retake esp sonali task 4
TASK 4
LONGSTAFF MARKETING SOLUTIONS
Sonali Paul Jassal
Contents:
SAMPLE SATISFACTION SURVEY
Longstaff Marketing Solutions Survey
|
Name: |
Age: |
|
Contact number (optional): |
Email (optional): |
*DISCLAIMER*
This survey is designed
to evaluate the effectiveness of the network
and security upgrades implemented. Your feedback will
help in assessing the ease of use, network security, confidence in security
measures, and overall ability to complete work securely.
All responses will be kept confidential and will not be shared
with any third
parties.
The survey takes approximately 3-5 minutes to complete.
Questions starred with an asterisk (*) means the question needs to be
answered.
About You:
·
How would you describe your technical ability?
* Beginner
Intermediate
Advanced
·
What is your role at Longstaff Marketing Solutions? *
·
How long have you been with Longstaff Marketing Solutions? *
Less than 1 year
1-3 Years
3-5 Years
More than 5 years
Prefer not to say
1.
How satisfied are you with the
new network and security system
in place? * Very Satisfied
Satisfied
Neutral
Dissatisfied Very Dissatisfied
2.
On a scale of 1 to 5, how well do you think the
new security measures ( Login verification, encrypted storage)
protect your data? *
(1= not at all, 5= Extremely
well)
1-
2-
3-
4-
5-
3.
What are your thoughts
on how the new system impacts day- to-day operations? (Log-in delays) *
4.
How would
you rate the ease of accessing the computer system
for everyday tasks? (e.g., logging in, accessing applications) *
(1= very difficult - 10= very easy)
|
1 [ ] |
6
[ ] |
|
2 [ ] |
7
[ ] |
|
3 [ ] |
8
[ ] |
|
4 [ ] |
9
[ ] |
|
5 [ ] |
10 [ ] |
If below 5, please explain:
5. Can you access all the
necessary files and folders
(e.g. on OneDrive, shared drives) *
Yes No
Somewhat True
6. How well does the system help you complete
your work securely? * Very Well
Somewhat Well Neutral
Not Well Poorly
7.
I have noticed security
issues like suspicious logins or malware
alerts * True
False
Somewhat True
8. On
a scale of 1 to 5, how reliable is your connection to network resources (e.g. email, shared files)? *
(1= not reliable
at all, 5= very reliable)
1 [ ]
2 [ ]
3 [ ]
4 [ ]
5 [ ]
9.
Are there
any specific resources you cannot access
but need for your role?
(e.g. shared folders, specific software) *
Yes [ ]
Please describe the issue:
No [ ]
10. Do
you have any additional suggestions or concerns about the new system? *
|
11. Do you believe the training provided was effective in terms of helping you learn new content?
12. |
|
Thank you for
completing this survey! Your responses will
help refine the
IT upgrade strategy to
better serve Longstaff Marketing Solutions. |
Project Summary:
After a thorough review of all the control documents and the
interview with the technical manager, I had identified several issues at Longstaff Marketing
Solutions that needed to be resolved. The key issues were:
·
Lack of security
controls
·
Lack of knowledge in mitigation and security overall
·
Less focus on regular maintenance
·
Weak, generic passwords and accounts
·
No role-based access
controls
·
Shared admin accounts
·
No encryption on data storage
·
Using a SOHO router that is not meeting the needs of the organisation
·
No regular staff
training
Identified Solutions:
Replacement of SOHO router-
Having a SOHO router which was used in the home office
environment and then was
still in use when moved into an office environment, was a huge concern for us.
Therefore, to make sure the network was upgraded and was meeting the
needs of the business, we decided to replace the SOHO router with a Fortinet
FortiGate 60F firewall. This is because we believe, the router was not enough
for the growing organisation and was a
great vulnerability, as it could have posed the organisation to more at risks to attacks and being
frequently targeted by cybercriminals due to its weak security configurations.
Furthermore, it had a limited device capacity as SOHO routers a generally
designed to handle a small number of connected devices such as 10-20. So, implementing the firewall
that is also a router, was a great change to make as it allows to provide
connectivity to a lot more devices. It also significantly improves security as
it provided advanced threat protection, multi-layering security but importantly
prioritises business critical applications by ensuring high quality performance
for cloud connected services and remote access.
Identity and access
Management and Data
Storage-
Another concern was that the organisation had no role-based access controls and all
employees were sharing the admin accounts. This was clearly a concern as there
was no consideration of security as staff were allowed to access any material
they wanted and this maximised the risk of unauthorised access to sensitive
data and systems. In addition, as the User C stated, uses were adding files
such as movies and games to the NAS device and that was clearly not work
related, this was a
misuse of the company’s resources
and the admin privileges staff
had and made it quite hard for
IT staff to trace who was installing non-work-related materials.
