SlideShare ist ein Scribd-Unternehmen logo

Network Guardians Project Charter Final Ver.

Als DOCX, PDF herunterladen
J
Joseph C. Douglas
1 von 105
1 ___________________________________________________________________________ NSA Capstone Project Charter ______________________________________________________________________________ Prepared By: [Joseph Douglas, Randolph Gallegos, Charles Spencer] Date of Publication: [12/17/14] Revision History Version Date Author(s) Revision Notes 1.0 12/17/14 (Joseph Douglas) (Project Objectives and Scope) 2.0 1/15/15 Joseph C Douglas, Charles Spencer, Randolph Gallegos Newly Acquired information added 3.0 3/4/15 Joseph C Douglas Charles Spencer Randolph Gallegos General Updates
2 Table of Contents PROJECT DESCRIPTION ........................................................................................................................................................4 PROJECT OBJECTIVES...........................................................................................................................................................4 PROJECT SCOPE .......................................................................................................................................................................4 IN SCOPE:......................................................................................................................................................................................4 OUT OF SCOPE: ...........................................................................................................................................................................5 DELIVERABLES PRODUCED: ......................................................................................................................................................5 STAKEHOLDERS: ..........................................................................................................................................................................5 REQUIREMENTS:........................................................................................................................................................................6 ACCEPTANCE CRITERIA:PROJECT ESTIMATED EFFORT/COST/DURATION .............................................6 ESTIMATED COST: .......................................................................................................................................................................7 ESTIMATED EFFORT HOURS: ....................................................................................................................................................7 ESTIMATED DURATION: ..............................................................................................................................................................7 PROJECT ASSUMPTIONS ......................................................................................................................................................8 PROJECT RISKS .........................................................................................................................................................................8 PROJECT CONSTRAINTS.......................................................................................................................................................8 PROJECT DEPENDENCIES....................................................................................................................................................8 PROJECT APPROACH .............................................................................................................................................................8 PROJECT ORGANIZATION………………………………………………………………………………………...8 COMMUNICATION PLAN:………………………………………………………………………………………….8 PROJECT GUIDELINES:..........................................................................................................................................................9 PROJECT APPROVALS ...........................................................................................................................................................9 Risk Management Plan……………………………………………………………………10-13 Quality Management Plan………………………………………………………………...14-16 Change Management Plan………………………………………………………………..17-21 Work Breakdown Structure………………………………………………………………22-26 Nature's Best Active Directory…………………………………………………………..27-28 Project Gantt chart………………………………………………………………………...29-35 Budget & Billed Material Costs…………………………………………….................................37- 41 Retail Store's Network Schematic……………………………………………………………………………..42-44 Corporate Headquarters Network Schematic………………………………………………………………..45-46
3 Security Policy Workstations & Domains……………………………………………………………………..46-53 Server Security Policy…………………………………………………………………………………………..54-60 Disaster and Recovery Policy………………………………………………………………………………….61-67 Client Configuration……………………………………………………………………………………………..68-69 Test Plan…………………………………………………………………………………………………………70-71 Back up Policy…………………………………………………………………………………………………..72-75 System Lockdown………………………………………………………………………………………………76-79 Computer Training Policy………………………………………………………………………………………80-82 Mobile Computer Policy………………………………………………………………………………………..83-88 Hardware Description………………………………………………………………………………………….88-100 Software Description…………………………………………………………………………………………101-104 Conclusion………………………………………………………………………………………………………….105
4 Project Description Our purpose is to provide high quality network and hardware solutions for Nature’s best. First thing we will do is provide a budget plan for the labor and materials for the project. Next we will be setting up the hardware and software in the main headquarters which will include the cabling, workstations, servers and the call center. We will then move onto the four branches,each branch will be set up the same way with a file/print server,two high speed network printers/copiers/scanners, fax machine, voice messaging and ten workstations. The design should ensure sufficient system capability and capacity to provide a centralized solution and provide a proportionate network infrastructure which will provide a data storage solution for the branch offices. All client information and services will be hosted at the Brea office central headquarters. Project Objectives Network Guardians objective is to provide state of the art IT Equipment and solutions to our clients to ensure a cost effective network infrastructure and meet the requested timeline of the engineered design for the company. Also help meet the company expectation for expansion. Each retail store personnel will have one administrator, two to four cashiers and four to five stockers. While the headquarters will house a president, officers, receptionist, IT department and 75 warehouseman and the call center will have 20 agents and one to two supervisors. We will implement hosting for data communications and data storage within the Brea Headquarters with consideration for growth expectations within each retail outlet. This project will meet the following objectives:  Improved Network Capability  Improved Network Infrastructure for High Speed/low bottleneck chances  Backup & Recovery Plan/ Business Continuity plan  All hardware and software will adhere to laws, regulations and codes  Implement Voice-to-Pick System for improved picking rate and speed.  Implement (WMS) software to improve overall Warehouse Performance & Productivity  Design for Growth Expectation Project Scope The scope of this project includes and excludes the following items: In Scope:  Implement a Security, Disaster Recovery, and Risk Analysis compliant by the PCI-DSS. Setup network infrastructure and connectivity for each retail store. Provide off-site storage solution for backups and easy data access back to the retail branches.
