This question has been answered
Question

Case studybusiness called DirectToCust which sells items directly to the public. Its headquarters are located

You have recently been appointed as the new IT risk manager of a countrywide online trading

in Cape Town, in the Western Cape and has warehouses in Gauteng, KZN, and the Free state. The

company employs over 200 call centre agents and about 10 business managers for both inbound

and outbound transactions and logistics. They work both day and night shifts in an open-plan

workspace of around 40 x 38 m with each agent having their own desk, networked computers and

essential office stationery to conduct business. Most, if not all, call centre agents' desktop PCs are

connected to a local network using Ethernet cabling while most line managers' laptops are

wirelessly connected to enable free movement around the premises. All the servers, switches,

router, gateways, firewalls, etc., are located at the adjacent IT office and maintained by one

network administrator and six support technicians (four dayshift and two nightshift), the company

opted for software-as-a-service, through various cloud computing service provider for all their

software needs and therefore the presence of IT personnel is for day-to-day business support

only. Before your recruitment, the company was experiencing a couple of complaints such as:

1. Theft of personal belongings during working hours.

2. The network policy can be amended by IT support team without the knowledge of the IT

administrator.

3. Employees spending more time on social media than working.

4. Theft of customers' details for own and commercial use, using USB and other portable

storage.

5. Infected and corrupted employees and customer database.

6. The local IT team often experience issues when communicating with the overseas cloud

service provider team.

7. All employees must change their password every week, and as a result, many employees

who cannot memorise their new password simply write them down for safekeeping.

18; 19; 20 2020

© The Independent Institute of Education (Pty) Ltd 2020

Page 4 of 5

8. Regular firewall breaches were observed during the last couple of months and resulting to

bottleneck and unauthorised access.

9. Some employees can easily guess their colleague password to login.

10. The website was recently hacked, disfigured and propaganda message posted, and it took

the local IT team 48 hours to take back control of the website.

11. Misappropriation of business funds by some employees.

12. Easy access to the server room and malicious reconfiguration of proxy-server mostly during

nightshift.

13. Managers unable to monitor employer activities live.

14. Poor financial accountability and traceability; all managers are able to edit log files without

authorisation. 



Write a report which, if implemented, will address all the issues identified in the case study. The

report must have the following structures:

Q.2.1 Your report must be structured in the following approach.

Q.2.1.1 Executive summary. (2.5)

Q.2.1.2 Background (case study's IT security issues only). (5)

Q.2.1.3 Development of the proposed solution. (5)

Q.2.1.4 The role of IT risk manager in addressing physical and network risk. (5)

Q.2.1.5 The best methods of combating network-based attack. (5)

Q.2.1.6 The impact of social-engineering when combating network security. (5)

Q.2.1.7 The most appropriate mechanism in implementing network access

authentication and authorisation without compromising network

security.

(5)

Q.2.1.8 The implementation of the best strategy to fight against hacking and

maintain the online presence.

(5)

Q.2.1.9 The most appropriate location and strategy for the DMZ and firewall

implementation.

(5)

Q.2.1.10 Conclusion. (5)

Q.2.1.11 References.

Answered by Expert Tutors
Step-by-step explanation
The student who asked this found it Helpful
Overall rating 100%
Case study You have recently been appointed as the new IT risk manager of a countrywide online trading business called DirectToCust which sells items...
Get unstuck

367,984 students got unstuck by Course
Hero in the last week

step by step solutions

Our Expert Tutors provide step by step solutions to help you excel in your courses