Identify a workplace and identify an administrative system that requires review or planning. A mining company needs to review a computer network that has been used in the company for last 10 years because the company has a plan to run a business in another state. The new computer network will connect between head office and another office together. This company has 150 staffs in 4 departments (Purchasing, Engineering, Accounting and Human resources).
All users will be received a different access to data on a server that relevant to their role for example, engineering department will have access to new project information and equipment stock but not an access to payroll database. All users will need username and password to be changed every 6 months for security purpose. 2. Plan or review the system Identify requirements Problem definition
At the moment the company has a computer network system in each department but many staffs has complained about the computer network in the company is very slow when pull up a big data and sometime different department know information that they are not supposed to know such as salary of staffs, performance record. This is a big problem as many staffs not happy to know that their colleague get paid more than them or who will get promoted before them. Also the company has a private standard about salary as staffs must not know other staffs’ salary.
Moreover, when the company expands another office to different state, 2 office must be connected. Proposed solution As the problems have been founded, a new computer network needs an improvement in speed and security. New equipments must be replaced to upgrade performance of the network when many users access at the same time and to increase the ability to connect 2 computer networks in different location. New softwares must be installed to limit an access from unauthorized users. Review organizational goals and objectives The company has set a goal for this year to gain 15% profit from last year and will be expand business to another state.
Also, Human resources department need to develop skills of staffs and keep the record of performances of each staff. HR department needs to promote good performance staffsfor a new business in another state. From that reason, the new computer network needs to be secured for all sensitive information and must connect between 2 offices in different state. User requirements/expectations At this state, all managers from every department need to have a meeting to talk about the problems that they have with the current computer network and what they want from the new one.
Not only mangers will be asked for what they want, all staffs will involve as well but not for ameeting. A questionnaire will be used to collect what all staffs want and what it needed to be improved. The main features of the new computer network are fast when users pull up data at the same time, connect 2 office together so it helps in using telephone to call to another state (reduce phone bill) and all data is restricted by permission that depends on what type of data people can access. Performance standards
After the implement is done, all problems such as slowing down speed, accessing data across department or connecting between 2 offices in different state must be gone. Internal and external standard All equipments and softwares in the new computer network must come from the same vendor as different vendors might create incompatible issues. Budget This computer network implementing should be cost around $19,300. All details are shown in the table below. Product Unit price Unit Value Router 3,000 2 6,000 Switch 1,000 8 8,000 Software 1,500 1 1,500 Cable 800 1 800 Labor 3,000 19,300 Obtain quotations All potential suppliers in the area will be called for tender of the price for implementing a new computer network. Select suppliers or developers Selecting the supplier or developers will base on purchasingpolicy of the company, a conclusion from the meeting between team management, suppliers or developers’ reputation, company’sstandard. As a result, IBM is the supplier and developer that has chosen to complete the implementation. Why it has been chosen? Because IBM has everythingthe company ask for.
3. Implement the system Develop implementation strategies Goal: Finishing the new computer network Priority Task / Action Who Due date High Buy network equipment IBM Week 1 High Install and set up equipments IBM Week 1-2 High Install and set up softwares IBM Week 2 High Test the system IBM Week 3 Obtain staff participation All staff will be notified about new computer network by email. Fast accessing, protecting personal information and other benefit of the new network will be provide to all staff as it help to get the job done effectively.
Training also provided to staff who do not good at computing to make them feel comfortable to new system and have a good attitude. Define and communicate procedures All changes from previous system to new system will be documented in policy and procedures. Here are the example of security policy and accessing procedure. Security Policy 1. 0 Purpose The purpose of this policy is to define standards for connecting to ‘s network from any host. These standards are designed to minimize the potential exposure to from damages which may result from unauthorized use of resources.
Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical internal systems, etc. 2. 0 Scope This policy applies to all employees, contractors, vendors and agents with a -owned or personally-owned computer or workstation used to connect to the network. This policy applies to remote access connections used to do work on behalf of , including reading or sending email and viewing intranet web resources.
Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3. 0 Policy 3. 1 General 1. It is the responsibility of employees, contractors, vendors and agents with remote access privileges to ‘s corporate network to ensure that their remote access connection is given the same consideration as the user’s on-site connection to . 2. General access to the Internet for recreational use by immediate household members through the Network on personal computers is permitted for employees that have flat-rate services.
The employee is responsible to ensure the family member does not violate any policies, does not perform illegal activities, and does not use the access for outside business interests. The employee bears responsibility for the consequences should the access be misused. 3. Please review the following policies for details of protecting information when accessing the corporate network via remote access methods, and acceptable use of ‘s network: a. Acceptable Encryption Policy b. Virtual Private Network (VPN) Policy c. Wireless Communications Policy d. Acceptable Use Policy
For additional information regarding ‘s remote access connection options, including how to order or disconnect service, cost comparisons, troubleshooting, etc. , go to the Remote Access Services website. 3. 2 Requirements 1. Secure remote access must be strictly controlled. Control will be enforced via one-time password authentication or public/private keys with strong pass-phrases. For information on creating a strong pass-phrase see the Password Policy. 2. At no time should any employee provide their login or email password to anyone, not even family members. 3. employees and contractors with remote access privileges must ensure that their -owned or personal computer or workstation, which is remotely connected to ‘s corporate network, is not connected to any other network at the same time, with the exception of personal networks that are under the complete control of the user. 4. employees and contractors with remote access privileges to ‘s corporate network must not use non- email accounts (i. e. , Hotmail, Yahoo, AOL), or other external resources to conduct business, thereby ensuring that official business is never confused with personal business.
Routers for dedicated ISDN lines configured for access to the network must meet minimum authentication requirements of CHAP. 6. Reconfiguration of a home user’s equipment for the purpose of split-tunneling or dual homing is not permitted at any time. 7. Frame Relay must meet minimum authentication requirements of DLCI standards. 8. Non-standard hardware configurations must be approved by Remote Access Services, and InfoSec must approve security configurations for access to hardware. 9.
All hosts that are connected to internal networks via remote access technologies must use the most up-to-date anti-virus software (place url to corporate software site here), this includes personal computers. Third party connections must comply with requirements as stated in the Third Party Agreement. 10. Personal equipment that is used to connect to ‘s networks must meet the requirements of -owned equipment for remote access. 11. Organizations or individuals who wish to implement non-standard Remote Access solutions to the production network must obtain prior approval from Remote Access Services and InfoSec.