✍️ Get Writing Help
WhatsApp
Our customer support team is here to answer your questions. Ask us anything!
Agent
👋 How can we help with you?
💬 Hi, how can I help?

Logical and physical topographical layout

/ Uncategorized / By

INFRASTRUCTURE AND SECURITY

Strayer University

CIS 498

Week 8 Project Deliverable 4

Table of Contents

Section 1 Infrastructure Document 3

1.a Logical and physical topographical layout 3

b. Placement of components 3

c. Rationale of this project 4

d. I. Comprehensive security policy (CSP) 5

II. Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information 8

Section 2: Revised Gantt Chart 11

Reference List 12

Section 1 Infrastructure Document

1. A Logical and physical topographical layout

Figure 1: Logical and physical topographical layout

(Created by Researcher)

b. Placement of components

Workstation: In networking implies e special designed infrastructure used by one person at a time. The person, who are able to access the specified workstation are connected to the local area network. Each of the employees, who are working at workstation are connected to “multiuser operating system”

Printers: In these design printers are attached with the internal device so that hardcopy of any information can be handed over easily.

Routers: These are attached in this project so that every employee can access the fast internet from every corner of this organisation. Routers help to receive as well as send the information from the internet.

Switches: This component helps to connect a device to another device. Several data cables are attached in a switch that enable to set up the communication between multiple network devices.

Bridges: This component is a networking device that transforms multiple communication networks to a single network. Bridge helps to connect multiple LANS that have same protocol and give communication among several devices.

Access points: Access points imply a device that creates a WLAN in organisation or building. This access points are attached to a switch, router and Hub through Ethernet cable. Access points are generally used in large building and organisations.

c. Rationale of this project

The project is conducted to develop an Information system that eases the communication between the floors of an organisation. It especially helps the new employees to get proper information in one go. It is developed to access information from floor to floor within an organisation. The aim of this project is to improve network accessing among the floors within an organisation. This approach can save money, time and helps in getting resources easily. This concerned organisation selects an effective information system that provides better customer services. Therefore, this project of network access helps to enhance the customer service facility that is necessary for an organisation. The data collected or obtained from the system must be authentic and appropriate in one click. This characteristic of this project helps to improve the information management within office premises. Most of the time communication is difficult to present physically from one floor to another floor, which can be enhanced with the help of IT information flow. In such cases, this project regarding better communication helps to get information from another floor of an organisation without physical presence. It needs to consider remote location, when developing an information system within an organisation. This project helps to develop the Human resources, sales and marketing sector as well as improve inventory management.

d. I. Comprehensive security policy (CSP)

A CSP is a plan, which can be implemented in a company or an organisation to protect and guard the potential security threats. Every company or organisation contains sensitive information that can deliberately hamper the growth of a company in the competitive market. CSP deliberately help a company to grow and protect its base foundation in a competitive market and thus it is used deliberately by every organisation and company. This policy efficiently guides the employees and staff of a company regarding the safety of company and oneself. There are basic factors that come under CSP, which includes the login procedure of employees, access procedure and security management procedure. On the other hand, CIA triad is a model that can be implemented by any organisation or company to develop a security policy that can be used to identify problems and implementing solutions. There are basically three parts that encompass CIA triads, which includes Confidentiality, integrity and availability. Implementing a CIA triad can significantly help a company or organization to develop a security policy to protect its system from any data breach. Hence, it can be said that implementation of CIA triad in the security policy system of a company will surely help a company to develop a perpetual security model to protect its system from any data breach (Shave, 2018).

