Berg, 2010). Assessment of the Risks The risk must be assessed and carefully analyzed so that the risk attributed like likelihood, impact, level and rank are revealed. In this process, the priority that is associated with every risk is also identified and is reported in the risk assessment report that is designed. Response to the Risks It is necessary to make sure that the risks that are identified are properly managed. There shall be a response that must be analyzed and implemented in association with every risk. This response will determine the future of the risks in the organization in terms of occurrence and control (Crane, 2013). Mitigation of the Risks There is a handling process that is involved with every risk. One such process is risk mitigation in which the risk handling and the guidelines that are associated with the risk are pointed out (Dcu, 2015). Tracking and Reporting of the Risks The mitigation or any other response strategy that is identified shall be tracked in terms of its application and progress. There must be reporting activities that must be carried out to make sure that the risk level is communication to one and all (Debono, 2016). These reports shall be generated in a weekly manner and the risk completion report shall be published as a final result. Conclusions STP Limited is a Wollongong based business organization that manufactures and provides cabinets. Currently, STP Limited has its offices located in four locations and each of these four locations is equipped with hardware and tools necessary for the execution of the operations. An effective communication channel is required to be present in the organizations. It is because of the reason that with the aid of communication and networking, the stakeholders and employees are provided with updated information and there are no ambiguities involved. In case of STP Limited, it must be analyzed that the local IT department has the required number of resources with adequate skills to provide support services. The different forms of network security and information security risks and attacks shall be identified. The controls shall accordingly be applied and implemented. The same goes for mobile devices as well. Recommendations Evaluations Network Security There shall be use of enhanced testing services and practices so that the review and verification is done at a large scale. The previous and current network logs must be carefully analyzed. The data and information on the usage of the application must be highlighted. Infrastructure integration: All the components and entities shall be designed and implemented for strong integration. The use of the devices and operations that are based on the technologies that are no longer in use shall be identified for separation. The effort that is put in by the resources shall be tracked and managed. Companys Mobile Population The mediums that are used by the employees in the area of tele-communications and services. The count of the employees on field, in office locations, warehouses etc. Networking capabilities and capacities associated with all the systems WLAN Evaluation The overall count of the inventory types The count of the form factors with the various types of operating systems and technologies Survey of the location based services and application The WLAN capacity that will be used will be based upon the following in terms of the assessment. Evaluation and monitoring of the 802.11ac connections so that the performance of WLAN is not impacted. Evaluation and monitoring of VoIP services so that the performance of WLAN is not impacted. References Alabady, S. (2009). Design and Implementation of a Network Security Model for Cooperative Network. [online] Available at: https://www.iajet.org/iajet_files/vol.1/no.2/Design%20and%20Implementation%20of%20a%20Network%20Security%20Model%20for%20Cooperative%20Network.pdf [Accessed 10 Oct. 2017]. Berg, H. (2010). Risk Management: Procedures, Methods and Experiences. [online] Available at: https://ww.gnedenko-forum.org/Journal/2010/022010/RTA_2_2010-09.pdf [Accessed 10 Oct. 2017]. Canavan, J. (2001). Fundamentals of Network Security. [online] Available at: https://whc.es/Network/Fundamentals%20of%20Network%20Security.pdf.1.pdf [Accessed 10 Oct. 2017]. Cisco (2008). Wireless and Network Security Integration Solution Overview. [online] Available at: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/secwlandg20/sec_wireless_overview.pdf [Accessed 10 Oct. 2017]. Crane, L. (2013). Introduction to Risk Management. [online] Available at: https://extensionrme.org/pubs/IntroductionToRiskManagement.pdf [Accessed 10 Oct. 2017]. Dcu (2015). Introduction to Risk Management. [online] Available at: https://www.dcu.ie/sites/default/files/ocoo/pdfs/Risk%20Mgt%20Training%20Slides.pdf [Accessed 10 Oct. 2017]. Debono, R. (2016). Project Risk Management. [online] Available at: https://www.isaca.org/chapters11/Malta/Documents/Events/210416%20-%20Mark_Debono%20-%20Understanding_Risk_in_the_Field_of_Project_Management.pdf [Accessed 10 Oct. 2017]. Joshi, M. and Karkade, R. (2015). Network Security with Cryptography. [online] Available at: https://www.ijcsmc.com/docs/papers/January2015/V4I1201544.pdf [Accessed 10 Oct. 2017]. Pareek, R. (2011). Network Security: An Approach towards Secure Computing. [online] Available at: https://www.rroij.com/open-access/network-security-an-approach-towards-secure-computing-160-163.pdf [Accessed 10 Oct. 2017]. Soriano, M. (2011). Information and Network Security. [online] Available at: https://improvet.cvut.cz/project/download/C2EN/Information_and_network_security.pdf [Accessed 10 Oct. 2017]. Souppaya, M. (2013). Guidelines for Managing the Security of Mobile Devices in the Enterprise. [online] Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-124r1.pdf [Accessed 10 Oct. 2017]. Strebe, M. (2004). Network Security Foundations. [online] Available at: https://imcs.dvfu.ru/lib.int/docs/Networks/Security/Network%20Security%20Foundations.pdf [Accessed 10 Oct. 2017]. Sujithra, M. and Padmavathi, G. (2012). Mobile Device Security: A Survey on Mobile Device Threats, Vulnerabilities and their Defensive Mechanism. [online] Available at: https://dl.icdst.org/pdfs/files/35dc646a4630971fd27c6b2d32661555.pdf [Accessed 10 Oct. 2017].