Analysis And Recommendations Essay For IVK Corporation's Computer Information Technology.

Time and Effort Spent in Analysing the Emerging Trends and Technologies in IT Department

Discuss about the Computer Information Technology for IVK Corporation.

The case study focuses on the issues and challenges faced by the new CIO named as Jim Barton appointed by the organization IVK Corporation.  He faces many difficulties in learning the tactics of IT leadership. Jim Barton does not have any background in Information technology department.  In this paper, we will focus on time and effort spent in analysing the emerging trends and technologies in IT department, responses to the questions which are in relation with the blog issue raised in IVK corporation, the steps taken against the blog entry, general policy recommended for the blogging of information within the company, process used for highlighting emerging technologies, analysing of technologies that they are working better or worse, recommended process which should be used by the IVK corporation for enforcement of infrastructure technology standards, and recommendation and justification regarding use of IT standardization and innovation within the organization and the use of kid’s toolkit which is used for management.

Barton had the potential interest in seeking good tactics for managing trends and technologies of the IT department. From his deep study, he came to know that there is no linking of in gaining business knowledge and technical knowledge but they have to work together simultaneously.

He also came to know that the major responsibility of IT manager is to take action in accordance with pushing of the two circles together. It has been observed that in doing such action, the above diagram will change into following:

He understands the fundamental phenomenon that the IT manager should remain consistent in getting knowledge about situation and the problems which get raised within the organization. “In search of making his capability efficient according to the requirement of the organization” (Lujan, 2011) as the CIO of IT department he discovered the diagram which helps him to find out the gaps which exist between the IT manager and the executives.

The first question raised by the Ruben was that what are the remedial security measures which should be taken by the organization to tackle the situation of risk associated with the future attack. He suggested for the upgrading of the system. “upgrading the firewall system, digital file used with the basis of fingerprinting technology, better implementation of intrusion detection system” (Resnik, 2015), purchasing of additional processing and disk capacity plan which helps in adding more information about logging details, security audits in relation with third party, procedures should be implemented for updating of emergency manuals, training program, rehearsal should be given of the emergency situation, and renewing of change control.

Responses to the Questions

Secondly he asked what step should be taken to make the company secure from getting harmed by the mischievous attack. Barton replied that the major concern is that how the index of the database changed which makes the major issues for the working of the company. It can be overcome by shutting down of the organization for some time, “dealing with the updating of database and other confidential information from backup support and lastly the analysis of the stakeholder” (Bresler, 2010).

The third question was that what recommendation should be provided to the Williams to tackle the situation of intrusion which occurs within the organization. The recommendation which should be provided to Williams is that the company should be shut down and only the manual working system should be used for operation to be carried out. The process of rebuilding the critical production system should be initiated which is based on the development files.

The key steps which should be taken to restrict the entry of the blog are the need of re-engineering of the entire infrastructure for back-end support, “reduction of security risk, reduction of complexity of the operation, reliability for long term business plan, and agility of Information technology” (Buhalis, 2012). Jim Barton work hard to align the strategy of IT and identified new ways to confine their customers. He also suggested that the problem of transaction can occur due to some internal software problem. The other reason can be the “disruption of database due to malicious attack or manually” (Goodall, 2011).

The policy he recommended for blogging of the information is to fast track upgrading of the project due to the occurrence of security hole in the working of the organization. Database corruption can be overcome by making use of backup. “Every member of the organization should make the backup of all the records because there might be changes occurred in the document” (Jones, 2014). The focus should also be given on managing the denial of service attack.

The company is working with the plan of upgrading the firewall system, digital file used with the basis of fingerprinting technology, better implementation of intrusion detection system, purchasing of additional processing and disk capacity plan which helps in adding more information about logging details, security audits in relation with third party, procedures should be implemented for updating of emergency manuals, training program, rehearsal should be given of the emergency situation, and renewing of change control. It has been analysed that the solution is not achieved from implementing the usual technique to overcome or handle the situation of occurrence of the intrusion within the organization because the problem of transaction can occur due to some internal software problem and the other reason can be the disruption of database due to malicious attack or manually.

