User Account

All Pages

Peoplesharz is aiming to become financially self-sufficient

Assignment Help Basic Computer Science
Reference no: EM13139145

Description: Assignment 3Report and Presentation based on CASE STUDY: PEOPLESHARZ.COM 
(A fictitious analysis of a security breach) 
Length: 3000 words approx. plus Appendices 

This assignment assesses your understanding in relation to the following three course objectives: 
1. analyse information security vulnerabilities and threats and determine appropriate controls that can be applied to mitigate the potential risks 
2. explain why continual improvement is necessary to maintain reasonably secure information systems and IT infrastructure and to describe the role of disaster recovery and business continuity plans in recovering information and operational systems when systems and hardware fail 
4. demonstrate an ability to communicate effectively both written and orally about the management of information security in organisations. 
This assignment assesses the following graduate skills: Problem Solving, Academic & Professional Literacy and Oral and Written Communication at level 2. 
This assignment relates to the topics covered in modules 1 to 10. This assignment can be completed by groups of two students or as an individual assignment. Details regarding the allocation of students to teams will be provided on the course study desk. Each student team will be allocated their own discussion forum for assignment 3 to specifically work collaboratively as a team in developing and discussing their approach to assignment 3 case study and the required Security report and presentation. Regular participation in each team's discussion forum by the team members each week from Monday 10th September until Friday 11th October is expected. Each team member will also be required to keep a journal of their activities and progress related to completing this assignment and will form part of the assessment for assignment 3. In date order clearly list the following: 
• date of research activity/discussion 
• topics researched or discussed 
• time duration of activity. 
Submit this journal for each team member as an appendix to the assignment 3 Recommendations report. Any reference to web pages and on line resources such as white papers, blogs, wikis etc. should be listed at the end of the journal. 
Regular participation on the discussion forums dedicated for this assessment is highly recommended and can assist greatly with this assessment item. Also note that you are expected to do research outside of the course materials provided. 

Case Study: PEOPLESHARZ.COM (A fictitious analysis of a security breach) 
Background: 
PeopleSharz is an Internet Start-up founded in late 2011 riding on the Social Media boom of the late 2000s. Established by former university colleagues Mark Bukerzerg (current CEO) and Peter Tweet (CTO), the company in early 2013 had over 1.2M signed-up users from across the globe. 
While in the scheme of things, the user base numbers seem good, both Mark and Peter know, that to achieve a critical mass of users that will establish PeopleSharz as a "player" in the Social Media space, they will need to reach numbers upwards of 100M users. 

Internet start-ups are springing up all the time - weekly, thousands of new Social Media applications are released on the Internet and while PeopleSharz has established a strong presence and following, the company is continually innovating and responding to user requirements, industry trends and competitive challenges. Mark and Peter's 20 person Development Workshop based in Sydney's upcoming Technology Hub, Redfern, is a busy and dynamic environment. 