A company can efficiently implement the CIA triad in its system in order to protect its data from any security breach. Application of the principles offered by CIA triad deliberately protects the policies and infrastructure of a company and hence, every company openly uses this model in its system. Application of CIA triads in the security policy of a company needs to obey some principles that have been discussed below:

Confidentiality

Confidentiality is a principle that is concerned with the prevention of unauthorised access to sensitive data. With regards to this principle, the sensitive information of a company or an organisation is protected by implementing the confidentiality principle. In accordance with this principle, a company should limit the excess outfit’s sensitive software only to trusted employees. Limiting the excess of sensitive data to trusted employee will surely help to protect the sensitive and confidential data. Leaks or breach of confidential data will definitely put an adverse impact on the reputation of the company and can also hinder the proliferation of company in its competitive market. In order to have a perpetual CSP, a company or organisation needs to have an efficient confidentiality principle. The implication of the confidentiality principle will deliberately help a company to protect its server from any data breach. There are two ways that confirm the confidentiality of software with an organisation, which includes systematic algorithm and cryptography (Singh et al. 2020).

Cryptography:in cryptography, an organisation deliberately secures its software and system by encrypting its codes. Cryptography is quite an effective way to ensure the security of a system. In accordance with this principle, it can be seen that only trusted person gets an authority regarding the encrypted code offered by a company.

Symmetric algorithms: In accordance with this principle, both the sender and receiver need to have an e4crypted code regarding software or a sensitive message. It generates or creates a symmetric key that is protected by high-security software.

Hence, ensuring confidentiality within a company will surely help a company protects its data from any kind of breach (Monev, 2020).

Availability

Availability is the next principle that can be used by any company or organisation in order to protect its software from any data breach. In this principle, the vital and sensitive information are available to the user only when it is needed. Limiting the availability of sensitive data and information deliberately help a company to protect its softer from any chance of data breach. Hence, it can be said that implementing this principle will ensure a perpetual CSP with a company’s environment. Limiting the availability of data will significantly reduce the cyber threats and hence, it a vital factor that can be implemented within an organisation to maintain a perpetual security policy. There are various models that are needed to be followed in order to implement the availability principle in the software of any company (Warkentin & Orgeron, 2020).

Attribute-based access model: In this model, a company or an organisation ensures the availability of sensitive data to a limited person and only in need. Limiting the availability of sensitive data quill surely help a company to secure its system and software.

Integrity

There are three goals that are offered by the integrity principle in order to secure sensitive data of a company.

  • In accordance with the first goal, the principle deliberately protects the modification and change of information with unauthentic or unauthorised user. This goal will surely help a company protects its sensitive software from a data breach. No outsider can modify the sensitive data offered by a company or an organisation. Hence, this goal significantly helps a company to protect its file from any data breach (Covert et al. 2020,).
  • The second goal focuses on the prevention of unauthorized modification of information stored in a sensitive data by an authorized user. In many cases, it can be seen that authorized employee can also unintentionally or intentionally modify the data present in sensitive software. This surely leads the company towards a downfall. Hence, implementing this goal will help a company to protect its data from unauthorized changes.
  • The last goal focuses on preserving external and internal consistency in order to ensure the security of data. It can be seen that maintaining internal consistency will surely help a company to ensu8re a consistent securer network that ultimately helps a company to secure its business (Nweke, 2017).

Hence, implementing CIA triad will help a company to maintain a perpetual CSP in its system.

II. Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information

The relationship between an E-commerce organization and its customers is the most important factor that requires ethical limitations. Legal and ethical aspects require a proper security procedure to safeguard data transaction thereby building a pillar of trust in the customers. With an increase in the growth of any company’s productivity, increase in ethical tangibility emerges (Waribo et al. 2020).

Employee behavior

A definite protocol must be followed by organizations where behavioral etiquettes are to be maintained by the employees. Communication amongst the employees along with the customers has to be subtle and proficient in order to develop organizational growth. Managers leading different teams are to be responsible for code of conduct that needs to in simple language. Maintaining ethical and legal reforms in a business not only helps in the growth of the same but also becomes beneficial for the clients and stakeholders. Ethical enhancement of communication requires the capability of understanding an error and addressing it with adequate ailments.

Contractors

Role of contractors is to provide the organization with different forms of projects. Therefore, ethical values in communication are important that prevents any misconception regarding orders hence initiating a severe loss to the entire organization. The unethical gate creates an unusual occurrence in economical structure portrayed by the customers.

