Free Essay

Cmgt 245 Week 5 Team Paper

In: Computers and Technology

Submitted By skruffy81
Words 1687
Pages 7
Underground HipHop.com Security Policy

CMGT/245
June 24, 2013

Underground Hiphop.com All things hip hop can be found at undergrounhiphop.com or by visiting the store. Bloggers and consumers can log onto the portal to share what they know and what they think on the blogs and forums, find the times and dates of local concerts, or purchase hip hop paraphernalia. It is important to keep in mind the best interest of the consumers and the company by ensuring both are well protected. Team A has reviewed the goals and plans underground hiphop.com must meet to protect the business and its consumers. The company’s goal is to track inventory, make sure all financial transactions are safe in both the store and online location, and to make sure the website is PCI compliant so the customers will not put the consumer’s identity in danger of theft. In an effort to make the necessary changes, team A has reviewed the physical security section, access control section, the network security section of the security policy, and the security of information systems.
Physical Security Physical Security viewpoints remain concerned with measures designed to deny or provide access to individuals from a physical access point for Underground HipHop.com. This can stand as simple as a locked door or as complex as a biometric entrance into the facility. Additional steps will have signs posted clearly defining rules and regulations simplified of the company’s physical security policy, without providing specific information about the security division for the company stands located within the building. The company will make sure that there is not a point of failure to compromise the security of Underground HipHop.com. The goal of physical security is to ward off potential security risks of an intruder gaining access to the facility.

Physical properties can stand restricted within a facility based on the rights of the individual employees through controls. Security can reduce risks not eliminate them entirely. The goal of physical security within offices, rooms, and facilities is to provide that initial layer of security or to deter threats. Key access to a facility can remain challenging to manage with user turnover. Electric access control can exist easily managed through automation, controlling the use restricting times within a work schedule or off work hours. Security of the facilities and entry controls measure and provides altogether physical security measures within the establishment to keep the ongoing prevention through the design of physical barriers while determining the physical access areas and their potential for unsecure access. Providing isolated delivery and loading areas for work access can reduce the risks by eliminating entrance and exits points. This will provide benefits from a financial perspective of the security cost for managing these areas as well. The company can also evaluate some strategic design approaches to find the best fit for Underground HipHop.com Company plus while keeping their budget manageable. Some requirements suggest that HipHop.com Company can limit the access to the delivery and loading areas. Keeping this area from key core functions for the business where company business information stays stored. Physical Security requirements will change as the business grows. Taking the initiative to stay ahead of the risks that may develop with the evaluation of the processes and procedures regularly will inhibit some physical security risks.
Security of Information Systems The security of information systems may focus primarily on certain areas such as the workplace, equipment, connection tools, and devices such as laptops. Workplace protection should be taken seriously seeing that most companies have been experiencing higher threats by hackers, as most know, unauthorized users can be the most dangerous at times. Therefore, it is a good idea to have effective security practices in place that will create a balanced technology along with personal management. In the case of unused posts and cabling, this can present structural vulnerabilities, such as preventing cool air from reaching your hot spots on your system. They can also present fire threats because of them just lying around near areas that may generate heat, so it is very wise to discard of post and cabling no longer in use. One other area that can help in the security of information systems would be equipment maintenance because how many times have we seen or even used equipment that was not up to standard or just outdated. Just by simply keeping the network system functioning at its best can help to provide security because hackers are often looking for faulty, weak, and outdated equipment. This allows easy access to the information that hackers may be looking for, but if one properly maintains the equipment it makes it difficult for the hackers to gain access. The next area of concern would be portable or wireless devices, such as laptops and smartphone that have access to the Internet and e-mail. VPN protects information traveling by way of air or wire which will keep information from being intercepted as well as controlling the traffic flow on this type of equipment. The network and server equipment should also be closely looked at because it is also at risk to vulnerabilities, the first being remote access. If you are trying to login to the web server one must ensure that the remote location is secure through the use of tunneling or encryption protocols. It would also be a good idea to put in place some policies that indicates privileged access to the server and who must have permission, just by taking precautions as such will help to create security of information systems.
Access Control Access control is an integral part of network security. Discussed here are four different methods or types of these access controls. All four of these methods are a form of authentication requiring one of three factors; something known, something owned, or something you are. The first of these methods is user enrollment or identification. This method asks for a username and password to give access to a specific network, folder, or computer. This method uses the factor of something known, like a password and username. A username/identification authenticates a user’s rights to a network, which ties into the next method of access control. Authentication is the next method used in access control; authentication uses one or more factors. An example of something you are is the fingerprint. Another example would be a hand print, voice recognition, or a retina scan. The other factor, something owned would be a key card, key, or perhaps a Common Access Card. (Security +) The two other access controls used are more for the privileged users or those who need access to classified network data or working from home or travel. Privileged and special account access is a form of access control used to grant users a higher authorized account to either make changes to the network servers, computer, or printers, or to make changes to user account information from anywhere on the network. If one does not have these privileges attached to their account, they will get an access denied variation shown when trying to access specific information. Remote access is a form of access control on a more complex level. Remote access is a variant of privileged access, where a user is assigned to a group that has remote access rights. Whether it is remote desktop or Virtual Private Networking (VPN), that individual has to have the rights to remote onto another network computer as an administrator, or remote into the network drives from an outside Internet Service Provider (ISP). Access control coupled together with physical security creates a more robust security called defense in depth.
Network Security Network security and network access are essential in protecting business and the consumers who log on every day to place order, communicate with others and voice their opinions. There will be many online users adding to the blogs and placing orders, and for them it is recommended to use a traditional network access server (NAS). The NAS will use the typical log on and authentication process to verify the identity of the users, and only allow access to different parts of the sites based on log-in credentials. In addition to these processes NAS will also be “implementing anti-threat applications such as firewalls, anti-virus software and spy-ware-detection programs. NAC also regulates and restricts the things individual subscribers can do once they are connected” (Rouse, 2006). A stricter approach to network security will be applied to in store employees and all other employee who will utilize the network to access work related functions such as entering and tracking inventory. For all employees implementing a Network Admission Control (NAC) is required. The NAC “is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy” (Rouse, 2006). A combination of physical and logical network access control devices will be used in order offer as much security as possible. Using complex log on requirements, including user name and passwords in combination with site keys or pictures to will identify and authenticate non-employee users. There will also be a certain level of security requirements needed by all users to have on their computer before allowed access. The same will apply to employees; however, there will be an additional requirement of employee ID numbers alongside employee badges to use before granting access. Locking all equipment inside the store with an alarm system with each individual CPU stored in a locked box with those keys locked in the manager’s office inside a time lock safe.