5  Modernize IT Hardware & Software.  Ensure sufficient system capability and capacity for all 4 retail locations to provide centralized solution for data storage and management.  Training of current IT staff to maintain the newly implement network  Implement call center in the Brea California Headquarters. Out of Scope:  Design of new conveyer belt  Removal of obsolete equipment & Software  Responsibility of Physical security of Headquarters and (4) retail store buildings Major Deliverables Produced:  Finalize Charter with approval  Finalize Network Layout with approval  Complete testing of Hardware & Software with no failures  Finalize implementation of the Network Infrastructure & Go live Stakeholders: The impact of this project on other organizations needs to be determined to ensure that the right people and functional areas are involved and communication is directed appropriately. Stakeholder How Are They Affected, or How Are They Participating? Internet Service Providers Ensure there is enough Bandwidth to accommodate the network Network System Administrator Over sees the network services and maintenance is working properly. IT Department Responsible for monitoring the network infrastructure.
6 Employees Will be using the workstations to process orders and use the Network services. Supervisors Oversees function of the Warehouse are met and supervise employment Truck Drivers Responsible for shipping orders to retail stores in a timely manner Call agents Responsible for Customer service inquiries Food Manufactures Manufacturer of food products to the Company Back Haul Contractors Provides backhaul loads for Truck Drivers Requirements:  Access for employees and faculty personnel to network services.  Implement fully functional servers that host banking software that track clients, demographics, accounts, and statement information that also hosts business management applications for accounting, HR,and other asset- management tools and also provide necessary network services for Active Directory, DNS, and DHCP,and online ordering.  VoIP Phone service (Cisco)  Voice messaging with forwarding services  Network devices for LAN and Wan connection (router, firewall, switch etc.)  Portable scanning devices to update shelf/stock inventory  Implement 10 workstations at each retail store.  Design for expansion Acceptance Criteria:  Requirement will be first drafted and viewed by Senior IT management that all requirements are met for Nature’s Best Corporation to implement the network infrastructure.  Once approved by Senior IT network Administrator that all requirements are met we will escalate to the Owner(s) of Nature Best for final approval.
7 Project Estimated Effort/Cost/Duration Estimated Cost: $587,474.75 Estimated EffortHours: 2500 Hours Estimated Duration: 3 Months and 12 days Milestone Projected Completion Date Deliverable(s) Completed Project Planning 12/17/14  Project Charter  Schedule WBS Dictionary, WBS Diagram 1/7/15  Provide work WBS  WBS Tree Structure Budget Bill 1/14/15  Estimated Cost Hardware/Software/Labor Quality & Change Plans 1/21/15  Create Quality & Change Plans Risk Management Plan 1/28/15  Create Risk Management Design Network Infrastructure 1/28/15  Blueprint of Network Final review of approval by Nature’s Best President 2/1/15  Approval to implement Network Design Start work cabling of buildings 2/15/15  Interior wall cabling of Cat6 Servers installed and tested 2/20/15  Installed servers and working with no failures Workstations installed and tested 3/1/15  Printers, workstations, and stations working properly and on appropriate network segments Hand over system to client/Go Live 3/5/15  Train IT on the system/Go Live
8 Project Assumptions Certain assumptions and premises need to be made to identify and estimate the required tasks and timing for the project. Based on the current knowledge today, the project assumptions are listed below. If an assumption is invalidated at a later date, then the activities and estimates in the project plan should be adjusted accordingly.  Initial configuration and updates may cause a delay  Delays due to initial hardware/software upgrades  Assuming that we will be doing this when the company is down for implementation stage Project Risks Project risks are characteristics, circumstances, or features of the project environment that may have an adverse effect on the project or the quality of its deliverables. Known risks identified with this project have been included below. A plan will be put into place to minimize or eliminate the impact of each risk to the project. The specifics of each risk area are outlined in the Risk Management Plan. Risk Area Level (H/M/L) Risk Plan 1. Communications Breakdown M Make sure everyone knows and understands their duties. 2. Over Budget of project L Stay cost efficient for the project 3. Hacked H Secure networks and firewalls 4. Employee turnover (Project Member) M Have confidence in yourself and other members in your project. 5. Parts on Back order M Inform client, Review timelines, Change documentation 6. Employees getting sick L Reshuffle work schedule with employees to complete the task. 7. Natural Disaster M Evaluate the situation / Brainstorm a solution Project Constraints The project manager should be aware of constraints because they refer to limitations that the project must execute within.  Budget  Date Deadlines  Server Room Access  Hardware/Software Limitations  Time
9 Project Dependencies Project Date Due Deliverable Dependency Budget 2/1/15 Approval for Budget from Nature’s Best Company Owner(s) Meet Project Deadline 3/4/15 Meet Deadline to ensure company needs are met. Project Approach  Initiation  Planning  Installation  Implement Hardware  Implement Software  Testing Hardware/Software  Finalize  Go Live Project Organization An appropriate project organization structure is essential to achieve success. The following list depicts the proposed organization: Project Sponsor: Mr. Hale Project Manager: Joseph C. Douglas (Financial Advisor) Project Member: Charles Spencer (IT Technician, Technical Advisor) Project Member: Randolph Gallegos (Head IT Technician, Technical Writer) Project Member: N/A Communication Plan:  Have meetings on project progress once a week  Progress meetings outside of class,LRC optional meeting location  Communicate via email, in-class, phone  Share files via flash drives Team Contact Information Joseph C Douglas jd@gmail.com Randolph Gallegos Randy@gmail.com Charles Spencer Spencer@gmail.com
