...Disaster Plan Nunki J Rosas IT/240 Sunday, April 7th, 2013. John Helt, MISM, MCSE Disaster Plan Scenario: The IST Department of XYZ Computers is located on the first floor. Payroll and all human resources records are processed daily and bi-weekly for 10,000 employees. After payroll is run, data is backed up using tapes. No firewall is in place, and e-mail is on the same server as payroll. XYZ Computers is located in the southern part of the United States in an area that receives heavy rain. During the weekend, a major water pipe broke and flooded the first floor. The water caused extensive damage to the servers, which were also on the first floor. Create a disaster plan to prevent this sort of problem from happening in the future. Proposed solution: The way in which XYZ Computers has their IST Department set up currently is susceptible to many threats. The lack of a firewall is an open invitation for data to be stolen by prying eyes, and the vulnerability of placing the payroll database is in the same server as the email service. The geographic and weather conditions of the location of the company have a high risk of flooding, yet the Servers were installed on the first floor. Lastly, the backup method in place is sort of outdated and there is no mention on how often the backup takes place; additionally, the backup tapes themselves could be damaged, lost, or stolen. These recommendations are an attempt to improve XYZ Computer’s network data security, prevention of...
Words: 1186 - Pages: 5
...Abstract: In the situation of XYZ computers flooding, this paper is to help create a disaster plan using different raid setups that might better help this company in the long run to back up there systems. I have gone into detail what is needed for the different raid systems and what they are good for below. The first step in making sure that you have a stable system is to make sure that you have a proper back up plan, especially when you are dealing with the amount of employees that XYZ Computers has to deal with on a day to day basis. When starting out a disaster plan, we need to take in every possible situation that could arise, from natural disasters to think such as hacker exploits and even burglar exploits. We should even cover things in our disaster plan such as hardware failures, spyware, or even virus. We also need to list them all out, and take a look at what ones we are most likely going to have to deal with, and put most of our concentration on those, and then slowly work our way down the list making sure that we hit every single possibility that could arise. Another factor that should be looked into also while making a disaster plan would be the cost that we are willing to put out to put together a strong disaster plan. We want to be able to have something that is going to work without flaws, but also not have to break the bank while doing it. We also might want to think of ways that we can help prevent most of the disasters. In example, we really can’t anticipate...
Words: 1163 - Pages: 5
...Running head: CIS 500, Case Study 1: Stratified Custom Manufacturing, Part 2 ABSTRACT This paper develops a security policy document for my mid-sized organization “Canar Networkung Organization”. The paper will include measures to protect against breaches and act as a proactive defense. It defines the segments of policy that are purpose, audience, document information and scope for the success of organization. This paper also develops the policy criteria that protect the organization from proactive defense and organizational risks. It examines the objectives, complains, responsibilities, implementations and control of policy criteria in order to enhance the organization. The paper also details the policy measurement in order to mitigate the organizational threats, and provides an effective security elements for the enhancement of the organization. Introduction: The policy This policy is the procedure and principle that guides the decisions and the rational outcomes of an organization. The subjective and the objective decisions can be assisted by policy in order to make better environment to the organization. Policies include the set of decision that can be associated by the senior management in an organization. Document information: The framework of Canar Networkung Organization could be provided by document information for the development of organization...
Words: 7361 - Pages: 30
...| Disaster plan | | | | 6/6/2010 | | Abstract This is a disaster plan that I created for the IST Department of XYZ Computers company in order to prevent any future problems that may arise such as the situation they had over the weekend when a major water pipe broke and flooded the first floor, causing extensive damage to the servers. Included in the disaster plan I will address a few issues that will aid the company in protecting against such things as any natural disasters that may occur as well as any other occurrences that may deem necessary for such a disaster plan. I will detail my recommendations for using a RAID system for data protection in order to have a well placed back up plan with the most up to date information possible. In short I plan to properly detail a disaster plan the best possible way that I can in order to have a good disaster recovery plan in place rather than having to spend the time and money on extra recovery efforts. Hopefully having such a plan in place will keep from losing important data to unforeseen issues, such as natural disasters due to the geographical location among other issues that may arise at the most in opportune time possible. When creating a disaster plan the first thing to keep in mind is to do a complete risk assessment of the entire existing computer systems. In order to accomplish this task all the risks and probabilities will need to be noted such as any delays to system uptime and how close at hand these...
Words: 1273 - Pages: 6
...Associate Level Material Appendix G Disaster Plan Assignment Read the descriptions for Company A and Company B and select one. Create a disaster plan for your selected company that includes how you would recommend the company back up and protect its network data. Your plan must be 1,250 to 1,500 words in length, and your recommendations must be based on the RAID system of data protection. Your plan must also address how the company should protect against natural disasters that might occur in its geographic location. Include any charts, graphs, or visual components that are helpful in illustrating your plan. Company A The IST Department of XYZ Computers is located on the first floor. Payroll and all human resources records are processed daily and bi-weekly for 10,000 employees. After payroll is run, data is backed up using tapes. No firewall is in place, and e-mail is on the same server as payroll. XYZ Computers is located in the southern part of the United States in an area that receives heavy rain. During the weekend, a major water pipe broke and flooded the first floor. The water caused extensive damage to the servers, which were also on the first floor. Create a disaster plan to prevent this sort of problem from happening in the future. Company B 123 Textiles Corporation is located in a high-crime area that also experiences occasional earthquakes. A new network was set up with the server by a window. All systems are backed up once a month on an exterior...
Words: 285 - Pages: 2
...Disaster Plan Assignment week 8 The IST Department of XYZ Computers is located on the first floor. Payroll and all human resources records are processed daily and bi-weekly for 10,000 employees. After payroll is run, data is backed up using tapes. No firewall is in place and email is on the same server as payroll. XYZ Computers is located in the southern part of the United States in an area that receives heavy rain. During the weekend, a major water pipe broke and flooded the first floor. The water caused extensive damage to the servers, which were on the floor. IST unit of XYZ Computers is situated on first floor. The first order of business would be to relocate the servers to a more secure location on maybe an upper floor to avoid this type of event from occurring again. The company’s location means that we should consider moving all essential hardware for operations to second or third floor offices. The servers should not be on the floor no matter what floor they are located on. Heavy rains could also mean mud slides and extensive flooding. Having a warm site in a different region of the U.S. would make relocating the business easier if any natural disaster took place. Of course we would have to store remote servedrs that are being backed up at the same time that the servers on location are backed up in order to keep current on operations. The disaster scheme of the organization can be established on the RAID scheme of information protection. In order for this to occur...
Words: 1169 - Pages: 5
...Individual: Disaster Plan Jaime DiPaulo Jr 04/7/14 IT/240 John Helt I chose to analyze and formulate a disaster plan for Company A -Computers. Although the differences between Company A and Company B are more than slight in the approach they choose for the operation of their network, the concept of network security means the same thing. Zooming in on Company A, there is information of approx. 10,000 employees that travels through an unprotected portal that shares the company email server. This is about as serious of a threat as there is. Laid out within this written document are enactments much, much recommended. These implementations work together much like the individual pieces of a knight’s armor overlap each other a bit, meanwhile the sword and shield are actively about in front of; ready for an attack on their network. The following paragraphs are outlined in the order of the OSI model. Protecting all of the important assets of XYZ Computers means keeping them in a safe place, whether in storage or in full operation. According to Appendix G, there was a flood on the first floor that caused damage to all of the equipment. To protect the equipment from flooding, which is a seemingly big problem in the south, the equipment should be elevated from the immediate floor by means of some type of moat around the equipment or moved up to the second floor. The drainage system should also be further inspected to ensure there are not other pipe-bursting dangers. Also...
Words: 1498 - Pages: 6
...Information system audit plans seek to evaluate the robustness of the organization’s information system. Is the system available at all times when needed by the organization? What are the security mechanisms in place to ensure confidentiality and security of data? Is the information provided by the systems accurate? Audits of information systems may be initiated to address these individual specific issues within the overall IS environment. Information Systems Audit Program The elements of an information systems audit will address the effectiveness of controls in the following general areas: * Physical and environment review that includes physical property security, power supply, air conditioning, etc. * System administration review encompassing operating systems, databases, and system administration policies and procedures. * Application software review which is an encompassing examination of the applications being used by the organization as well as the access controls, authorizations, process flows, error and exception handling, and similar activities that effect software applications including system development lifecycle. * Network security review to identify the external and internal connections to the information system through firewalls and routers and the intrusion detection systems in place. * Business continuity review evaluates the systems that ensure continuity of operations including data backup programs, disaster recovery plans, redundant hardware...
Words: 2359 - Pages: 10
...for the company XYZ. Not having anyone who currently fits this role, a need has arisen for recruiting to solicit candidates with the necessary attributes to fulfill the company’s needs. The HRIS Supervisor will be responsible for the overall “health” of the HR and Payroll system(s). With a handful of direct reports, the HRIS Supervisor will need to be able to not only have technical knowledge but also preferably have a background in Human Resources and/or Payroll. The reason for this is XYZ feels that having someone with this background will benefit the company in that the candidate will not just be thinking technically but also in conjunction with the processes, laws and regulations both departments deal with. To develop the competency model for HRIS Supervisor, XYZ used the O*Net Website and reviewed both the Computer Systems Analyst and Human Resources Manager jobs pulling relative competencies from each to make up the HRIS Supervisor competencies. The areas that the competency model addresses are Tasks, Tools & Technology, Knowledge, Skills, Work Activities and Work Styles. XYZ focused on the main attributes of the position HRIS Supervisor would need to encompass. The below is the competency model that has been designed for the HRIS Supervisor position. (Find Occupations) HRIS Supervisor Competency Model Tasks All 21 displayed * Test, maintain, and monitor computer programs and systems, including coordinating the installation of computer programs and systems...
Words: 2325 - Pages: 10
...Network Design: XYZ School System Network Design: XYZ School System IT 230 Computer Networking Executive Summary {complete during Week Nine} Write 3-4 paragraphs describing the goals of the network design project, assumptions, pros and cons of the proposed solutions, and project constraints. Cabling Specifications 1. The following specification represents the minimum requirements for the installation of cabling and equipment data cabling in any offices or labs to be constructed or modified for the XYZ School System. 2. Minimum Cabling Requirements a. The Data Cabling and termination shall be in accordance with wiring configurations as per ANSI/TIA/EIA-568-B standards b. All cabling runs must be uninterrupted and without splices c. Where cabling is to be enclosed in a solid wall, the cables should be installed within a conduit for a additions or reconfigurations 3. General Specifications a. Data cable (CAT-6 UTP) i. Terminating method: CAT-6 socket 1. Green/White (1) 2. Green (2) 3. Orange/White (3) 4. Blue (4) 5. Blue/White (5) 6. Orange (6) 7. Brown/White (7) 8. Brown (8) ii. Each data point should have all 4pairs assigned and terminated as per ANSI/TIA/EIA-568-B standards b. Cables Labeling i. Data plates 1. On each face plate a unique number will be used to indicate the data’s location of cable termination on the patch panel 2. The data ports will be marked with orange labeling for each data connection ii. Wiring labels 1. Each cable will be sequentially numbered...
Words: 6096 - Pages: 25
...[pic] Defense Security Service Electronic Communications Plan Sample Date: 02/01/2012 Company: |XYZ, Inc. | Address: |12345 West Broad Way, New York, NY. 54321 | Cage Code: |89PGK | ODAA Unique Identifier: |89PGK-20111119-00009-00019 | Table of Contents 1. INTRODUCTION 5 2. PURPOSE 5 3. ROLES/PERSONNEL SECURITY 6 4. DETAILED SYSTEM DESCRIPTION/TECHNICAL OVERVIEW 8 5. IDENTIFICATION AND AUTHENTICATION POLICY AND PROCEDURES 9 5.1 USER IDENTIFICATION AND AUTHENTICATION 9 5.2 DEVICE IDENTIFICATION AND AUTHENTICATION 10 5.3 IDENTIFIER MANAGEMENT 10 5.4 AUTHENTICATOR MANAGEMENT 10 5.5 ACCESS CONTROL POLICY AND PROCEDURES 11 5.7 ACCESS ENFORCEMENT 12 5.8 INFORMATION FLOW ENFORCEMENT 13 5.9 SEPARATION OF DUTIES 13 5.10 LEAST PRIVILEGE 14 5.11 UNSUCCESSFUL LOGIN ATTEMPTS 14 5.12 SYSTEM USE NOTIFICATION 14 5.13 SESSION LOCK 15 5.15 SUPERVISION AND REVIEW — ACCESS CONTROL 16 ...
Words: 19387 - Pages: 78
...2014 Management Science Management Science is concerned with developing and applying models and concepts that help to clarify management issues and solve managerial problems. The models used can often be represented mathematically, but sometimes computer-based, visual or verbal representations are used. The range of problems and issues to which management science has contributed insights and solutions is vast. It includes scheduling airlines, both planes and crew, deciding the appropriate place to site new facilities such as a warehouse or factory, managing the flow of water from reservoirs, identifying possible future development paths for parts of the telecommunications industry, establishing the information needs and appropriate systems to supply them within the health service, and identifying and understanding the strategies adopted by companies for their information systems. Scientific Planning Successful management relies on careful coordination, often using scientific methods in project planning. For example, critical path analysis allows us to identify which tasks in a project will take the longest or adversely affect the length of other tasks, permitting us to focus on those tasks. Computer models can also help we determine utilization and recommend more effective usage. In addition, this type analysis allows us to develop proactive strategies for handling outages and...
Words: 3150 - Pages: 13
...Resource Delivery and Labourer Relations 16 8.5 Product Advantage 16 9. Mode of Entry 17 9.1 Options for Mode of Entry 17 9.2 Recommended Mode of Entry 18 9.3 Organisational Structure and Compensation 20 10. Monitoring and Control 21 10.1 Product Monitoring 21 10.2 Performance Measurement 21 11. Future and Exit Strategy 22 12. Conclusion 23 13. References 24 14. Appendices 27 1. Executive Summary This report was commissioned to examine and analyse environmental information on India to produce an entry strategy, structure, controls and performance monitoring to exploit the opportunities that exist in India. This continued country diversification, clearly sits with XYZ’s global goals to enter stronger performing markets. XYZ undertook research to determine the demand and attitudes from builders towards the proposed new prefabricated steel products. Based on favourable results,...
Words: 5852 - Pages: 24
...[pic] Disaster Planning, Emergency Preparedness & Business Continuity I. Introduction: The Plan About this Document 1 What a Disaster Plan Is and Why You Should Do One 2 Possible Disasters 4 Assign a Team—You Can’t Create a Plan Alone 6 II. Analyze & Know Your Organization Determine Your Critical Services & Functions 8 Where is Your Information Stored? 10 Computers & Technology 15 Know Your Physical Plant 18 III. Risk Analysis 19 IV. Business Impact Analysis 20 V. Implement the Resources 21 VI. Test the Plan 22 VII. Insurance 23 VIII. Personnel Policies & Crisis Communications 25 IX. Advice from the Red Cross 28 X. Emergency Planning Checklist 30 XI. Resources 33 I. Introduction: The Plan About This Document This document explains the points an organization needs to think about in order to prepare its own disaster recovery plan so that, should an interruption occur, it is able to resume operations. To complete its plan, staff members will have to search for answers and fill in the blanks. Each organization’s circumstances and structures are unique, so a plan will have to be tailored to suit its needs. It is important to recognize that there is no “magic” plan that an organization can purchase that will provide all the answers or that will create a plan for them. There is no document that will address every situation and circumstance. Conceivably an organization could share...
Words: 8506 - Pages: 35
...cover next page > Page iii THE McGRAW-HILL HANDBOOK OF MORE BUSINESS LETTERS Ann Poe McGraw-Hill New York San Francisco Washington, D.C. Auckland Bogotá Caracas Lisbon London Madrid Mexico City Milan Montreal New Delhi San Juan Singapore Sydney Tokyo Toronto title: author: publisher: isbn10 | asin: print isbn13: ebook isbn13: language: subject publication date: lcc: ddc: subject: The McGraw-Hill Handbook of More Business Letters Poe, Ann. McGraw-Hill Professional 0070505179 9780070505179 9780071368780 English Commercial correspondence--Handbooks, manuals, etc. 1998 HF5726.P545 1998eb 651.7/5 Commercial correspondence--Handbooks, manuals, etc. cover If you like this book, buy it! next page > < previous page page_iv next page > Page iv Library of Congress Cataloging-in-Publication Data Poe, Ann The McGraw-Hill handbook of more business letters / Ann Poe. p. cm. Includes index. ISBN 0-07-050517-9 (alk. paper) 1. Commercial correspondenceHandbooks, manuals, etc. I. Title. HF5726.P545 1998 651.7'5dc21 98-24855 CIP Copyright © 1998 by Ann Poe. All rights reserved. Printed in the United States of America. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a data base or retrieval system, without the prior written permission of the publisher. 2 3 4 5 6 7 8 9 0 DOC/DOC 9 0 3 2 1 0 9 8 ISBN 0-07-050517-9 The sponsoring editor for this book...
Words: 58550 - Pages: 235
