Introduction
User identification, authentication, and authorization are essential in developing, implementing, and maintaining a framework for information system security. The basic function of an information system security framework is to ensure the confidentiality and the integrity, as well as the availability of systems, applications, and data. Certain information security implementation and management knowledge is required of network administrators, IT service personnel, management, and IT security practitioners, such as information security officers, security analysts, and domain administrators.
Scenario
You are provided with the text sheet named “Integrated Distributors Incorporated” (Project.TS1.doc) to complete this project. You play the dual role of an IT architect and IT security specialist working for Integrated Distributors Incorporated (IDI), a multi-national organization with offices in several countries. Your instructor for this course plays the role of the chief information officer (CIO). Your peers play the role of selected technology staff. Each of the organization’s locations is operating with different information technologies and infrastructure—IT systems, applications, and databases. Various levels of IT security and access management have been implemented and embedded within their respective locations.
Tasks
Your goals as the IT architect and IT security specialist are to:
Develop solutions to the issues that the specified location of IDI is facing.
Develop plans to implement corporate-wide information access methods to ensure confidentiality, integrity, and availability.
Assess risks and vulnerabilities with operating IT facilities in the disparate locations where IDI now functions and develop mitigation plans and implementation methods.
Analyze the strengths and weaknesses in the current systems of IDI.
Address remote user and Web site user’s secure access requirements.
Develop a proposed budget for the project—consider hardware, software, upgrades/replacements, and consulting services.
Prepare detailed network and configuration diagrams outlining the proposed change to be able to present it to the management.
Develop and submit a comprehensive (5 to 10 Pages) report addressing the learning objectives and your solutions to the issues within the scenario.
Prepare a 10- to 15-slide PowerPoint presentation that addresses important access control, infrastructure, and management aspects from each location.