10 Project Guidelines:  Complete all tasks with Quality  Complete all task on time  Communication on all levels Project Approval ______________________________________ ___________________ Project Sponsor — [insert name] Date ______________________________________ ___________________ Project Manager – [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date
11 By Charles Spencer
12 Table of Contents Purpose and Scope 2 Risk Plan Objectives 2 Deliverables Produced 2 Deliverables 1 2 Deliverables 2 2 Deliverables 3 2 Project Risks 3 Risk 1 3 Risk 2 3 Risk 3 3 Disaster Recovery Plan 3 Types of Teams 3 In Event of a Disaster 3 Recovery Scenarios 3 Recovery Activities 3
13 Purpose and Scope The purpose of this is to address multiple areas of concern from the User Domain and the Work Station Domain to Disaster Recovery. To identify the risks we look at the User Domain. The risks here are a User opens an email with a virus and it affects the system or maybe he tries to mess with certain areas of the network where he has no knowledge. To mitigate and prevent this employee’s should only be able to open work related emails from a work email, meaning no personal email access. Risk Plan Objectives Objective 1: Describe what Unisys Stealth can do for the company Objective 2: Show our concern with risks to your systemand Mitigate or Prevent Objective 3: Give a sound Disaster Recovery Plan for the Company Deliverables Produced Deliverables 1: For the security side, I would like to introduce Unisys Stealth. This is a company and a program that when active it hides your network from any and all outside access. It also has a Disaster Recovery option where all your information is stored in a cloud like server and in the event of a Disaster that causes or destroys any of your building, you can quickly set up that buildings information in a new area anywhere you need to or are able to Deliverables 2: Mitigation or Prevention of all most all risks to the User and Work station Domains. Deliverables 3: A sound Disaster Recovery Plan and The ability to relocate when needed
14 Project Risks Risk 1: Risks to the User Domain can cause problems with the network and/or allow hackers to get into your systems and cause damage or steal information. A user opens an email from yahoo or Gmail and that email has a virus attach to it. An out of date virus scanner may not detect threat and it infects your system. I offer Unisys Stealth and Bit defender. Unisys protects your system from outside threats and creates a sound disaster recovery plan and Bit defender will scan all outside and inside emails for virus and erase them before infection Risk 2: Work Station Domain’s software has to remain up to date at all times. In today’s world only an up to date virus scanner can detect virus and prevent them from getting into your system. Bit Defender is a good prevention tool to use for your work stations and will stop if not prevent access of worms or virus’s Risk 3: Disaster Recovery will help the company when something unexpected happens and no time was given. Unisys Stealth steps in and helps with the recovery by giving you the ability to relocate your building anywhere that’s safe or even further. Disaster Recovery Plan Types of Teams: IT Admin and Unisys Stealth Hardware In Event of a Disaster: IT Admin from another area will log into the Unisys information and within that day have relocated the company buildings information into a new area Recovery Scenarios: Minor Damage Scenario – In case of minor damage, such as fired cables or damage to hardware Action Plan – Replace Damage component Major Damage Scenario – For Major damage such as fire to the server room or a breach in the system Action Plan – Unisys Covers any major damage scenario with back up to the cloud and the ability relocate that information to anywhere else within that day, this type is covered Recovery Activities: IT Admin logs into the Unisys Stealth and recovers the information and relocates it to where ever else they may need
15 By Joseph C Douglas
16 Purpose and Scope The purpose of the plan is to set forth a coordinated approach to addressing the quality assessment and process improvement within the project scopes and goals for Nature’s Best New Network Infrastructure. The scope is to ensure quality Hardware & Software along with testing of proper implementation of the product. Quality Plan Objectives  All hardware and software will adhere to laws, regulations and codes.  Monitoring the quality work of the project.  Staying committed to the Quality Assurance of the project.  Develop an effective plan and processes, including quality assurance and quality control procedures, to achieve objectives. Deliverables Produced  To implement at each retail store One file/print server Two high-speed network printers/copiers/scanners Fax machine Voice messaging with forwarding services Ten workstations at each location Network devices that support the LAN and WAN connection—router, firewall, switch and Cisco VoIP phone service.  The corporate headquarters will have an application server hosting banking software installed to track all clients, demographics, accounts, and statement information A separate server that hosts business management applications, such as accounting, HR, and other asset-management tools A separate server that provides necessary network services, such as Active Directory, DNS, and DHCP A Web server(s) for online ordering network connection—router, firewall, switch Email service provided by an external provider and accessible via email client software and/or Web access One file/print server. Three network printers/copiers/scanners Cisco VoIP phone service. Identify Metrics:  Define test and quality objectives for the project.  Monitor progress towards the goals that are set.  Will monitor time spent on fixing error and defects during user acceptance tests, defects found in production after implementation.
