StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Centralized Information System - Report Example

Cite this document
Summary
The writer of the paper “Centralized Information System” states that the organization requires a centralized well maintained information system, a firewall to automate their business processes and to store data in a secure way. To protect data, security policies are required to be defined…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.9% of users find it useful
Centralized Information System
Read Text Preview

Extract of sample "Centralized Information System"

Table of Contents Introduction and Background 2 2 Analysis of Problems 2 3 Plan for Addressing Security Concerns 4 4 Conclusion 7 5 Work Cited 8 Name of the Author Name of the Professor Course 14 December 2013 1 Introduction and Background There is a hypothetical organization named as ABC Corporation that is maintaining a server which is not properly configured. The employees have access to all types of data and each one of them possesses a separate email account. Project Managers access data related to their importance. The organization requires a centralized well maintained information system, a firewall to automate their business processes and to store data in a secure way. To protect data, security policies are required to be defined. Contingency planning is also an essential aspect which cannot be disregarded. As per Ramesh, V.C., and Xuan Li there are three dimensions of contingency planning “The first issue concerns the handling of multiple objectives; we discuss the benefits of using fuzzy logic for handling this issue. The second issue is the consideration of the economic cost of post-contingency corrective actions as well as the utility of discrete control actions that complicate the modeling and solution of the contingency planning problem. The last issue is the need for of advanced parallel computing techniques for addressing the real-time aspects of many contingency planning problems;” 2 Analysis of Problems ABC Corporation has twenty seven desktop workstations either connected with each other via a hub or a switch. The workstations are only workgroups as there is no domain and security policies applied in the organization except some users have Internet access and only the manager has a separate email account. There is no email server available to provide separate email addresses to employees. The separate email addresses enables instant correspondence between the subordinates, hence making the communication better and cost effective. Currently the employees are using telephone for coordination which is not cost effective. Some workstations are used to store data. There is no access policy defined for the data stored in the workstations. The data is vulnerable as anyone can access it or delete it. The server is used only for providing internet access and data transfer within the network. There is no firewall installed in the network, either hardware or software which makes the data, hardware, software defenseless. There is no connectivity between the regional offices and head office. The manager access the financial information from the head office using the computer network. The 5 regional offices have five databases which they are maintaining individually. Immense amount of time is wasted when head office sends a CD named “House types data” to each regional office. The administrator copies the files available on the CD to the locally maintained database. The data is updated because the project managers have to access the plans and building specifications of the houses the company builds. The data contains all the detailed information of the house construction material which is required. There is no backup of devices, data, workstations and server. If any workstation containing database crashes, the data will be lost. 2.1 Security Vulnerabilities The impact of the security breach issues is unpredictable. It can be diverted and involves human suffering as well as revenue loss for the organizations. One of the security breach took place on 21 October 2010, as per “www.networksecurityedge.com” The Philadelphia Inquirer states “Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan have notified 280,000 Medicaid members that their information may be at risk after a portable computer drive containing the names, addresses, and health information was lost. The last four digits of 801 members Social Security numbers were also stored on the hard drive”. This incident is related to theft of the hardware devices risking 280,000 Medicaid members. 2.1.1 Physical Security The organization does not have a Physical security defined. It involves the hardware, software, and network devices protection. There are no punch cards to access the server room. The room may contain the network devices and hardware devices. 2.1.2 Network Security There is no firewall and protection for the internal network of the organization as Internet is also connected to the network for some users. The organization is providing gateway to the intruders for breaching within the network. 2.1.3 Data Protection There is no data access strategy defined. None of the users are restricted to access any data within the organization. Every user logs in the system with the same user name and password making the data vulnerable to everyone. There is no procedure defined regarding the CD which comes from the head office to the regional offices. Data on the CD can be distorted effortlessly. 3 Plan for Addressing Security Concerns 3.1 Security The security of the organization can be made possible by installing IP surveillance cameras to identify any possible theft of any kind. The security can be divided into 3 categories: 3.1.1 Hardware Security Hardware security involves the security of the hardware devices of the workstations and the server. The workstation casings should be properly locked so that no one can try to unpack any hardware equipment from the workstation. The server should be in a separate room where only authorized personnel are given permission to enter. 