References
Merkow, M. S., & Breithaupt, J. (2006). Physical Security Control [University of Phoenix Custom Edition eBook]. : A Pearson Education Company. Retrieved from e.g. University of Phoenix, Chapter 8 Physical Security Control website.

Physical Security. (2013). Retrieved from http://www.csoonline.com/topic/221490/physical-security

Rouse, M. (2006). What is network-access control (NAC)?- Definition from whatis.com. Networking information, new and tips- SearchNetwork.com. Retrieved June 16, 2013 from http://searchnetworking.techtarget.com/definition/network-access-control/…...

Similar Documents

Premium Essay

Mktg Team C Paper Week 5

...aggregated even further to ensure that advertising reaches its target audience. For Magnolia Bakery, the market segment would be the consumer who has an appreciation for pastries created with loving care. The target market can be broken down further to specify the consumer who appreciates the convenience of home delivery based on specific criteria. The criteria are the busy mom, the on the go executive, the bogged down college student and the elderly or disabled consumer that is otherwise unable to visit the nearest Magnolia Bakery. To aggregate the targeted customer further there should be a concentration on consumers living within a five-mile radius of each Magnolia Bakery location (Perreault, Cannon, & McCarthy, 2011). Point 5 Gaining loyal customers and making a profit will be based largely on the price mark-up of the home-delivery service. Establishing a set delivery price will allow a customer to know without a doubt how much delivery will cost to his home creates a sense of comfort and expectation. A delivery fee of $5.00 is simple to remember and generally will cover a gallon of gas. If an item sells for $30.00 when purchased within the store, adding $5.00 will generate at least a $1.50 profit because gas averages $3.50 per gallon in the local area. Making deliveries will increase customer loyalty and therefore keeping the delivery amount low will encourage more orders. Products are priced to allow an increase in the profit margin so adding......

Words: 2038 - Pages: 9

Premium Essay

Acc Week 5 Team Paper

...assessments (relates to market movements that affect performance or risks exposure). Credit risks assessments (relates to a failure in obligation of the borrower). Customer risks assessments (relates to customers impact on the organizations reputation and financial position). Supply chain risks assessments (relates to the creation of products and services). Products risk assessments (relates to an organization production from inception to birth). Security risks assessments (relates to physical assets and information protection and security). Information technology risks assessments (relates to potential tech failures), and project risks assessments (relates to the delivery or implementation of the project). Within this proposal the team will be addressing the appropriate controls to cover purchasing, accounts payable, cash disbursements, finance, investment, and payroll. Appropriate Controls for Purchasing Appropriate controls to cover purchasing in a successful business are the basic acquisition and expenditure activities, which include purchasing and receiving goods and services, recording assets or expenses, and paying the bill. Purchasing goods and services involve obtaining competitive bids to produce the best prices. Receiving goods and services entails inspecting the goods received for quality and quantity. Recording assets or expenses is done by attaching a voucher to the purchase order, vendors invoice, and receiving report as proof that the order......

Words: 1684 - Pages: 7

Premium Essay

Res341 Week 5 Team Paper

...Preparing to Conduct Business Research: Part 3 RES/351 Abstract Building on Preparing to Conduct Business Research: Part 1, completed in Week Three, and Preparing to Conduct Business Research: Part 2, completed in Week Four, Learning Team B selected an issue, opportunity, or problem facing an organization. Our team chose to conduct business research in the food service industry at which a high rate of employee turnover occurs. Using the methods learned throughout this course our team has selected the instruments we found to be the most useful in collecting data to develop appropriate research questions, hypothesis, research design, and result reporting. This paper will discuss and describe the following elements: 0. Research problem and purpose 0. Significance, scope, magnitude, and feasibility of finding a solution to the issue, opportunity, or problem 0. Research question, hypothesis, and variables 0. Research design 0. Instrument you developed or selected 0. Sampling method 0. Overall data analysis approach 0. Result reporting 0. Ethical considerations Preparing to Conduct Business Research: Part 3 Employees enter and leave companies all the time. For some industries, the rate at which this occurs is higher. One particular industry is the food service industry. Within the food service industry, the employee turnover rate is considerately higher when compared to the arts and entertainment...

Words: 1682 - Pages: 7

Premium Essay

Bcom 275 Week 5 Team Debate Paper

...Learning Team Debate Paper Business Communication and Critical Thinking/BCOM 275 University of Phoenix Learning Team Debate Paper A topic with considerable debate is the legal age to consume alcoholic beverages. “Most cultures where alcohol consumption is legal have a mandated threshold age at which buying and/or consuming alcohol becomes permitted” (International Center for Alcohol Policies, 2011, para. 5). Currently, the United States has set the legal age to drink at 21. The age was once 18; however, society has changed its views concerning this issue. Because the legal drinking age changed to 21 there was an increase in mortality rate at age 21, increase in motor vehicle accidents, and increase in suicides. Even though 18 is considered an adult and a person should be able to make his or her own decisions, the drinking age should not be lowered because teens lack the maturity to handle alcohol and teens are at a higher risk of alcohol-related deaths. This debate has two sides as some people are for lowering the age to 18 again and some against. Many will argue that the average drinking age around the world is 18. According to International Center for Alcohol Policies (2011), “Minimum drinking and purchase ages in countries around the world range from 16 to 25 years of age, with 18 being the most common age limit” (para. 6). Others say that if a person age 18 is old enough to serve and die for his or her country, he or she should be......

Words: 2686 - Pages: 11

Free Essay

Bsa 310 Week 5 Team Paper

...value from these systems. The company needs a MIS that is a continuing and interacting with people, equipment, and procedures to gather, sort analysis, evaluate, and distribute accurate information to decision makers. Another task our marketing system will offer is a sub system that will allow for the generation of several reports from the same data that is being used by your team. Operations Some of the greatest challenges at Riordan are that it has been running on several entities or different information systems within the company. This factor has been long bottle-necking the company's progress. Operations have been the main driving force keeping these systems in place. This is where we will start by implementing a windows based enterprise resources planning system designed for manufacturing, distribution, and financial along with this system and the operations management system which is concerned with overseeing designing and redesigning business operations in the production of goods and/or services. This information will then be put into the OMS system in a logical manner allowing for teams to improve the efficiency of data utilization. This equates to a better product quality throughout, and in a time cycle that's cutting variability and waste. Conclusion We have shown how implementing a few IT and IS changes could improve operations significantly, thus improving sales, customer service, and employee productivity. If these changes are addressed in a timely......