17 Test Checklist:  Perform independent technical review, management oversight, and verification to ensure that quality objectives are met.  Check performance and Customer Quality Objectives performance measures thresholds to verify that performance will accomplish Quality Objectives and to verify sufficiency of the plan. Share findings with all project stakeholders to facilitate continuous improvement. Results:  Improved Network Capabilities.  Improved Network Infrastructure for High Speed/low bottleneck chances.  Overall Quality Assurance and Objectives met.
18 By Joseph C Douglas
19 Purpose The purpose of the change management plan is to communicate any changes that need to occur during the entire project. This plan will show how Network Guardians will ensure for a seamless and beneficial change. The Goals of Network Guardians plan is: 1. The project is changed to fit the scope of the project. 2. To make sure that changes are followed approved, documented and implemented. 3. To ensure the change is necessary and reasonable. 4. Changes are communicated to all parties. Responsibilities for the change management plan: 1. Network Guardians is responsible to generate the change management plan. 2. The change management plan will be implemented into the project plan. 3. Make sure that there is enough founding for the change and obtain approval to implement the change. 4. Network Guardians is responsible for the completion of the change management plan in the time estimated. 5. The change management plans will be approved by Nature’s best and communication of the implementation of the plan.
20 Change management Frame The project manager Joseph Douglas will have the responsibility of allocating the execution of the change management plan. Joseph will also be the one who is in charge of the communication of the plan and will be in charge of making sure the change management plan will stay on course as according to the scope of the project. These steps will take place in order to complete the task: 1. Recognize the change needed to be made and log the request for change. 2. Assess the change, inspect the change to the project plan, and allocate the work needed to be done and the estimated time of the change to the project plan. 3. Ascertain the risk of the change and how the impact is going to change the project plan. 4. Collect the change approval from Nature’s best. This will consist of possibly negotiations of the plan in parts, scheduling and communicate all changes to all parties. 5. Implement the change into the project plan. Will stay on site throughout the project to make sure that the team stay’s within the scope of the new changed plan.
21 Change Management Scope The scope to the change management will be followed to manage the project scope. The details of change management, allocates responsibilities and will tell the team what needs to be done, tools possibly needed, equipment possibly needed, and the documentation of all parts to the change including the schedule. In short, the processes for this change management scope are: 1. Communicate with stakeholders about changes needed and document the wants needs and constraints of the stakeholders. 2. Change the needs into high-priority requirements to equipment; make sure that the new high-priority requirements to gain a better network. 3. Check with stakeholders when the change has been identified. 4. Verify the change is the change has been made and communicate that with the stakeholders throughout the different parts of the project. Make sure that the end product matches the scope of the plan and meets up to code. 5. Follow the process of the change management plan to manage modification’s and additions to the plan, will stay on schedule
22 Schedule Change Plan In the documentation of the change management plan, the changes that need to be made to the plan that might change plan’s schedule will be specified. Cost management of the change plan The cost for the change management plan will be specified in the documentation of the plan. The change cost will be specified, and what conditions need to be made will also be specified. If the projected cost of the change doesn’t meet the needs for the project plan negotiations will be documented.
23 By Joseph C Douglas
24 1.0 Nature’s Best Project 1.1 Initiation 1.2 Recommendations 1.3 Develop Charter 1.4 Submit Charter 1.5 Sponsor Reviews Charter 1.6 Charter Signed/Approved 2.0 Planning 2.1 Create Scope Statement 2.2 Determine Project Team 2.3 Team Plan Meeting 2.4 Implement Project Plan 2.5 Submit Project Plan 2.6 Project Plan Approval 3.0 Installation 3.1 Installation Planning 3.2 Installation Development System 3.3 Installation of live system 3.4 Test all installation 4.0 Hardware 4.1 Hardware Requirements 4.2 Hardware Testing 4.3 Validate User Requirements 4.4 User Training 5.0 Software 5.1 Software Requirements 5.2 Software Testing 5.3 User Training 6.0 Project Management 6.1 Planning 6.2 Budget 6.3 Meetings 6.4 Risk Management 6.5 Update Project Management Plan 7.0 Finalize 7.1 Update files/Records 7.2 Document Lessons learned 7.3 Audit Procurement
25 7.4 Gain Formal Acceptance Dictionary Level WBS Code WBS Code Definitions 1 1.0 Nature’s Best Project Plan and Design a Network Foundation for Nature’s Best Headquarters. 2 1.1 Initiation The work to Initiate the Project. 3 1.2 Recommendations Working Group to make a solution and Recommendations for the project. 3 1.3 Develop Charter Project Manager Implements a Project Charter. 3 1.4 Submit Charter Project charter is given to the sponsor. 3 1.5 Sponsor Reviews Charter Project Sponsor Evaluates the charter. 3 1.6 Charter signed & approved Project Sponsor signs the charter to forward authorization for the planning process. 2 2.0 Planning The work for the planning process of the project. 3 2.1 Create Scope Statement Project Manager to create a scope statement. 3 2.2 Determine Project Team Project Manager Determines the team and resources needed for the project. 3 2.3 Team Plan Meeting Meeting for the Project plan with members working on the project. 3 2.4 Implement Project Plan Project Manager directs and team develops the project plan. 3 2.5 Submit Project Plan Project plan gets submitted for approval by the Project Manager. 3 2.6 Project Plan Approval Plan is approved and Project Manager can proceed to implement the project plan. 2 3.0 Installation Installation for Modern IT Hardware and Software 3 3.1 Installation Planning Plan start date and end date of installation 3 3.2 Installation Development System Installation of development system for testing and customizing of user interfaces. 3 3.3 Installation of Live System Actual systemis installed and configured 3 3.4 Test all Installation Tests done to ensure proper functions of installation 2 4.0 Hardware Computer, Printers, cabling, phones, computer hardware for project.