Therefore, we decided to implement cloud-based solutions for the
file storage, Microsoft 365 OneDrive for staff files and AWS S3 for sensitive files. This
way it was easier for admin to manage and restrict staff from accessing
sensitive files. To introduce RBAC (role-based access control) we decided to
introduce Azure Active Directory Premium P1, as firstly It
would have allowed to apply Multi-Factor Authentication when logging in, to make sure there
was less of a risk to
unauthorised access, it also provides detailed logs and reports on user
activity, sign-ins and access request which helps in staying compliant with
GDPR. Not complying with rules and regulations
would have posed a huge risk to Longstaff Marketing Solutions as it would have led to the
business suffering financially from penalties but also losing their reputation
and trust.
Remote Device Management-
There was nothing
in place for management of remote devices,
which meant if there
was an issue with a remote device, the IT staff would have physically accessed
the device to troubleshoot or fix the issue. So, to resolve the issue, we
decided to implement Microsoft Intune,
which is a cloud-based endpoint management solutions that help with Mobile device
management. With this in place, it allows for IT to configure, update or wipe
devices remotely which was crucial for the 15 employees who work remotely. Furthermore, it means it consumes less time and does not delay
productivity and crucial activities that may be urgent.
Security Monitoring and Auditing-
Having a detection system in place and regular audits being carried
out, it can bring a lot of benefits to the business.
Consequently, we decided
to add AWS CloudTrail to log access to the AWS S3 data and Microsoft Sentinel to
monitor the FortiGate 60F, Azure AD
and device activity, with Microsoft 365. This is because being able to have real time monitoring can allow for
any security issues to mitigated quite quickly, reducing the threat of the
incident worsening over time and creating real damage to the organisation, such as having to pay
up to $20 million due to legal consequences.
Being able to audit can benefit the organisation as it creates more
transparency with what has been accessed, why and who has been accessing the
information.
Furthermore, if there
was a security breach to occur, having
an audit log will be able
to provide a lot of the information which will be highly detailed, enabling IT
staff to trace the source.
Staff Training-
By trying to encourage Staff
training through Microsoft Learn cybersecurity Modules, it will allow to upskill
employees on modern threats and best practices. Also, without training, staff can be the weakest part of
Longstaff Marketing Solution’s security.
Furthermore, if employees fall for scams, then it cannot be undone,
However, through training you can prevent that and turn the risk into a
strength. It will also benefit the company as a whole as they will be more
aware of how to use the upgrades properly and spot threats
before it occurs.
For a fast-growing company that handles sensitive data, it is
crucial.
Mitigated Security
Issues:
The security
issues that were mitigated were:
·
Unauthorised
access- This was mitigated through implementing Azure Active
directory and Role-Based Access
control, clearly eliminated the use of the shared admin account, provided more
restrictions on what was being accessed. Moreover, it allowed to apply more security measures
in place such as going through multi factor
authentication to reduce unauthorised access to the system
·
Network
Threats- This was modified by replacing the SOHO router with a
firewall to reduce the number of vulnerabilities and weak security
configurations the router
had. This did in fact provide a lot of benefits as it’s more advanced in threat
protection but also provides a TLS inspection to detect any hidden threat in
encrypted traffic.
·
Lack of
Monitoring- By adding Microsoft Sentinel, it has a feature called
anomaly detection which flagged suspicious activities such as unusual login
patterns, which is quite useful in monitoring as it gives a clear overview of the activity. Also, adding AWS
CloudTrail has helped in logging data access.
·
User Awareness- By adding in training for staff, it will highly
likely help staff in being more aware of incidents and emerging threats
of today. Moreover, it will reduce any
insider threats there may be.
Evaluation of my own performance:
As a whole, I think my performance
in time management was great for all the tasks except task 3 as I had to spend a bit of time researching
for products and the best prices I could find, which took me a bit of time. Also, I think I wrote less for some
things that need some depth
and explanations. I did struggle
on going in depth with my task 3 as it got confusing at some
times due to a lack of knowledge in some areas. However, I did manage to find
everything I needed with further research.
Here are some things
I thought I did well in:
·
Time management for tasks 1,2 and 4
·
Structuring and layout
·
Network topology
·
Identifying the issues and concerns
based of the scenario.
Here are some things I thought I could improve
in:
·
Writing in more detail and depth, expanding
on some answer that may need it.
·
Trying to gain more knowledge in some areas to help me understand products and specialist terminology when researching.
Self-Evaluation Using Gibbs’ Reflective Cycle
Description- I could take the scenario of Longstaff Solutions and was able to understand and implement solutions
based on their requirements and needs.
Feelings- I was optimistic about the technical
solutions provided and relate it back to the scenario
Evaluation-My strengths was identifying the issues and why there was need to
make a change. Furthermore, I could understand the business needs such as
selecting scalable solutions for future plans
Analysis- Time limits
on task 3 led me not make comparisons and make alterative suggestions but also not
provide more details where it was necessary.
Conclusion- The project
managed to hit all areas
and objectives that were needed, but could have better panned with
time to make sure it can be highly detailed and sophisticated.
Action Plan-For future projects, I would like to work on time management to
allow more time on providing more detail and provide comparisons but also make sure to have some background knowledge to
further aid me.
Comments
Post a Comment