Words: 1171 - Pages: 5

Premium Essay

Mgt 498 Week 5 Team Paper

...Strategic Plan for Riordan Manufacturing Team B MGT/498 November 20, 2013 Strategic Plan for Riordan Manufacturing Riordan Manufacturing is an industry leading organization in plastic injection molding. The organization products includes beverage containers, customer plastic parts, from computer fans to room fans to medical devices such as heart values and stents, to custom designs for the customer needs. Riordan services leading industries such as hospitals, aircrafts manufactures, automobiles manufactures and many others large businesses. The organization employs roughly 550 employs with plants in Georgia, Michigan and China with facilities around the world. As many organizations today strategic planning is a must in order to excel in today’s world of business. We will take a look at the need, direction and provide guidance as to how factors such as environmental scanning, strategy formulation, strategy implementation, and evaluation and control can all play a role in creating a strategic plan for Riordan Manufacturing. Strategic planning Strategic planning brings on new and different perspectives from other sources. It allows the opportunities for round table discussions, brainstorming, and an opportunity to hire consultants to keep the company abreast of new trends, customer wants, needs and desires. Strategic planning also allows for an organization to create a plan for placing mitigating measures in case problems occur. If the plan should......

Words: 2097 - Pages: 9

Premium Essay

Eco365 Team Paper Week 5

...additional regulations to craft brewing. Alcohol limits, production limits, labeling regulations, manufacturing audits, barrel taxation, and distribution laws make it difficult for small brewers to compete. The framework of government regulation was written to govern the larger beer manufactures and never adopted for the changes brought by small brewing companies. The reconciliation of regulation, taxation and policies will determine the profitability and viability of the craft beer industry for years to come. Global Competition Decisions Global competition within beer manufactures have greatly affected the decisions made by management of the in the United States. The competitions amongst these companies have to allow their management teams to develop strategies that ensure that the beers and other products possess innovation, production efficiency, and market leadership. The market growth and vast number of different companies are the primarily reason for upcoming beer companies to take action and tackle the pressure of the global competition. Beer companies face threats from other global beer manufactures; both locally and all over the world such as places like automotive players like Germany, Mexico, Canada, etc. Competition for this market share and profit margins was a powerful draw to all competitors. The consumer preferences for different types of brews, flavors, and other types of beer will always play an important role in the competitive outcome of what is popular...

Words: 1741 - Pages: 7

Free Essay

Week 5 Mkt 431 - Final Team Paper

...Marketing the GPS Business MKT/431 January 14, 2013 Marketing the GPS Business In marketing a business of any kind first a company or individual business owner selects a service or product they will endorse. With choosing the product, such as the GPS as Team D has chosen a pricing strategy is chosen such as competitive with others already in the market. Developing a relationship with marketing, advertising, and promotions is necessary for a successful business also the technology in marketing the GPS. Distribution Channel An appropriate distribution channel for the GPS unit would be to sell the units wholesale to one or more retail outlets, such as Best Buy (Best Buy, 2013) or Frys (Frys.com). Selling the units directly to the national retailers on a mass scale will enable the company to keep the product pricing steady from one region or location to the next. The company will likely still have to handle the logistics of delivering the units to each individual store location across the nation, or internationally, if possible, unless the retail businesses that will be selling the units to the consumers have central warehouses for his or her own distribution. Pricing An effective pricing strategy for the GPS unit would be to sell them wholesale to the retailers for an amount slightly lower than the suggested retail price, which should be between $99 and $129. So the idea is to sell the units to......