26 3 4.1 Hardware Requirements Required hardware for project according to budget and topology used. 3 4.2 Hardware Testing Tests done for quality of installation. 3 4.3 Validate User Requirements Original user requirements are reviewed and validated with the users. 3 4.4 Users Training All users will receive training class on new hardware. 2 5.0 Software Programs and applications for the computers, workstations etc. 3 5.1 Software Requirements Required software for project according to budget and topology used. 3 5.2 Software Testing Test done for quality of installation. 3 5.3 User Training All users will receive training on new software. 2 6.0 Project Management Overall Management of the project. 3 6.1 Planning Overall Plan to implement the project. 3 6.2 Budget Maintain a cost efficient budget for the bid. 3 6.3 Meetings Manager and project members group to discuss project issues and goals for success. 3 6.4 Risk Management Risk management efforts to avoid any unacceptable risks or failures. 3 6.5 Update Project Management Updates on the project as it progress. 2 7.0 Finalize The work to finish the project. 3 7.1 Update files & Records Files and records are update to reflect the Nature’s best network infrastructure and design. 3 7.2 Document Lessons learned Manager and project members document lesson learned for throughout the project. 3 7.3 Audit Procurement Audit for all hardware and software procured for the project, to be sure that all procured products is accounted for in the project. 3 7.4 Gain Formal Acceptance Project Sponsor accepts and signs the acceptance document included in the project plan.
27 Nature’s Best Project 1.0 Initiation 1.1 Planning 2.0 Installation 3.0 Finalize 7.0 Project Management 6.0 Software 5.0 Hardware 4.0 Hardware Requirements 4.1 Recommendations 1.2 Develop Charter 1.3 Submit Charter 1.4 Sponsor Reviews Charter 1.5 Charter signed/ approved 1.6 Nam e Title Create Scope Statement 2.1 Determine Project Team 2.2 Team Plan Meeting 2.3 Implement Project Plan 2.4 Submit Project Plan 2.5 Project Plan Approval 2.6 Installation Planning 3.1 Installation Development System 3.2 Installation of live System 3.3 Test all Installation 3.4 Hardware Testing 4.2 Validate User Requirements 4.3 User Training 4.4 Software Requirements 5.1 Software Testing 5.2 User Training 5.3 Planning 6.1 Budget 6.2 Meetings 6.3 Risk Management 6.4 Update Project Management Plan 6.5 Update files/ Records 7.1 Document Lessons Learned 7.2 Audit Procurement 7.3 Gain Formal Acceptance 7.4
28 By Joseph C Douglas
29 VPNConnectionVPNConnection Headquarters/NTB.COM Domain Domain OUITDept. OU/HRDept. OU/Accounting.Payroll User User User Computer Computer Computer LABranch/LANTB.COM Domain Group Group Group Group NYBranch/NYNTB.COM Domain Policy Policy Policy SeattleBranchStore/SNTB.COM Domain Contact Contact Contact Authentication Server CertificateTemplate User Computer User Computer User Computer OrlandoBranchStore/ONTB.COM Domain User Computer Domain Sitelinkbridge File/Print Server File/Print Server File/Print Server File/Print Server OU/Employeeusers OU/Employeeusers OU/EmployeeUsers OU/EmployeeUsers OU/CallCenter OrganizationalUnit User Computer Group Nature’sBestActive Directory Policy DNS/DHCP Server Web/Application Server File/Print Server Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Pritner/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Databaseserver
30 VPN ConnectionVPN Connection Headquarters/NTB.COM Domain Domain OU IT Dept. OU/HR Dept. OU/Accounting.Payroll User User User Computer Computer Computer LA Branch/LANTB.COM Domain Group Group Group Group NY Branch/NYNTB.COM Domain Policy Policy Policy Seattle Branch Store/SNTB.COM Domain Contact Contact Contact Authentication Server Certificate Template User Computer User Computer User Computer Orlando Branch Store/ONTB.COM Domain User Computer Domain Site link bridge File/Print Server File/Print Server File/Print Server File/Print Server OU/Employee users OU/Employee users OU/Employee Users OU/Employee Users OU/Call Center Organizational Unit User Computer Group Nature’s Best Active Directory Policy DNS/DHCP Server Web/Application Server File/Print Server Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Pritner/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Database server By Charles Spencer