3.1.2 Software and Data Security The employees will have a separate login username and password. The data access policies can be applied to that specific user in order to access the data as per the requirement. After logging with the personal username and password, the access list for each employee will be configured to only use the appropriate application as per the requirements of the organization for example CAD. Access of USB flash drives will be prohibited for the employees due to data protection and security concerns. 3.1.3 Network Security The organization requires a firewall to be installed. The regular updates are also compulsory in order to equip the firewall with latest security updates. The network of the organization is prevented by installing a firewall. There are two types of firewalls. 3.1.3.1 Device based firewall It is a hardware module which is separated and interacts with the Wide Area Network (WAN) interface. It filters the information as per the policies defined by the administrator before entering it into the local network. 3.1.3.2 Application based firewall It is a software package installed on the server. This type of firewall possess some disadvantages as the network can be easily vulnerable if the antivirus becomes unstable, stops working, corrupted, or any hardware failure occurs in the system on which it is installed. 3.2 Email Server A separate Email server is required to provide individual email address to all the employees. This will reduce the cost of the correspondence which is currently conducted on the telephone. It will also minimize communication gaps between the sub ordinates and at the same time improving the communication skills. It will also improve the effectiveness and performance of the organization. 3.3 Data Access Policy The Managers and Regional managers needs to access specific data. The database will be centrally maintained in the head office. Internet connection will be installed in each regional office in order to synchronized data between the head office and the regional offices. Full access will be given to the managers ID in order to access all the data available in the database. Limited access will be given to the regional managers in order to access the data as per the business requirements. 3.4 Network Security Configuration In order to provide separate usernames and passwords for logging in the system, a domain will be created on the server in order to provide security and usage policies for the users. Five new servers with firewall (which will act as a domain) will be added to the regional offices. The employees will access the data files from the head office to the regional office via File transfer Protocol (FTP). WAN will connect the database from the regional office to the head office. DSL (Digital Subscriber Line) will be used for the Internet connection. DSL connection works with a modem for transmitting and receiving data from the Internet. The configuration for Port forwarding activates the external access of the data for the Manager while at home. The IP address of the manager’s home Internet connection will identify the identity for authentication and granting access. The port forwarding option also enables the regional offices to access data from the head office eliminating the manual procedures. DSL modem will grant access to the Internet of any employee of the organization by providing the IP address of the workstation. 4 Conclusion The introduction of this report highlights the importance of centralized Information systems security. After the implementation of the new centralized system security, we have: The system will be protected centrally from intruders due to the Firewall installation The employees can communicate via their personal email address Database will be centrally maintained with a backup Data access will also be centralized for remote offices. Users can use personal user id and passwords for logging in the system. Data specific permissions are granted as per the business requirements. Separate server room, granting physical access to only authorized personnel staff 5 Work Cited Chan, Ivy, and Chao Chee-Kwong. "KNOWLEDGE MANAGEMENT IN SMALL AND MEDIUM-SIZED ENTERPRISES." Communications of the ACM 51.4 (2008): 83-88. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. "Information System -- Britannica Online Encyclopedia." Encyclopedia - Britannica Online Encyclopedia. Web. 27 Oct. 2010. "Missing Hard Drive Puts 280,000 Medicaid Members at Risk." Network Security Edge. 21 Oct. 2010. Web. 27 Oct. 2010. . Paul, Ray J. "What an Information System Is, and Why Is It Important to Know This." Journal of Computing & Information Technology 18.2 (2010): 95-99. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. Ramesh, V.C., and Xuan Li. "Strategies for improved contingency planning." Information & Systems Engineering 2.3/4 (1996): 183. Computers & Applied Sciences Complete. EBSCO. Web. 27 Oct. 2010. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Centralized Information System Report Example | Topics and Well Written Essays - 1250 words - 1, n.d.)
Centralized Information System Report Example | Topics and Well Written Essays - 1250 words - 1. https://studentshare.org/information-technology/1805583-centralized-pc-security
(Centralized Information System Report Example | Topics and Well Written Essays - 1250 Words - 1)
Centralized Information System Report Example | Topics and Well Written Essays - 1250 Words - 1. https://studentshare.org/information-technology/1805583-centralized-pc-security.
“Centralized Information System Report Example | Topics and Well Written Essays - 1250 Words - 1”. https://studentshare.org/information-technology/1805583-centralized-pc-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Centralized Information System

