Ict50115 Diploma Of Information Technology Assessment Answers

Answer:

Part A

The organization of choice would be Tek Stream Solutions which deals in selling of software, deployments, resourcing and provision of services related to Oracle WebCenter suite. Tek Stream Solutions mainly provides content management, Oracle technological resources and Oracle enterprise portal. In terms of security management, it is Tek Stream Solution obligation to secure customers information is secure and safe from third parties. Protection organizational data against unauthorized access, all relevant activities such as physical, electronic and management policies have been put in place (Fulmer, 2008). Similarly, personal information collection have been restricted by availing alternatives on whether a client wants personal information to be used by other parties. One of the solution used by the company is TekStream Splunk Support which is used to classify organizations’ operations in classes, real-time comprehensive diagnostic processes and other multi-tier platform that works on distributed infrastructure systems. It helps in error identification and anomalies’ and outranges supported infrastructure. Further, it can identify the main issue within a short period of time. The main data that organization seeks to protect is customers’ personal data held by organization for transaction purposes (Mallery, 2015).

When working with other organizations, there are risks that are associated IT systems. They include; hacking which focuses on retrieving organizational data for personal gain or third party activities that may tend to compromise subject party activities. Next, according to Fulmer (2008), firms are faced with risks of virus attacker which may target to sabotage organizational activities. Any organization that wishes to provide services related to Oracle is required to uphold all rules regarding use of Oracle product. Some of statutory requirements are; complying with terms of services, accept to be trained on product use and follow all regulatory policies. Failing to adhere by set rules, subject party is liable to fines.

Part B

IT systems are faced with various risks in business environment. Systems threats may be categorized as physical where IT system and its supporting infrastructure are prone to theft by employees or strangers. Physical security is very important as it protects IT infrastructure from being accessed by unauthorized persons who may destroy or steal some hardware (Whitman, Mattord & Green, 2014). Next, organizational IT system may fail as a result of fire in the data center, catastrophe such as earthquake and floods. On the same note, hackers may end up gaining access into organizational network and interrupting data transmission from subject organization or within organization. When hackers’ gains access to the system, they may bring it down or change passwords and privileges granted to various users. This results to Denial of Services (DoS) to the right users of the system when required for business activities. Finally, organizational system threats may be as a result of communication media failure such as fault hardware used in transmission of data such router or broken data cable (Whitman & Mattord, 2011). This makes it unable for Tek Stream Solution to offers its services to customers.

In order to make sure there is continuity in business operations, Tek Stram Solution should have put in place prevention and recovery measures on IT systems. To avert threats, it is important secure data centers with strong walls fitted with electric fences and security guards to prevent physical unauthorized access to IT infrastructure. To prevent business interruption from natural activities such as fire, floods and earthquakes, it is important carryout analysis of these disasters before setting up IT services in the area (Snedaker & Rima, 2014). Hackers can be prevented from accessing the system by using strong authorization and authentication policies such as biometric passwords and disabling remote access to IT resources. Both authentication and authorization would help in solving DoS. Hardware failure can be prevented by updating and upgrading IT infrastructure regularly. To make sure there is organizational set risk safeguard and contingency plans, it is important for firm to train all employees on required security measures related to IT infrastructure.

Part C

Once Tek Stream Solution has been hit by disaster, it can recover its operations by implementing the following activities. In order to bring back its services on board after disruption, organization should implement backups to be able to restore business operations when hit by disaster such as fire, hacker destroying entire IT system and virus attacker. Wallace & Webber (2017) argues that, to have a successful data recovery, there should be already existing rules and policies that govern how recovery would be done. Organizational services may be halt by disaster which in turn may bring down entire business activities. When organizational IT system is hacked, organizational privacy and secrecy of operation are lost to competitors and which may outcompete subject firm to exit the market. To recover and run business successfully, various resources are needed; human resources such as IT specialists and data forensic experts to help in designing or improving existing IT infrastructure and evaluating affected data (Paton & Johnston, 2017). Finance is required to purchase new IT infrastructure and pay out outsourced services. Finally, managerial advice is required to help in executing recovery management successfully and according to organizational policies.  

In the Tek Stream Solution case, to recover business processes, the following steps might be followed. Access the extent of disruption and damage in order to be able to plan for resources required in the process. Next, allocate resources and time required for recovery. Execute recovery action to bring back IT system for business services. Finally, evaluate to make sure all process are up and running effectively and implement measures geared towards securing similar business operations (Smith & Wenger, 2007). There various disaster logistics in business recovery; post-disaster recovery logistics which helps in carrying out recovery plans, data transportation and disaster recovery logistics and disaster response logistics. Finally, there is need for cut over criteria before launching disaster recovery. They include; disaster evaluation, resources estimates and prevention of disaster after recovery.

Assignment 2

Recovery requirements are specific in regard to organizational disaster. Each disaster requires different actions and resources to mitigate it. In the case of Tek Stream Solutions, it is requirement to run data recovery procedures in order to secure customers personal data. Similarly, running out network diagnostic to determine loopholes that might have facilitated organizational data access. Finally, come up with resources required to recover business operations. Disasters are quite challenging to organizations and once they occur, they disrupt entire business operations which in turn may result to closure of business. Terminating business may occur as a result of being unable to revive business or subject firm being outcompeted by rivals in the same sector. The developed contingency plan is simple and easy to understand and maintain. To implement the given contingency plan in an ongoing business and project operations, all activities should be evaluated to ascertain if they are in similar business sector. Once evaluated, they have to be accessed on suitability to mitigate and recover business. Disaster recovery is one off activity because it is only run when business activities have been interrupted.   

References

Fulmer, L. K. (2008). Business Continuity Planning: Step-by-Step Guide with Planning Forms. Brookfield: Rothstein Publishing.

Mallery, M. (2015). Technology disaster response and recovery planning: A LITA guide.

Paton, D., & Johnston, D. (2017). Disaster resilience: an integrated approach. Charles C Thomas Publisher.

Smith, G. P., & Wenger, D. (2007). Sustainable disaster recovery: Operationalizing an existing agenda. Handbook of disaster research, 234-257.

Snedaker, S., & Rima, C. (2014). Business continuity and disaster recovery planning for IT professionals. Waltham, MA: Syngress.

Wallace, M., & Webber, L. (2017). The disaster recovery handbook: A step-by-step plan to ensure business continuity and protect vital operations, facilities, and assets. AMACOM Div American Mgmt Assn.

Whitman, M. E., & Mattord, H. J. (2011). Roadmap to information security: For IT and InfoSec managers. Boston, MA: Course Technology/Cengage Learning.

Whitman, M. E., Mattord, H. J., & Green, A. (2014). Principles of incident response and disaster recovery.