31 Task Name Duration Start Finish Predecessors Resource Names Project START 56 days? Wed 12/10/14 Wed 2/25/15 WEEK 1 6 days Wed 12/10/14 Wed 12/17/14 Team Meeting 1 day Wed 12/10/14 Wed 12/10/14 Joseph Douglas,Ernest Dalusong,Charles Spencer,Randolph Gallegos Logo 1 day Wed 1/7/15 Wed 1/7/15 Randolph Gallegos Team Roles 1 day Wed 12/10/14 Wed 12/10/14 Ernest Dalusong,Joseph Douglas,Charles Spencer,Randolph Gallegos Analyze Protect 5 days Wed 12/10/14 Tue 12/16/14 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos Assign Tasks 5 days Wed 12/10/14 Tue 12/16/14 Research 5 days? Wed 12/10/14 Tue 12/16/14 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos In/Out Scope 0.25 days Wed 12/17/14 Wed 12/17/14 Equipment Removal 0.25 days Wed 12/17/14 Wed 12/17/14 Charles Spencer,Ernest Dalusong,Joseph Douglas,Randolph Gallegos New Conveyer 0.25 days Wed 12/17/14 Wed 12/17/14 Charles Spencer,Ernest Dalusong,Joseph Douglas,Randolph Gallegos WEEK 2 6 days Wed 12/17/14 Wed 12/24/14 Netw orkTopology Discussion 3 days Wed 12/17/14 Fri 12/19/14 Joseph Douglas,Ernest Dalusong Project Charter Develirables 3 days Wed 12/17/14 Fri 12/19/14 Joseph Douglas Cost Analysis- Hardware 3 days Wed 12/17/14 Fri 12/19/14 Randolph Gallegos Cost Analysis- Software 3 days Wed 12/17/14 Fri 12/19/14 Ernest Dalusong Unysis Stealth Security 3 days Wed 12/17/14 Fri 12/19/14 Charles Spencer Design Phase 3 days Wed 12/17/14 Fri 12/19/14 Retail Outlets 3 days Wed 12/17/14 Fri 12/19/14 BackHauling Freight 3 days Wed 12/17/14 Fri 12/19/14 Handheld Scanners 3 days Wed 12/17/14 Fri 12/19/14
32 WEEK 3 6 days Wed 1/7/15 Wed 1/14/15 Journal 1 day Wed 1/7/15 Wed 1/7/15 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos WBS and WBS Dictionary 1 day? Wed 1/7/15 Wed 1/7/15 JosephDouglas Project Management Plan 1 day? Wed 1/7/15 Wed 1/7/15 Design a Product Charter 1 day? Wed 1/7/15 Wed 1/7/15 Identify Scope 1 day? Wed 1/7/15 Wed 1/7/15 Preliminary Schedule 1 day? Wed 1/7/15 Wed 1/7/15 Ernest Dalusong WEEK 4 5 days Wed 1/14/15 Tue 1/20/15 Team Journal 1 day? Wed 1/14/15 Wed 1/14/15 Journal 1 day? Wed 1/14/15 Wed 1/14/15 Hardw are / Software Documentation 1 day Wed 1/14/15 Wed 1/14/15 Budget 1 day? Wed 1/14/15 Wed 1/14/15 Research on Retail, Warehouse, Transportation problems 1 day? Wed 1/14/15 Wed 1/14/15 WEEK 5 6 days Wed 1/21/15 Wed 1/28/15 Team Journal 1 day Wed 1/21/15 Wed 1/21/15 Journal 1 day Wed 1/21/15 Wed 1/21/15 Change Management Plan 1 day Wed 1/21/15 Wed 1/21/15 Quality Plan 1 day Wed 1/21/15 Wed 1/21/15 WEEK 6 6 days Wed 1/28/15 Wed 2/4/15 29 Team Journal 1 day? Wed 1/28/15 Wed 1/28/15 Journal 1 day? Wed 1/28/15 Wed 1/28/15 50% Pow er Point 5 days? Wed 1/28/15 Tue 2/3/15 Netw orkInfrastucture Configuration Draft 5 days? Wed 1/28/15 Tue 2/3/15 Active Directory Draft 5 days? Wed 1/28/15 Tue 2/3/15 Risk Management Plan 5 days? Wed 1/28/15 Tue 2/3/15 Netw orkSchematic Draft 5 days? Wed 1/28/15 Tue 2/3/15 Server Configuration Draft 5 days? Wed 1/28/15 Tue 2/3/15 WEEK 7 5 days? Wed 2/4/15 Tue 2/10/15 35 Team Journal 5 days? Wed 2/4/15 Tue 2/17/15 Journal 5 days? Wed 2/4/15 Tue 2/17/15 Researchs on Firew alls 5 days? Wed 2/4/15 Tue 2/10/15 Week 8 5 days? Wed 2/11/15 Tue 2/17/15 49 Team Journal 5 days? Wed 2/11/15 Tue 2/17/15 Journal 1 day? Wed 2/11/15 Wed 2/11/15 Client Configuration Draft 1 day? Wed 2/11/15 Wed 2/11/15 Week 9 1 day? Wed 2/18/15 Wed 2/18/15 Team Journal 1 day? Wed 2/18/15 Wed 2/18/15 Journal 1 day? Wed 2/18/15 Wed 2/18/15 Week 10 1 day? Wed 2/25/15 Wed 2/25/15 Team Journal 1 day? Wed 2/25/15 Wed 2/25/15 Journal 1 day? Wed 2/25/15 Wed 2/25/15 Server Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 Client Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 95% Presentation 1 day? Wed 2/25/15 Wed 2/25/15 Netw orkInfrastructure Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 Active Directory Final 1 day? Wed 2/25/15 Wed 2/25/15 Implementation Demo 1 day? Wed 2/25/15 Wed 2/25/15 Netw orkSchematic Final 1 day? Wed 2/25/15 Wed 2/25/15
33
34
35
36
37 By Joseph C Douglas & Randolph Gallegos
38 Hardware Cost Servers Quantity Individual Cost Sales Tax8.25% Total QCost Barracuda840LoadBalancerADC 1 $64,407.99 $69,721.65 $69,721.65 Nfina328i4DualProccessor300series 5 $3,907.25 $4,229.60 $21,148 Nfina528i4DualProccessor500series 2 $3,367.10 $3,644.88 $7,289.77 WebserverPoweredgeT630 1 $1,609.00 $1,741.74 $1,741.74 Printer/Scanners/Copiers HPLaserJetEnterprise700M775fCC523A 11 $5,449.99 $5,899.61 $64,895.75 Workstations HPZ230WorkstationPC 40 $849.99 $920.11 $36,804.56 Portable Scanning Devices Intermec1552Sabre 24 $695.00 $752.33 $18,055.22 Network Devices CiscoASR1002-Router 5 $22,074.99 $23.896.17 $119,480.85 CiscoSmall Business SG200-26PManagedPoE Switch 4 $425.99 $461.13 $1,845.20 TrippLiteB096-01616-PortSerialConsoleServerManagementSwitch 1 $1,663.99 $1,801.26 $1,801.26 VoIPPhone Service VoIP3CXPhoneSystem(3CXPS16)Server 5 $1,395.00 $1,510.08 $7,550.40 Aastra67531IPPhone 40 $148.55 $160.80 $6,432 Total $356,766.40
39 Software Cost NexoroneBankingSoftware 1 $12,500.00 13,531 $13,531 AdobeAcrobat 40 $299.99 $325 $13,000 WindowsOS8.1Pro 40 $132.99 $143.96 $5,758.40 BitDefenderAntiVirus Plus 2015 40 $89.95 $97.37 $3,894.80 MicrosoftOffice365Personnel 40 $69.99 $75.76 $3,030.40 VueScanPortalableScanningSoftware 24 $39.95 $43.24 $1,123.37 Total $40,337.97 Miscellaneous Hardware Cost UTouchPOSRegisters 16 $1,039.72 $1,133.21 $18,131.36 Cat6cablingboxes1000ft 15 $119.99 $129.89 $1,948.35 Off-SiteDatabackupserviceBarracudaBackup390 Monthly $150.00 $1,800 $1,800 SmartRack4postopenframerack 5 $288.95 $312.79 $1,563.95 RJ-45Cat6ModularPlugs(2perbox) 100 $1.20 $1.30 $1,300 J-Hooksw/HOK-24Clip(100pcsperbox) 2boxes $256.04 $277.16 $554.32 48portpatchpanel 4 $54.99 $59.52 $238.08 96portpatchpanel 1 $119.99 $129.89 $129.89 TrippLiteWallMount 2postopenframerackmount 1 $114.95 $124.43 $124.43 Total $25,790.38
40 Labor&Testing Cost Labor&Implementationfees 500/hrs $150.00P/H $75,000 Hardware&SoftwareTestingfees 500/hrs 100.00P/H $50,000 ITMaintenancefees 300/hr $100.00P/H $30,000 TrainingforITStaff 70/hrs $75.00 P/H $5,250 Total $160,250 LicensingCost AcademicOPEN1Microsoftoffice1licensing 40 $59.99 $64.94 $2,598 MicrosoftSinglesoftwareAssurance1licensing 40 $40.00 $43.30 $1,732 Total $4,330 ProjectTotalCost GrandTotal $587,474.75
41 Retail store’s Network Schematic By Joseph Douglas
42 INTERNET Nfina 328i4 File/Print Server Cisco ASR-1002 Router Cisco SG200-26P SwitchFirewall HP LaserJet Printer/copier/scanner 10x HP Z230 Workstation PC/ Retail Stores 10x Aastra 67531 VoIP Phone PBX Nature’s Best Headquarters Touch Screen Cash Register Touch Screen Cash Register HP LaserJet Printer/copier/scanner Class B IP Range 172.16.0.1- 172.16.0.30/27 Subnet Mask 255.255.255.224 Broadcast Address 172.16.0.31 Subnet ID 172.16.0.0 Retail Store’s Network Schematic Vlan Switch
43 LA Branch Class B Address Subnet: 172.16.0.0 IP: 172.16.0.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 NY Branch Class B Address Subnet: 172.16.1.0 IP: 172.16.1.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 Seattle Branch Class B Address Subnet: 172.16.2.0 IP: 172.16.2.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 Orlando Branch Class B Address Subnet: 172.16.3.0 IP: 172.16.3.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30
44 Corporate Headquarters Network Schematic By Joseph Douglas
45 INTERNET Tripplite B096-16 CONSOLE Server Management Switch Email/Web Server File/Print Server Application/Database Server DNS/DHCP/Directory Server Barracuda 840 Load Balancer ADC HP LaserJet Enterprise Printer/copier/scanner HP LaserJet Enterprise Printer/copier/scanner HP LaserJet Enterprise Printer/copier/scanner Firewall Cisco ASR 1002 Router Aastra 67531 VoIP Phone Corporate Headquarters Network Schematic LA,NY,Sea,Orl Branch’s HP Z230 Workstations PBX Class C IP Range 192.168.0.1- 192.168.0.254/24 Subnet Mask 255.255.255.0 Broadcast Address 192.168.0.255 Subnet ID 192.168.0.0 Vlan Switch
46 Natures Best Security Policy Workstations & User Domain By Joseph C Douglas
47 Purpose: The purpose of these policies is to provide an up to date corporate security plan for the User and Workstation Domains at all of Nature’s best branch offices. Scope: This policy will apply to all Nature’s Best employees who have access to their Workstations and User Domain. It will ensure confidentiality, integrity and availability of sensitive information, including protected and personal information is restricted to authorized users only.