Words: 1310 - Pages: 6

Premium Essay

Cmgt 582 Team Paper

...quickly. The major concern for the hospital is the loss of the CD's containing patient medical information and medical errors. This could have been avoided with additional security measures in place. At first glance, the company seems very effective in their ability to secure and protect the information. The company has asked for proof of their effectiveness and the audit on the information security will confirm or deny their confidence. Audit Scope and Objectives The scope of the PFCH audit was limited to review of the relevant system documentation and network diagrams, including review of organizational charts, system configuration and design. The scope also included a review of patient charts and other relevant system reports. Learning Team B assisted with identifying and appropriately reviewing the information security aspects of the audit and provided subject matter expertise in applicable areas, including data privacy, user access privileges, application security, and physical security. Main objectives of the PFCH audit included ensuring that security methods suitably addressed PFCH needs and business risks. We documented relevant risks related to the loss of data, recoverability, and system availability and performed assessments of configurable security settings, system roles, and user controls. Many of the issues compromise HIPAA standards and will require managerial responsibility for an appropriate response and change in approach based on the optimal level......

Words: 3451 - Pages: 14

Free Essay

Cja 354 Week 5 Team Paper

... Kidnapping can vary in the way the kidnapping has occurred. When a kidnapping occurs then the family needs to report it as soon as it happens. If a family member does not report the crime then when the person is caught would only be guilty of a class 2 misdemeanor. Kidnapping in Virginia is when a person intends to deprive such person of his personal liberty, or to withhold them and force them to do services. Kidnapping is a class 5 felony. In less a family member or a parent does it then it is a class one misdemeanor. If a parent does the action and that parent removes them from the state of VA then it becomes a class 5 felony. If a person was abducted to extort money or a child was abducted to go into prostitution then it would be class 2 felonies. If a person even threatens about kidnapping a person to extort money or a child under 16 to be placed in prostitution it would be considered a class 5 felony. With a class 2 felony the person would get prison for life or anything over twenty years, and a fine not more then 100,000.00. Class 5 felony would be prison between 1 and 10 years, and a fine up to 2,500.00. Punishment for a class one misdemeanor is jail up to twelve months, and a fine up to 2,500.00. Class two misdemeanors are jail time up to six months, and a fine up to 1,000.00. If someone else kidnaps a person that person should get life in prison no matter what. We would hope that the outcome of the case that the kidnapper pays for their crime and that the victim...

Words: 1465 - Pages: 6

Premium Essay

Gen/200 Week 5 Team Paper

...Professional Values and Ethics Name Gen 200 Instructor Name Date Team B Professional Values and Ethics Values and ethics are irreplaceable in the business world. Businesses live or die by their ethical reputations. It is very important to understand the importance of professional ethics and how they influence career success. Definition The simplest and most effective place to begin a discussion of ethics and values is with clear, concise, and generally accepted definition of the term values. Ethics are "a set of principles of conduct... that guide decision making and behavior" (uslegal.com, 2009). Values are "a set of principles or ideals that drive and/or guide your behavior" (essentiallifeskills.net, 2009). The philosophies and definitions of ethics and values appear closely related. Individuals and organizations’ Ethics and values appear internally driven and developed. Ethics can be thought of as a code of conduct derived from the value system. Environmental factors influence and determine ethics and values. These factors Include culture, physical environment, and peers. Ethics and values may not always...

Words: 893 - Pages: 4

Premium Essay

Cmgt 445 Week 5 Dqs

...This archive file of CMGT 445 Week 5 Discussion Questions shows the solutions to the following problems: DQ 1: Fowler and Horan (2007) noted that despite on-going advancements within the information systems profession, there are still a great many failures and abandonment of IS projects. What would you say may have been some of the contributing factors in these failures and how might they have been better managed? DQ 2: Simon and Paper (2007) explore the topic of user acceptance to new technologies; in this case voice recognition technology. Reviewing the general constructs of the TAM model the author General Questions - General Academic Questions CMGT 445 WEEK 1 SUPPORTING ACTIVITY 1 CMGT 445 WEEK 1 SUPPORTING ACTIVITY 2 EVOLUTION OF TECHOLOGY CMGT445 Week 1 DQs CMGT 445 Week 2 Article Review CMGT 445 Week 2 Individual Assignment Managerial Issues CMGT 445 Week 2 LT Business Case for Investment Outline CMGT445 Week 2 DQs CMGT 445 Week 2 Supporting Activity Competitive Advantage CMGT 445 Week 2 Supporting Activity Technology Innovation CMGT 445 Week 3 Activity Enterprise Resource Planning CMGT 445 Week 3 Article Review CMGT 445 Week 3 Supporting Activity Enterprise Systems CMGT445 Week 3 DQs CMGT Week 3 LT Assignment Business Case for Investment CMGT 445 Week 4 Article Review CMGT 445 Week 4 Individual Assignment Implementation Plan CMGT 445 Week 4 Presentation Preparation CMGT 445 Week 4 Supporting......