PeopleSharz is aiming to become financially self-sufficient by the end of 2014 at the latest. It is at this time that their venture capital funds will be exhausted but they estimate, once they hit the 50M user mark, and have deployed into production their new advertising revenue model, (both aggressively targeted for October, 2013), they will have positive financial results. 
April 21st, 2013: Major New Media News Site Headlines: "New Start-up PeopleSharz Hacked - User Passwords Dumped on Pastebin". 
Waking up to news overnight that their site has been hacked and that the hacker has posted all their client details, including passwords on Pastebin has shocked Mark and Peter. Time is of an essence so an emergency teleconference is organised between Mark, Peter and Phil Jones, (the Technical Support Manager at HotHost1 - a cloud services company where the PeopleSharz environment is hosted). 
The teleconference firstly confirmed that the information posted on Pastebin was in fact real. PeopleSharz seemingly has been hacked. From then on, the teleconference degenerated into blame games between PeopleSharz and the hosting provider HotHost1- each side blaming the other for the incident and each putting the onus of an incident response on the other's shoulders - each side stating that they had no experience with security incident response and it was not their fault nor responsibility. BUT, all did agree that something had to happen quickly! 
April 21st, 2013, 9:45am: Offices of HackStop Consulting 
A quiet morning for you on April 21st, 2013 until 9:45am when a call reaches your desk. As a Senior IT Security Consultant at HackStop Consulting, you've had calls like this many times. It's time to get your game on again! Time to visit the offices of PeopleSharz. Their CEO, CTO and a Manager from their hosting provider HotHost1 are desperate to meet with you. 
Your Task 
On return from your meeting, it's time to quickly put together a proposed plan of work and a response for PeopleSharz. Given the nature of your assignment with PeopleSharz, an urgent response and work-plan is required that outlines your approach and methodologies to: 
(1) Assessing what went wrong - how did the hacker compromise the PeopleSharz environment and steal the user information? 
(2) How does PeopleSharz ensure it does not happen again? 
At present, no other assumptions need to be made about the actual security issues/breach. This assignment is focused upon seeing if you, the student has built up an awareness of how security in Internet Websites can be assessed and analysed to assist businesses in improving their overall security position. 
By being able to outline how you would go about reviewing the security breach outlined in the PeopleSharz case study and making recommendations on improving security practices and the appropriate controls that need to be put place to reduce the risks to an acceptable level, the markers will be able to assess your level of knowledge learned in this course and the additional research you have undertaken. 
Any information not provided in the case study may be assumed, but make sure that your assumptions are stated and that the assumptions are plausible. 
**** NB; Importantly and in addition to your own study and research, there will be two specific discussion forum threads on the assignment discussion forum where you can ask questions of the main players in the scenario: 
1. Mark Bukerzerg and/or Peter Tweet (PeopleSharz) 
2. Phil Jones (HotHost1) 
By actively participating in the forum discussions for this assignment, you will gain valuable information and insight into this case study that will be regarded highly by the markers. 
(Note: Any questions which are not considered to be appropriate or professional for the purpose of this assessment may not be answered) 
Deliverables 
The success of your engagement is based upon two deliverables: 
(1) Development of an Incident Response Work-plan 
(2) A business proposal to PeopleSharz Management in the form of a presentation that outlines how the organisation should be better focusing on Information Security. 
In detail: 
(1) Incident Response Work-plan (WORD Document): 
The work plan should be included in a professionally presented document of no more than 10 pages and be structured to show how each phase of work is to be undertaken. Your work-plan must include the following at a minimum: 
* Executive Summary: half-page brief outlining purpose; scope, expectations and outcomes of the proposed plan of work. (250 words) 
Structured and ordered work plan phase description, which for each section includes: 
* Background andproblemanalysis - What went wrong? How did the hacker compromise the PeopleSharz web site environment and steal the user information ? (approx. 500 words) 
* Threat analysis -What is to be investigated and tested, how it will be done, what sort of potential issues you are looking for and deliverables PeopleSharz and/or HotHost1 can expect for each phase of work - (eg; the "deliverable" for the phase of work could potentially be a report containing the results of a vulnerability assessment test on the PeopleSharz server(s)). (approx. 1000 words) 
* Dependencies and critical success factors to the job, such as key stakeholders in this security breach - people to be interviewed or whose involvement in that phase of work is required. (Remember, you don't always get free-rein access to systems and other information and because time is of importance, you won't get a long time to master the environment. But, as you know, you cannot also always believe everything you are told). 
What is key to getting this job done efficiently and what support do you need to get this done, (from PeopleSharz and also the hosting provider). (approx. 500 words) 
* Set of recommendations for improving PeopleSharz's current security practices and ensuring that an appropriate set of controls are put in place (approx. 750 words) 
* Reference list of key sources in particular technical references which support your approach (Not counted in word count) 
Note in this report and in the accompanying presentation you are encouraged to make use of appropriate Figures and Tables to emphasise the key points that you are trying make 
* A journal of each team member's (for students completing this assignment individually - your) activities in participating and contributing to the completion of the work plan report and presentation. 

