- ATHE Level 6 Unit 2: Assesses the impact of leadership and management skills and behaviours : Personal Leadership and Management Development Assignment, UK
- QUALIFI Level 5 Part 02 Unit 9500: A pilot Research Project is the small scale research project that is intended to highlight the pros: Research Project, UK
- QUALIFI Level 5 Part 01 Unit 9500: Research Project, UK Professional Development Academy
- You are to prepare a discussion paper aimed at the group of middle managers in your organisation : Personal Leadership and development, Assignment, UK
- Critically analyse the environment facing YourOrg, and identify the central issues confronting YourOrg resulting : Strategic Management Assignment , CMU, UK
- Unit 15: This assignment requires you to analyse, design, develop, and evaluate an Internet of Things (IoT) application: Transport Network Design (L5), Assignment BTEC, UK
- Clearly differentiate the terms organisational mission, vision and strategy: Strategic Leadership And Management In Context, Assignment, UK
- ATHE Level 7 : Understand the importance of financial data in formulating and delivering business strategy : Finance for Strategic Managers, Assignment UK
- CMI Unit 703 : Collaboration and partnerships can turn ideas into reality, enhancing opportunities for innovation and creativity, research and development : Collaboration and Partnerships, Assignment, UK
- 7OS01- Explain how the Employment Tribunal, the County Court, The Health and Safety Executive and the Information Commissioner : Advanced employment law in practice, Assignment, UK
- ILM 308 – Describe the factors that will influence the choice of leadership styles or behaviours in workplace situations: Understanding Leadership Level 3 Assignment , UK
- Level 5 CMI Unit 526 – Mark Sheet: Principles of Leadership Practice, UK
- Level 5 CMI Unit 526 : Understanding of ethical leadership and the impact of culture and values on leadership- Principles of Leadership Practice, Assignment, UK
- CMI Unit 501: Examine the impact of legal status on the governance of an organisation- Principles Of Management And Leadership In An Organisational Context Level 5 Assignment, UK
- ILM Level 5 Effective Communication Skills, Assignment , UK
- ILM Level 3 – Describe the factors that will influence the choice of leadership styles or behaviours in workplace situations Referral : Understanding Leadership styles, Assignment, UK
- CMI Unit 502 Understand approaches to developing, managing, and leading teams: Principles of Developing, Managing and Leading Individuals and Teams to Achieve Success, Assignment, UK
- R033 Supporting individuals through life events, Set Assignment, OCR, UK
- Working in partnership in health and social care, Assignment, UK
- CMI Unit 5034 Problem solving tools and techniques for consultants, Assignment, UK
30201140: Bombino is an international courier company well known as the most reliable delivery company in the world: Security Assignment, ATU, UK
University | AlHussein Technical University (ATU) |
Subject | 30201140: Security |
Assignment Brief and Guidance
Bombino is an international courier company well known as the most reliable delivery company in the world. A large number of high-profile business entrust Bombino to deliver their goods including Banks to deliver credit cards,
Ecommerce business to deliver goods of all types including high value electronics and governmental agencies like hospitals and embassies to deliver medication and documents respectively. Customers are offered online service to track their shipments, and request pickups. They can also pay for their
shipments online.
Bombino Datacentre located in Jordan. They have branches in France, Saudi Arabia, Egypt, and USA. As a standard, each branch will have a warehouse that processes physical shipments using a conveyer system that sorts shipments by area. Besides, there is the office area where HR, Account, IT and Management sit, next to a computer room that processes local shares, print servers and connectivity with Jordan datacentre to access the Main tracking system and accounting application; Last there is a warehouse for items storage, with in/out requests received by customers to be delivered to their outlets.
Bombino is planning to move their main tracking application to the cloud in a hybrid model architecture (some other applications will be still hosted on premise). However, they are having security concerns around the move
of apps and data under a cloud provider after being hosted on premise for a long time.