Sugar Stores

A mixed sort of purchasing system is being followed wherein individuals take up purchasing responsibility on the basis of their experience and contacts in the market.... The costlier hybrid or mixed style of purchasing system is bound to shrink the turnover and profitability.... nbsp;Purchasing for Sugar is not centralized.... With the result, all those advantages of centralized purchasing like economies of scale and others, as discussed later part of this assignment, are not being attained....
7 Pages (1750 words) Essay

Principle of Inf. Systeam theory and pratice

Sysco requires a BI system that would enable… Sysco's current information systems include ERP and Data warehouses but they do not fulfill the need for forecasting and anticipating future needs.... It needs a As Sysco is a highly decentralized company, with around 100 operating companies and more than 4500 employees, the main obstacle it will face is in convincing these major companies to adopt and pay for the new BI system.... Most of the operating companies will have intelligence systems already in place although they won't be this technically advanced; they might not be willing to invest their finances in purchasing another intelligence system which will also lead to training costs....
5 Pages (1250 words) Essay

IT Case Study for Alcan

In a typical decentralized IT governance style, the various departments and agencies of the company are absolutely independent on their IT system decisions and operations.... These are decentralized, centralized or hybrid.... Hybrid is a combination of centralized and decentralized IT governance styles....
4 Pages (1000 words) Essay

Quadrant That MDCM Falls

Much of MDCM's solution therefore lies in creating a Centralized Information System that brings all components of information technology in the company under one roof and under a single manager or supervisor.... Already, the company has come out with some This solution has to do with the initiation of an information system that will put customers at the forefront of the growth of the company.... The advocacy will however continue that the company puts in place structures and systems that will ensure that the implementation stage of the information system does not fall below the expected achievement....
2 Pages (500 words) Essay

Evolution of Organizations Structures

uestion 2The advantages of working in a decentralized structure are that the system empowers employees.... uestion 4The approach has a system of self-evaluation since it advocates from nurses constantly to evaluate their own policy for pain reassessment (The Greeley Company, 2012).... By doing this, as earlier stated, practitioners will be able to individualize care, as well as communicate information necessary for stability (Samuels & Kritter, 2011)....
2 Pages (500 words) Essay

Michigan Liquor Control Commission

The customers may benefit from economies of scale by having more… The POS driven information system gives and accurate inventory management at the store.... Value added services- the firm should implement an electronic scanning system and to replace error-prone paper-based information collection system; hence saving time in the supply chain.... Moreover, consolidation enables the just in time system to be feasible; hence reducing inventories and cutting costs....
4 Pages (1000 words) Research Paper

Implementing Strategy

rganizational chart The new model in figure 1, is a decentralized system to inspire innovation in global expansion.... As opposed to a centralized system where control and decision-making mechanism lies solely with the board, the model structure allows departments to make independent decisions fast as changes in prevailing market conditions fluctuates.... With continued expansion of IKEA globally, the benefits of a decentralized system of management increases immensely....
2 Pages (500 words) Assignment

Information Technology in the Development of Richter Company

The major projects at this period included: the SAP business information warehouse as the financial reporting scheme, a document management system, and the rollout of SAP in Poland and Romania.... This paper under the title "information Technology in the Development of Richter Company" focuses on the largest pharmaceutical factory in the Austro-Hungarian monarchy between the first and the Second World War.... In 1992, the Richter's conversation with the private enterprise had no central strategy for information technology....
6 Pages (1500 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us