(2) Developing a Securer Environment for PeopleSharz for the Future (POWERPOINT): 
Your strategy presentation should be created as if it were an actual presentation you were doing for a real client in relation to your proposed work plan including a set of recommendations and should contain the following at a minimum:
* 1 Slide for an Introduction outlining your team and the organisation you work for 
* 2-3 Slides covering the Background: A brief summary of where PeopleSharz is today in regards to security practices in their organisation and controls in place for their web servers. 
* 2-3 Slides covering the Threat Analysis: A summary of the major threats and associated vulnerabilities and the actions required to reduce the risks associated with these threats and specific vulnerabilities in their web servers to an acceptable level. 
* 2 Slides covering Dependencies and critical success factors to the job: i.e. what is key to getting this job done efficiently and what support do you need to get this done, (e.g. internal business stakeholders, developers etc.) 
* 2 Slides covering your proposed Set of recommendations for improving security practices at PeopleSharz and ensuring appropriate controls are in place in relation to their web site which is core to their business 
[The following is also to be included. While not part of a "standard" Industry business presentation, it is there to allow teaching staff to gauge what level of research has been undertaken]. 
* 1 Slide acknowledging the key authoritative reference sources which underpin the research you have conducted and your approach in the proposed work plan in your proposed business report. 
------------------ 
Report and Presentation Format: 
* MS WORD and PowerPoint respectively (or a web-based presentation as an alternative to PowerPoint for (2) of the assignment deliverables) must be used. NB; For the presentation, you are asked to include a Word document (or utilise the notes section of PowerPoint) to detail the length of time expected to be spent on each slide (page) and the details of what you would expect to discuss with the audience. 
* This assignment is focused upon seeing if as a student in this course you have built up an awareness of how security in an environment should be set up and operated. By being able to outline how you would review and test the security of the fictional organisation, PeopleSharz, through assessment of the basics such as good policies, standards, procedures and controls in place, in addition to detection of incidents, the markers will be able to assess your level of knowledge learned from the course content and from your own additional research in relation to this case study.

Reference no: EM13139145

Questions Cloud

Outline of jesus ministry in matthew : Could you give a list of what is considered the "stories" of the ministry of Jesus in Galilee and also the biblical citations of the stories? What is public ministry of Jesus?
How many more days be included in the sample : How many more days should be included in the sample to be 95% sure the population mean μ is within $50 of the sample mean x?
Nebuchadnezzar according to old testament : Who was Nebuchadnezzar according to books of the Old Testament where he is mentioned? In which books of the Old testament is he mentioned?
Find which test statistic is appropriate to making inference : For each of the following sampling scenarios, determine which test statistic is appropriate to use when making inference statements about the population mean.
Peoplesharz is aiming to become financially self-sufficient : PeopleSharz is aiming to become financially self-sufficient by the end of 2014 at the latest. It is at this time that their venture capital funds will be exhausted but they estimate, once they hit the 50M user mark, and have deployed into production ..
Provisional government have a realistic chance of success : Did the Provisional Government have a realistic chance of success in 1917?
Testament bible books : The New Testament contains different books. What is (1) an apocalyptic book, (2) a gospel book, (3) an epistle book , and (4) a narrative book?
Dollars at the departure date : what amount of gain or a loss did she experience on the 50,000 pesos she held during her visit and converted to u.s. dollars at the departure date?
Seven dimensions of religion : A descriptive verse on the seven dimensions of religion. Includes two examples from several major religions. Helpful in understand general theology and overall religious studies.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Convert decimal number in sixteen bit binary

Convert decimal number +25 and +3 in 16-bit binary. Illustrate your work. Add binary numbers in above question using rules for binary addition.

  Factors finding whether something is politically feasible

Describe political feasibility. What factors go into determining whether something is politically feasible in an organization? Answers may include whether a sponsor exists

  Descriptions of data formats and to interpret raw data

The aim of this project is to exercise and test your ability to read and understand descriptions of data formats and to interpret raw data according to a particular format.  In this exercise you will produce and read the dump of a ZIP file.

  Banner advertising on web sites trigger realization

Banner advertising on Web sites helps trigger realization that there is gap between reality and desired state which occurs in?

  What is the response time for jobs in observed system

We observe a closed system for 30 minutes, during which 1600 tasks are completed, from 12 terminals. Each terminal (source of tasks). What is the response time for jobs in the observed system?

  Write z schemas defining state of the system card validation

Write Z schemas defining the state of the system, card validation (where the user's identifier is checked) and cash withdrawal.

  Technology aided in the evolution of instrument

Identify one musical instrument that has evolved over the centuries (e.g., the piano or guitar) so that you can enlighten us about the evolution of this instrument.

  Describe how to develop users for sales organization unit

Describe how you would develop users for sales organization unit and how you can set up work groups in this particular situation.

  Kinds of attitudes for upper management personnel

Explain in scholarly detail why it is recommended that business communications be oriented toward upper management and what kinds of attitudes should these upper management personnel possess.

  Explaining notifier sends e-mail to system administrator

Suppose a notifier sends e-mail to the system administrator when a successful compromise of that system is detected. What are the drawbacks of this approach?

  How can laser be tipped before light no longer continues

If a laser is to be pointed into the end of the fibre, but is "tipped" to one side by θ degrees, how much can the laser be "tipped" before the light no longer continues down the fibre?

  How lseek call makes a seek to file

Where lseek call makes a seek to byte 3 of file. What does buffer comprise after the read has completed?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd