A-Level Coursework on "Information Technology (IT) Security Plan for Car Motor Company"

A-Level Coursework 16 pages (4621 words) Sources: 1+

[EXCERPT] . . . .

it infrastructure to the day-to-day running of business operations cannot be overemphasized. Various critical business processes are controlled by the various computer systems that are tailored to meet the demands of these unique processes. However, a disruption to the it infrastructure can bring all the critical company's operations to a sudden halt. The repercussions can run into the loss of very large amount of money. This paper describes a systematic plan that is aimed at restoring the it infrastructure of Jubilee Motor Company (JMC).The company just suffered a major breakdown of its it infrastructures as a result of an accidental fire outbreak. The paper described an emergency system implementation and a detailed it Disaster Recovery plan which must comply with the existing laws. Apart from the plan, the paper also outlines the user policies to act as a guideline for the professional use of the it infrastructure.

Introduction

The importance of it Disaster Recovery plan can be seen from previous cases of disasters that paralysed the normal operations of various nations and organizations. A perfect example can be drawn from the September 11th, 2002 terrorist attack on the U.S. soil. A disaster recovery plan can also be referred to as a Business Continuity Plan (BCP) and provides a description of all the steps that must be followed by an organization in ensuring that various specific processes continue to run in the event of any disaster, man-made or otherwise.

The formulation of an it Disaster Recovery plan involves a thorough evaluation of the basic and mission critical components of an it supported and run system. It is important to come up with a

Continue scrolling to

download full paper ⤓

BPC that ensures that the operations of a given firm continue to flourish and are available whenever they are required. It is important to come up with an effective it Data recovery plan that would ensure that events are quickly contained to avert the possible losses in revenue and company image as a result of an unprecedented system failures and breakdown.

Part one: Disaster

Overview of Data recovery timeline

During the 1960s and 1980s the users of various it systems began to realize the various Single Point of Failures (SPOF) that existed in the various systems. Corporations and individuals recognized the fact that the impact of disruption of the it infrastructure resulted in significant impact upon the business continuity operations of various organizational key operations. It was important to maintain the continuity of the business process and no amount of threat to the system was tolerable.Therefore various it infrastructure components such as the hardware, the it network infrastructure and other elements of the it system had to be designed in better manners so as to eliminate the various SPOFs. The financial implications of data loss and disruption of various mission critical components of an organization were huge. Therefore Engineers came up with better systems that had little SPOFs.It therefore became necessary to develop various forms of data recovery plans in order to ensure that the various computer systems and the data contained within them were maintained and restored to a state of normalcy prior to various incidents that could have caused a disruption.

The relationship between it Disaster Recovery plan and business continuity

The it Disaster Recovery plan to be drafted for the JMC is meant to address specific business processes. Its relationship with the various business processes cannot be overemphasized. The manufacturing processes must continue to take place in the JMC manufacturing centres. This means that all mission critical parts of the company must be maintained in perfect working condition. The relationship between the Disaster Recovery Plan and the BCP is therefore profound. In actual sense, the BCP can be viewed as an umbrella plan that has within it the elements such as Disaster Recovery Plan as one of its subcomponents. The following are the main components of a Business Continuity Plan

1. Business Resumption Plan

2. Incident Management Plan

3. Continuity of Operations Plan

4. Occupant Emergency Plan

5. Disaster Recovery Plan

It is worth noting that the Business Resumption Plan, the Continuity of Operation Plan and the Occupant Emergency Plan do not deal at any instance with the organization's Information Technology (it) infrastructure.

The Data Recovery Process

The JMC manufacturing processes must continue to thrive regardless of the incidents that have affected the company's it infrastructure. It is therefore crucial to gather all the system components and the supporting staff who are to help in the carrying out of the activities related to maintaining a continuous flow of data necessary for the carrying out of JMC's manufacturing operations.

The initial process of ensuring that normal operations continue in at the manufacturing facility is to assemble a team that is mandated with the running of a temporary it infrastructure command post. The command post or control room is to be used to monitor all the vital business operations at JMC.The computers to use must be efficient and the data and software to be used in the system must be obtained from the offsite data backup system. It is important to note that the most fundamental systems to resuscitate are the ones that are mission-critical. This means that the systems that must be brought back online are the ones that are directly concerned with the running of the organization's main facilities. In this case all the it infrastructure components that are directly involved with the manufacturing processes are the ones to be brought back online. Others that are involved with various transactions and monitoring systems are to be worked on at a later time.

In order to ensure that it infrastructure is not interfered with in the future, it is important to ensure that a solid plan is drawn and put in place. The plan must be able to be initiated and implemented within the shortest time possible. The Table 1. below gives a rough guideline on how to chose and implement the disaster recovery plans.

A disaster can be termed as a sudden and an unprecedented catastrophe that has the potential of rendering the various mission-critical components and critical processes of an organization ineffective. The result is a total disruption of the normal business processes and hence the inability of an organization to carry on with its key operation and hence huge financial losses and even possible legal actions against the company.

The it disaster recovery process is made up of a series of definite rules and processes that are put in place in order to ensure that the various critical business operations continue uninterrupted. The following is the guideline for it disaster recovery process.

In order to ensure that the JMC it infrastructure is brought back to normality, it is important to ensure that a sequence of events takes place. This sequence is important in ensuring that the various mission-critical processes are maintained in their normal working conditions. The initial step in the it disaster recovery process is the establishment of a planning group. This planning group is to be mandated with the identification of all the mission-critical component of the JMC manufacturing processes. It is important to include all the mission-critical elements so as to come up with an effective it infrastructure. Due to the limited time frame, it is important to assemble the planning group within the shortest time possible. The planning group then is to embark on the next activity that involves the performance of risk assessment and audits. This is to ensure that all the mission critical elements of the firm are ball captured. The emergency centre is then to be setup with the requirement that are dictated by the result of the risk assessment and audit results. After this has been carried out, the firm is then to carry out an establishment of priorities for the various applications that support the JMC manufacturing activities and the supporting network infrastructure. After this has been carried out, then the data recovery strategies are drawn in order to support the appropriate components of the manufacturing system. It is important then to prepare an efficient inventory and a documentation of the prescribed plan. This is important for future reference and for troubleshooting the system. The drawn plan is then to be verified according to a verification criterion that is also to be developed. The verification criteria involves a series of standard steps that are aimed at coming up with the best system for undertaking the data recovery operation. The final step is to implement the drawn it data recovery plan.

Time scales

It is important to understand that the it data recovery planning group should be made up of individuals who are conversant with all the business processes and the technology behind the various network architecture. This is crucial for the formulation of a viable DRP. It is important that the following table be used in classifying the company's applications.

Classification

Description

1

Mission Critical

Mission Critical to completing the mission of the organization

Can only be performed by computers

There is… READ MORE

Download Full Paper

Write a New Paper for Me

Quoted Instructions for "Information Technology (IT) Security Plan for Car Motor Company" Assignment:

“

Questions:

IS: Information Security

The Jubilee Motor Company has been successfully operating with an IT infrastructure for the past 6 months. Every system has been deployed as on-site with no remote services. There is no wifi and a leased-line links the main site with manufacturing. Telephony is a stand-alone VOIP system. Servers run weekly backups to an on-site tape-deck.

Part One ï¿½*****" Disaster! (40 Marks)

One morning JMC staff arrive to find all electrical equipment dead. Further investigation shows a road crew have gone through the main cabling trunk for the primary site (the cabling trunk also hosts the leased-line link to the manufacturing site) and simultaneously a sub-station fire has brought all power down to the manufacturing plant.

The cable will take 5-7 days to fix. Power should be restored to the manufacturing plant in 12 hours.

Using your knowledge of the Jubilee Motor Company, describe a plan to restore the IT systems and the services that rely on them to allow the operation of the company as soon as possible. Ensure that the systems critical to the company operations are restored first and minimise loss to the company*****s cash flow and image.

Also document the probable impact to the company.

Part Two ï¿½*****" Planning (40 Marks)

Having lost all IT infrastructure the Managing Director of the Jubilee Motor Company has requested the creation of a full company IT Disaster Recovery plan.

Create a strategy document outlining and addressing risk scenarios for the business and how each risk will be addressed. Cost is not a direct issue, but all costs should be carefully justified. Ensure clear timescales are provided and the impact to the company*****s operation is clearly described.

The plan should include systems (both hardware and procedural) for the monitoring of the company*****s critical systems.

Changes to the company IT infrastructure from that as outlined at the start of this document to address the identified risks should be attached as appendix to the main document. Again, clear costs and timescales should be given and justified, including the impact of any changes in the IT infrastructure to the company*****s operations.

Part Three ï¿½*****" Forensics (20 Marks)

When recovering information from the systems failure a number of illegal files were discovered on company infrastructure. As the systems in place did not have any identity management in place the perpetrator is not easy to identify.

Create a proposal to install identity management within Jubilee Motor Company. The system should:

*****¢ Allow the easy creation, modification and deletion of user accounts

*****¢ Control access to all business systems ï¿½*****" hardware and software

*****¢ Allow individuals to be given different levels of access to business systems ï¿½*****" and be flexible enough to allow different access rights to be set for the same individual

*****¢ Allow the IT staff to identify which employee is logged onto which machine at any time

*****¢ Clearly identify the owner of every file

*****¢ Comply with all relevant National and EU legislation

As part of the proposal clearly outline the steps that would be taken to identify the owner of any such files as detailed above and appropriate actions. *****

How to Reference "Information Technology (IT) Security Plan for Car Motor Company" A-Level Coursework in a Bibliography

“Information Technology (IT) Security Plan for Car Motor Company.” A1-TermPaper.com, 2010, https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066. Accessed 3 Jul 2024.

Information Technology (IT) Security Plan for Car Motor Company (2010). Retrieved from https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066

A1-TermPaper.com. (2010). Information Technology (IT) Security Plan for Car Motor Company. [online] Available at: https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066 [Accessed 3 Jul, 2024].

”Information Technology (IT) Security Plan for Car Motor Company” 2010. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066.

”Information Technology (IT) Security Plan for Car Motor Company” A1-TermPaper.com, Last modified 2024. https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066.

[1] ”Information Technology (IT) Security Plan for Car Motor Company”, A1-TermPaper.com, 2010. [Online]. Available: https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066. [Accessed: 3-Jul-2024].

1. Information Technology (IT) Security Plan for Car Motor Company [Internet]. A1-TermPaper.com. 2010 [cited 3 July 2024]. Available from: https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066

1. Information Technology (IT) Security Plan for Car Motor Company. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/infrastructure-day/9942066. Published 2010. Accessed July 3, 2024.

Related A-Level Courseworks: