You have recently completed your postgraduate degree in the information systems/technology field of an Australian University. You are now working as the Research and Technology Assistant to the ICT manager of a small software organisation based in Melbourne. Your organisation was established less than 5 years ago. It develops and customises applications specialising in information and network security area. The clients of your organisation are mostly in the major cities of Australia and range from small to medium size organisations. At present, your organisation undertakes projects to develop applications in-house or to customise off-the shelf software in agreement with larger vendors. Your organisation’s current business scope is limited to that of development of applications. It is now exploring options to expand the business in the next five years to other branches within ICT, and to all parts of Australia and even overseas if possible.
One future option is to diversify the business into providing ongoing information and network security services to businesses that have an online presence. That will require managing the online security of those organisations; security of their websites and client databases. However, the Business Development Manager of your organisation has revealed that the potential client organisations for this new line of business could include online gambling organisations as well as small pharmaceutical and hospitality industry organisations.
There are some concerns among your executive management team that not all the potential client organisations may be engaging in socially acceptable ethical businesses. Yet, there is another school of thought within the management that your organisation must be more concerned about the bottom line (economic aspects) rather than the triple-bottom line aspects (social, environment and economic) aspects at this point in your organisation’s business life cycle.
Your ICT Manager has been asked by the CEO of your organisation to investigate the possibility of this expansion. He (your ICT Manager) has requested you to undertake preliminary research and draft a report that he can finalise and submit to the next Executive Management meeting.
Your research and the subsequent report should cover the following tasks:
1. Definition/s of information and network security and the most up to date developments in the field. This investigation must consider different types of applications used in various industries and in different parts of the world. As a minimum, assess three information/network security applications currently in the market and their uses. Your report should not just focus on generic technology descriptions only but must identify actual examples of both information and/or network security solutions. Consider any success/failure factors. Research must focus on both Australian and global aspects in different industries.
2. Based on the findings from the previous section, propose how you can use these applications to expand your organisation in the next five years. Discuss whether the organisation should focus on customising off-the-shelf applications as you have found, or develop products in-house to provide the ongoing security maintenance services to client organisations.
As a part of this analysis, consider the potential advantages and disadvantages of your solutions and the various risks with respect to the solution/s you propose. The Report must focus on security and technology aspects as a priority, and propose potential solutions to overcome any disadvantages/risks identified in your analysis. Additionally, explore the ethical, social and legal considerations that your organisation should consider as a part of the proposed strategy where some of the clients may not engaged in strictly ethical businesses. Discuss some proposals to address these concerns and make relevant recommendations.
Your analysis and proposed solutions in task 2 should provide three to five recommendations at the end of your report. Make sure that the specific recommendations at the end of your report have been evaluated as a part of your report discussion.
The report should be at a strategic level and must not consist of highly technical details as most of your readers are not from an information technology background.