Password usage

Canalization of error and practicing a proper correction for it is a justified factor regarding password management. Confidentiality is always maintained by the company in order to protect itself from suffering a loss in the market. The company uses an automation procedure that prevents the reach of fraudulent (Hamidi et al. 2017).

Access to networked resources and information

Business needs a managing strategy that helps in the smooth flow of data. Access to the network means reaching the sphere of trading, E-transactions, applications that maintain the connection between the internal structuring of the company and its customers. Ethical values prevent from gaining knowledge regarding the networked resources as it threatens safety thereby losing trust in the customer.

Section 2: Revised Gantt chart

Figure 1: Revised timeline

(Source: Created by researcher)

Reference List

Bozkurt, I. N., & Benson, T. (2016, March). Contextual router: Advancing experience oriented networking to the home. In Proceedings of the Symposium on SDN Research (pp. 1-7). Retrieved from: https://doi.org/10.1145/2890955.2890972

Covert, Q., Steinhagen, D., Francis, M., & Streff, K. (2020, January). Towards a Triad for Data Privacy. In Proceedings of the 53rd Hawaii International Conference on System Sciences. Retrieved from: https://scholarspace.manoa.hawaii.edu/handle/10125/64277

Gizis, A., Lutz, B., & Prodoehl, B. (2017). U.S. Patent No. 9,686,232. Washington, DC: U.S. Patent and Trademark Office. Retrieved from : https://patents.google.com/patent/US9686232B2/en

Hamidi, H., & Moradi, S. (2017). Analysis of consideration of security parameters by vendors on trust and customer satisfaction in e-commerce. Journal of Global Information Management (JGIM)25(4), 32-45. Retrieved from: 10.4018/JGIM.2017100103

Monev, V. (2020, September). Defining and Applying Information Security Goals for Blockchain Technology. In 2020 International Conference on Information Technologies (InfoTech) (pp. 1-4). IEEE. Retrieved from: https://doi.org/10.1109/InfoTech49733.2020.9211073

Nweke, L. O. (2017). Using the CIA and AAA Models to explain Cybersecurity Activities. PM World Journal6. Retrieved from: https://pmworldlibrary.net/wp-content/uploads/2017/05/171126-Nweke-Using-CIA-and-AAA-Models-to-explain-Cybersecurity.pdf

Rinaldi, S., Bonafini, F., Ferrari, P., Flammini, A., & Rizzi, M. (2017). Evaluating low-cost bridges for time sensitive software defined networking in smart cities. In 2017 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS) (pp. 1-6). IEEE. Retrieved from: https://ieeexplore.ieee.org/abstract/document/8056740

Shave, L. (2018). The CIA of security and access. IQ: The RIM Quarterly34(2), 18. Retrieved from: https://search.informit.com.au/documentSummary;dn=706387331405083;res=IELAPA;type=pdf

Singh, S. K., Jenamani, M., Dasgupta, D., & Das, S. (2020). A conceptual model for Indian public distribution system using consortium blockchain with on-chain and off-chain trusted data. Information Technology for Development, 1-25. Retrieved from: https://doi.org/10.1080/02681102.2020.1847024

Waribo, Y., Akintayo, D. I., Osibanjo, A. O., Imhonopi, D., Ibidunni, A. S., & Fadeyi, O. I. (2020). Examining employees’ behavioural outcomes within the context of organisational justice. Contemporary Social Science, 1-16. Retrieved from: https://doi.org/10.1080/21582041.2020.1733646

Warkentin, M., & Orgeron, C. (2020). Using the security triad to assess blockchain technology in public sector applications. International Journal of Information Management, 102090. Retrieved from: https://doi.org/10.1016/j.ijinfomgt.2020.102090

For faster services, inquiry about  new assignments submission or  follow ups on your assignments please text us/call us on +1 (251) 265-5102