You are hired by the management of Bombino as Information Security Risk Officer to evaluate the securityrelated specifics of its present system and provide recommendations on security and reliability related improvements of its present system as well as to plan the move to the cloud.
Part of your responsibilities is to ensure the confidentiality, integrity, and availability (C.I.A) of the data and related services, also your responsibilities extend to the Safety (S) which is very related to the nature of the industry you are in. You did a security check on most of the applications, systems, policies & procedures, and devices and noticed the following:
1- Not all existing devices (endpoints) within the offices are well secured.
2- One subnet is used for all devices in all monitoring stations.
3- Data processed by conveyer system (related to the shipments) in each branch well be uploaded to the system on the cloud via Internet connection and will be stored there in a database server for analysis and reporting. The transmission of data is done through a published web application over the Internet (front-end back-end architecture). Such information should be highly secured since it is considered of customer privacy and protected by law and regulations.
4- Customers are able to create profiles on an online tracking system hosted on premise and to be moved on the cloud. Such profile contains some personal and private information that should not be disclosed to other parties.
5- When you checked the current data centre as well as the warehouse in each branch, you noticed that the door is easily opened. So, shipments, servers and networking devices are easily accessed by anyone.
You also noticed that the humidity and temperature inside the servers’ room are not well controlled.
6- Some employees have VPN access to the data centre to run some applications remotely.
7- Some other third parties are granted VPN access for support reasons, like the companies that provided and installed the conveyer system.
8- Very minor security procedures taken by Bombino as well as some misconfigurations on some network security devices like firewalls and VPN.
Your manager asked you to prepare a detailed report and a presentation regarding IT security for Bombino services and environment in general. The report is to be submitted to and discussed with the CEO to get approval
for further security policy enforcement. In your report you should:
A. Discuss IT security risks that might put the customers’ and Bombino’s data into danger, taking into consideration all data situations (being entered, transmitted, processed, and stored). Your discussion should include:
1. Identifying those IT security risks from 3 different business stakeholders point views (CFO, CEO, COO, CHRO, etc)
2. Proposing a method to assess and present them to the 3 selected stakeholders.
3. Proposing a method to treat them.
B. Discuss risk assessment procedures
C. Explain how you can take benefit of the ISO risk management methodology (ISO 31000) by summarizing it and highlighting its application in IT security of this project.
D. Recommend ways to improve Bombino IT security via:
1. Describing different security procedures that Bombino could apply to protect customers & business critical data and equipment.
2. Explaining data protection processes and regulations that might help Bombino to enhance IT security.
3. Discussing the benefits of IT security audit and its impact to Bombino IT security.
E. Discuss, in details, the security impact of any misalignment of IT security with Bombino policy.
F. Design and implement a security policy for Bombino.
G. Evaluate the suitability of the tools used in this policy
H. A discussion of the roles of stakeholders in the Bombino to implement security audit recommendations.
I. List the main components of an organisational disaster recovery plan, justifying the reasons for inclusion.
In your presentation, you should be able to cover the followings in front of your manager:
1. Identify and discuss the potential impact of incorrect configuration of some network security devices on IT security.
2. Implementing different techniques in network security (such as DMZ, static IP and NAT). You should provide a detailed recommendation and explanation based on the scenario above for each technique showing how it will enhance security.
3. Discussing the benefits and justification of using a Network Monitoring Systems.
4. Evaluating a minimum of three of physical and three virtual security measures that can be employed to ensure the integrity of IT security.
Buy Answer of This Assessment & Raise Your Grades
Looking for top-notch security assignment assistance? Look no further! Get expert help from Diploma Assignment Help UK and elevate your understanding of security concepts. Our experienced writers provide tailored solutions for your AlHussein Technical University (ATU) assignments. With our Do My Assignment service, you can focus on honing your practical skills while we take care of your academic success. Don’t compromise on quality, trust the experts at Diploma Assignment Help UK for a seamless learning experience.