Words: 349 - Pages: 2

Premium Essay

Eng 125-Week 5-Team Paper

...Aspect of Human Experience: Love Team B: ENG/125 Aspect of Human Experience: Love Introduction The human experience chosen by this team is the experience of love. There are many forms of love and many different ways literary authors bring readers to experience love through their works of art. To demonstrate this experience of love throughout the different types of literary forms, the team chose to compare Chekhov’s Misery, Marlowe’s The Passionate Shepherd to His Love, Langston’s Salvation, and Shakespeare’s Hamlet. Through this comparison, the team will demonstrate how authors bring readers to understand and experience love through their use of literary devices and style of writing. Misery Chekhov’s use of literary devices Anton Chekhov’s short story, Misery, had literary devices to show the love Iona, the protagonist, had for his deceased son. Chekhov displays imagery of the unconditional love a parent has for their children. Throughout the story, Iona was searching for someone he can confide to about his loss. Iona, a sledge-driver in Russia, encountered five people during his route but was unsuccessful in venting his sorrows. He loved his son so much he was willing to talk to strangers about it. Foreshadowing was a device used in Misery as well. The story began and ended with Iona and his mare. In the beginning of the story, Iona and his mare sat in the snow while waiting for customers. Iona searched for strangers to talk to but in the end, it was his mare...

Words: 2216 - Pages: 9

Premium Essay

Bsa375 - Week 5 Team Paper

...Week Five Team Assignment Learning Team A University of Phoenix November 01, 2010 Week Five Team Assignment * Questions 1 – 22 on page 487 of Chapter 13, “Transition to the New System”, in System Analysis and Design. 1. What are the three basic steps in managing organizational change? Organizational change, first defined by Kurt Lewin, states that the three steps of for organizational change are: unfreeze, move, and refreeze. This summarizes a process of changing employee habits. Unfreeze breaks old and sometimes bad habits. Move is the transition to the new process that alters attitudes and defrays resistance to change. Freeze is the process of ingraining new habits and making them permanent. Methods for assisting this process are system support and system improvement. 2. What are the major components of a migration plan? A. Prepare the Business a. Determine the Best Conversion Strategy b. Create Business Contingency Plans B. Prepare the Technology a. Install Hardware b. Install Software c. Convert Data C. Preparing the People a. Revise management policies b. Asses costs and benefits c. Motivate Adoption d. Conduct Training 3. Compare and contrast direct conversion and parallel conversion. Users are more comfortable with a parallel conversion and the business is less likely to have problems with system crashes and data-dumps. A. Direct Conversion A direct change......

Words: 3329 - Pages: 14

Premium Essay

Mkt 421 Week 5 Team Paper

... Starbucks will be able to see where it needs to alter and adjust its campaign to fit consumer demands. In addition, Starbucks will also be able to alter its advertising toward a target market allowing the organization to promote the product within a specific demographic. This will help promote the new beverage according to customer’s wants and needs. It will also help obtain new customers in a market where similar beverages already exist within the industry. Starbucks can start by developing a communication line that will focus on customer value and relationships. SWOTT Analysis Developing an analysis that will determine the strengths and weaknesses is important when creating a new product for the company. Team A has decided to create a new children drink for Starbucks that contains ingredients, such as peanut butter and chocolate mixed together. When a firm is looking at strengths and weaknesses this is an internal analysis that looks at capabilities and resources. When the firm is analyzing opportunities and threats, they are looking at external influences; customers, competitors, and the market environment. The strength of the new drink is that ingredients are easily attainable for a low price, and the drink can be created using current resources. Starbucks will not have to hire additional staff or purchase special equipment to create this drink. The only new item needed is the peanut butter because they can use existing......

Words: 7764 - Pages: 32

Hankook 65Ah Batterie de Bateau 12V XV65 - Garantie de 4 Ans | allplan 18 crack | Read more