This assignment reflects the IT and networking strategy of ABCD University, which is a state-of -the-art educational institution of the 21st century. The university boasts of having 3000 computers which are being used by more than 19000 students and staff members. The university is on the verge of technological brilliance and it wants to bring in even more innovative strategies for security of its networking and IT related services. In this assignment the primary focus is on devising such a networking strategy which will be beneficial to the staffs, teachers and students of the university and also which will provide top class network security to the computer systems, data and all aspects of the computerized system from any unethical activities like hacking, piracy and others. The university is designing plans to resist all these activities and minimize them as far as possible (Lokshina et al. 2014).
In order to be technologically supreme and maintain the security and integrity of confidential data, the university should follow the below mentioned networking and technical model.
This type of security may be of the following types:
Assets classification is a very important part of IT. We need to know the assets, where they are located and what their respective values are. Then only, we can decide on the factors like the time required, money needed to secure these assets and what are the other necessary steps to protect these assets. The steps are as follows:
Asset Identification- The University needs to understand what the critical assets are for it. They should consider the risks involved with these assets and prioritize them according to that. In case there is any accident, we need to have proper backup of the critical information. This will help the University IT team to understand the degree of redundancy that is required. This can be done by keeping another copy of the information or an additional server may be kept as a standby. This reduces the threats from hackers. The assets are further classified into the following:
Information Assets- It refers to each and every information relating to the University. They have been gathered, classifications have been done, properly arranged and stored in different forms like
Database- All the information relating to vendors, customers, suppliers, sales, purchases, production, marketing and all the financial information are referred to as database. These are perhaps the most delicate information. So, it is obligatory to prioritize their security.
Data files- These are the data which give information about the several transactions along with their dates.
Process of operations and the support system- This information are being developed since many years and they provide very detailed guidelines on the performance of several activities.
Information Archive- It refers to the various legal information that need to be stored.
Plans for continuity and back-up plans- In case of any unforeseen event, this will ensure that the organization does not come to a standstill and it moves ahead. If they are not maintained properly, in case of any emergency, that will lead to ad-hoc decision making.
The University should use the following two methods of information classification which are considered to be the best.
Classification by the characteristics- It is modeled according to Classification of Management by Anthony. The decision-making information can be of three types like:
It is absolutely necessary to train the teachers, staffs and students about the basic knowledge of IT, hardware, software and operating systems. This will make them work properly without creating a major damage to the hardware and software. Trained personnel should impart such training. (Sanyal et al. 2014).
The computer systems should be properly protected from any unauthorized access. This can be done by using antivirus software’s that is available in the market today. Threats can come from various kinds of entities like viruses, spywares, Trojans, worms, etc. In order to minimize such threats, the machine firewalls should also be kept on during data transfer (Khan et al. 2014). Trained IT team should be readily available whenever any malfunction occurs.
Figure 1: Depicts a Network Security Architecture
(Source: Wade, 1999, pp.1635)
The University should prevent any unauthorized access in the physical form in the critical areas like server rooms, rooms where crucial documents are stored and also in the room where some cash or valuable stuff might be stored. This is to be done in order to prevent any physical damage to the assets. A few of them are as follows- making of security perimeters in order to restrict entry to the sensitive areas that holds several crucial information and information processing facilities. Alarmed locks, fire alarms, burglar alarms, CCTVs, motion alarms and audio surveillance are few of the systems that can be used. It can install the biometric authentication devices to control unauthorized entry. There should be physical protection against natural calamities like cyclone, earthquakes and others (Meghanathan, 2014).
The University can implement Attribute-based access control systems. Here the access is granted on the basis of the user attributes. The user has to prove a few details of his attributes before getting access to the control engine. As for example, a claim may be in the form of “Team IT”. If the user can prove this claim, he gets access. The benchmark standard of attribute-based access control systems is XACML. The University should use the latest version which is XACML version 3 (Katsigiannis et al. 2012).
Cryptography is a branch that includes several guidelines, methods of providing security services like integrity of data, confidentiality and user authentication. The University must implement cryptographic controls like- identification and credentials for authentication in the storage or during transit. It may also store algorithms related to cryptography and vital information relating to wireless communications of secure nature. They are also used in transfer of vital and sensitive data over the internet like the social security number of a person (Hillston et al. 2004).
The University should adopt the system of Compliance Audit. It is getting increasingly popular in the modern IT world and widely used by many organizations. It is used to monitor whether the organization is adhering to all the rules and regulations. Accounting of independent nature, the IT personnel analyzes how strong and concrete the compliance plans are. The auditors should review the several policies relating to access controls of the users, security of the systems, various risk-management techniques during the course of the compliance audit. The SOX requirement analysis can be conducted on the University security system in order to find out if there is any electronic communication that needs to be backed up and need to be protected with modern Disaster Recovery Infrastructure (Bar et al. 2014).
In conclusion it might be said that in today’s competitive environment, automation and digitalization is indispensable for any organization. The educational institutes are not lagging behind in this race. In order to succeed in their objectives and provide proper educational services to the students and an innovative technologically improved environment to the staffs, teachers and students, it is mandatory to maintain all the resources and use the help of computer systems. It is to be mentioned here that, maintaining a highly technologically improvised infrastructure is not just good enough if it is not properly backed up with adequate security measures. In modern world of automation, the significance of IT and IT related services cannot be over-emphasized.
The recommendations will be to design an improvised and reliable security system for the systems and networks, where there is the least chance of data and information being stolen, hacked and lost. Trained personnel should be readily available in case of any emergent crisis. There should be separate groups of people for dealing with hardware, software, IT and networking related issues (Anadiotis et al. 2014).These trained persons should be at service whenever they are required to. At every department there should be smart usage of telecommunications and networking to make the workflow easier and to minimize errors. If these steps are followed religiously, then the university might be on the course of being considered as one of the best of the era.
Anadiotis, A., Patrikakis, C. and Murat Tekalp, A. (2014). Information-centric networking for multimedia, social and peer-to-peer communications. Trans. Emerging Tel. Tech., 25(4), pp.383-391.
Bar, T. and Leiponen, A. (2014). Committee Composition and Networking in Standard Setting: The Case of Wireless Telecommunications. Journal of Economics & Management Strategy, 23(1), pp.1-23.
Hillston, J., Kloul, L. and Mokhtari, A. (2004). Towards a Feasible Active Networking Scenario. Telecommunication Systems, 27(2-4), pp.413-438.
Katsigiannis, M. (2012). Mobile Network Offloading. International Journal of Interdisciplinary Telecommunications and Networking, 4(3), pp.40-53.
Khan, J., Chen, D. and Hulin, O. (2014). Enabling technologies for effective deployment of Internet of Things (IoT) systems: A communication networking perspective. ajTDE, 2(4).
Lokshina, I. and Bartolacci, M. (2014). Thinking eHealth:. International Journal of Interdisciplinary Telecommunications and Networking, 6(3), pp.27-36.
Meghanathan, N. (2014). Centrality-Based Connected Dominating Sets for Complex Network Graphs. International Journal of Interdisciplinary Telecommunications and Networking, 6(2), pp.1-24.
Powell, S. (2009). Interdisciplinarity in Telecommunications and Networking. International Journal of Interdisciplinary Telecommunications and Networking, 1(1), pp.1-8.
Russotto, T. (1987). The integration of voice and data communication. IEEE Network, 1(4), pp.21-29.
Sanyal, R. and Prasad, R. (2014). Enabling Cellular Device to Device Data Exchange on Sarkar, N. and Nisar, K. (2012). Performance of VoIP in Wired-Cum-Wireless Ethernet Network. International Journal of Interdisciplinary Telecommunications and Networking, 4(4), pp.1-25.
Shakhakarmi, N. (2014). Next Generation Wearable Devices:. International Journal of Interdisciplinary Telecommunications and Networking, 6(2), pp.25-51.
Tosti, F. and Umiliaco, A. (2014). FDTD Simulation of the GPR Signal for Preventing the Risk of Accidents due to Pavement Damages. International Journal of Interdisciplinary Telecommunications and Networking, 6(1), pp.1-9.
Tropina, T. (2015). Book Review. Telecommunications Policy.
Wade, V. (1999). Service management and the telecommunications information networking architecture. Computer Communications, 22(18), pp.1633-1637.
WANG, G., HUANG, T., LIU, J., XIE, R. and LIU, Y. (2014). In-network caching for energy efficiency in content-centric networking. The Journal of China Universities of Posts and Telecommunications, 21(4), pp.25-31.
WytrÄ™bowicz, J., Ries, T., Dinh, K. and KukliÅ„ski, S. (2014). SDN Controller Mechanisms for Flexible and Customized Networking. International Journal of Electronics and Telecommunications, 60(4).
With time, MyAssignmenthelp.com has become one of the best college essay writing services. Our all rounded services give students the confidence to overcome assignment related issues. Our services are fast enough to meet most urgent deadlines. We are capable of delivering fast essay writing services with the help of our specially designed provisions and writers' teams. Our urgent essay help services guarantee most rapid delivery of assignment solutions. Some of our most popular essay services are application essay help, exploratory essay help, literary review essay help and argumentative essay help.
You are required to write a researched argument essay that convinces persuades the reader of your position / stance. This is an academic, researched and referenced do...Read More
Executive Summary The purpose of this report is to elaborate the factors which are considered by individuals before selecting an occupation. Choosing an occupati...Read More
Introduction With the increase enhancement in the field of technology, it has been considered essential by the businesses to implement such technology in their b...Read More
Executive Summary In a merger & acquisition, role of an HR has emerged as a very critical function. At each stage of merger and acquisition process, HR plays a s...Read More
Introduction In this competitive business environment where every business organization is trying to attract the customers of each other, it becomes essential for ...Read More