The Steps Taken against the Blog Entry

The company is focussing on the alternatives such as shutting down of the organization for some time, dealing with the updating of database and other confidential information from backup support and lastly the analysis of the stakeholder. The three process are given in brief below:

• Do nothing: In this thinks that the past intrusion was more difficult to face. This can be handled. In this scenario, the intrusion attack was not because of the intruder, it is due to the tricksters.
• The company should be shut down and only the manual working system should be used for operation to be carried out. The process of rebuilding the critical production system should be initiated which is based on the development files.
• The using the development files, the mirror image of the working practice of the organization should be created so that the original production system should be kept shut down. The rebuilding of the original production site should be start up after maintaining and starting the functioning of the mirror image.

The recommended process which should be used by the IVK Corporation was that the major part of the company should be shut down for some time so that no problem of attack takes place because it is going hard to predict the reason of stolen of information. The system need to be upgraded so that the problem of stealing the information should not occur in the near future again. The period in between should be used for informing the customer that there may be chance of loss of their identity or confidential information. The customer should be highly active about their social security numbers, name and address, date of birth, and others. When the situation of crisis is getting worse to discover the problem of occurrence of disaster, then it is a right step to shut down the working of the organization to get the knowledge about the occurrence of problem and put the limit on the loss of confidential information of the customer which is in favour of them. This will be the positive sign in favour of organization that it can be highlighted that the organization deeply think about the confidentiality of the information of the customer because of that shutdown their organization to find out the solution to remove the problem of loss of information. 

From the study of the case study we analysed that the standardization and innovation can result in the conflict within the organization because the every employee provide his own view to overcome the situation of crisis. “It is hard to choose the best technology among the proposed solution” (George, 2012). In the given case study, Williams, the CEO of the organization do not listen to the Barton proposal of shutting down of company as he was thinking that it is against his ethics and not weak to face the situation of crisis whereas other members were agreed to the proposal.

When the situation of crisis is getting worse to discover the problem of occurrence of disaster, then it is a right step to shut down the working of the organization to get the knowledge about the occurrence of problem and put the limit on the loss of confidential information of the customer which is in favour of them. The company should be shut down and only the manual working system should be used for operation to be carried out. The process of rebuilding the critical production system should be initiated which is based on the development files.

References:

Lujan, G. (2011). IBM social computing guidelines (1st ed.). Retrieved from https://www.ibm.com/blogs/zz/en/guidelines.html

Resnik, D. (2015). Consensus policy resource community (1st ed.). Retrieved from https://www.sans.org/security-resources/policies/general/pdf/acceptable-use-policy

Bresler, L. (2010). A survey of insider attack detection research(1st ed.). Retrieved from https://lasr.cs.ucla.edu/classes/239_1.fall10/papers/Insider_survey.pdf

Buhalis, A. (2012). Intrusion detection system based on ubiquitous network nodes(1st ed.). Retrieved from https://arxiv.org/ftp/arxiv/papers/1407/1407.7715.pdf

Goodall, J. (2011). The work of intrusion detection: Rethinking the roles of security analysts(1st ed.). Retrieved from https://userpages.umbc.edu/~lutters/pubs/2004_AMCIS_Note_Goodall,Lutters,Komlodi.pdf

Jones, K. (2014). A computer system intrusion detection: A survey(1st ed.).  Retrieved from https://www.princeton.edu/~rblee/ELE572Papers/Fall04Readings/IntrusionDetection_jones-sielken-survey-v11.pdf

George, J. (2012). Work Interrupted: A closer look at the role of interruption in organization life (1st ed.). Retrieved from https://pdfs.semanticscholar.org/324b/24736ba8d5e779c6dd718148314981fb5a0b.pdf