48 Common Vulnerabilities o Lack of awareness or concern for security policy o Intentional malicious activity o Violation of security policy o Unauthorized user access o Weakness in installed software o Malicious software introduced o Social engineering Threat Targets of the User and Workstation Domains o PC’S o Smartphones o Personal Digital Assistants (PDAs) o Application Software (productivity, Web browsing) o Administrative workstations o Servers, network and operating-system software o Departmental workstations
49 User Domain & Workstation Policy o Implement an acceptable security policy. o Apply awareness training on the policies. o Establish unique logon credentials for users that require a strong password. o Grant only user privileges to that users required tasks. o Enable password protection for workstations o Conduct a second-level test to verify a user’s access. o Automatic antivirus scans for inserted CDs, DVDs, and USB drives that have files at all workstations. o Content filtering and scanning for virus at internet entry and exit points. o Have workstation domain vulnerability tests to find gaps
50 Continued…. o Minimize write/delete permissions to the data owner only. o Disable internal CD drives and USB ports. o Enable automatic antivirus scans for media drives, files and e- mail attachments. o Enable content filtering for antivirus scanning of email attachments. o Track and monitor abnormal employee behavior. o Updates on application software and security patches. o Antivirus and malicious scans that update workstations with proper protection. o Enable workstations auto-scans for all new files and automatic file quarantine for unknown files.
51 VoIP & SIP Security policy and administration. o Before dial tone users must prove their identity. o Only minimum functions and features will be used on all IP phones with specific phone extensions. o PIN numbers or Password will be required before granting dial tone of IP phones. o Long distances calls will require a valid code or permission from It Management. o Encryption (VPN,SSH,HTTPS etc.) will be used for remote access and management to call servers and VoIP o Call- Detail recordings for periodic auditing of users extensions, inbound or outbound dialing, and toll calls.
52 Miscellaneous o All N.B.-owned workstations, whether on the N.B. domain or not, must have a centrally-managed N.B. administrative group required for the Information Security Function. o Wireless connections are only to be used on approved portable devices if wireless access is used on a mobile device, then the device must connect to an approved wireless access point. o The use of insecure protocols such as FTP and Telnet are prohibited o All server rooms, electrical closets, and locations where any network equipment such as routers, switches, firewalls or servers are housed will be secured and locked at all times. o All workstations should have an established, documented, and consistently-used backup plan.
53 Enforcement of Policy Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
54 Nature’s Best Server Security Policy
55 Server Security Policy 1.0 Premise: Every server administrator must take reasonable security measures to secure their hosts as outlined by this policy. Computer security is not something that is done once a year, once a month, or even once a day. It is the frame of mind that there are real threats and that part of the job includes keeping users, data and transactions safe from these threats. 2.0 Purpose: This policy is for all computer system administrators managing a computer server connected to a network. The following policies define common sense security practices expected of all computer server administrators and users. 3.0 Scope: This policy addresses any server connected to a network providing any type of service to other users. 4.0 Ownership and responsibilities: A server administrator, upon connecting their server to a network, is responsible for the security of that device in accordance with IT guidelines. Note: An administrator is held accountable when a compromise occurs. It is also expected that the administrator will demonstrate reasonable precautions to ensure the security of their hosts. 5.0 Server Policy: As follows.
56 5.1 Location: Servers should be placed in physically secured areas accessible only to authorized personnel. There is no substitute for physical security. Each Server room will be located next to each lab and contains the IT essentials for each lab including, servers, racks, cabling and cabinets. Server rooms should have limited access • The door will be equipped with a key card system and qualified personnel will have to swipe their card to enter • If you card is lost/stolen please call our IT support immediately and they will deactivate your card • A new card will be overnighted to you immediately • If you need the uses of a card today, IT director will have a spare key card on hand for emergencies 5.2 Services Supported: Administrators should run only services on a server that are needed for it to complete its designed task. Every service running should be regarded as a mode of entry. The number of entry points should be limited to only those needed. Note: The chance that a computer will be compromised is increased with the number of services being run. Therefore, it is expected that every administrator knows exactly what and why services are running. 5.3 Security Updates: The latest system patches should be applied regularly. Note: Security related patches for systems often mean that there has been a successful exploit of a particular vulnerability. The vulnerability of a system is directly proportional to the age of the patches. The longer one waits before applying a patch, the more likely it is that it will be successfully exploited. It is not uncommon to have a three-month-old vulnerability incorporated into an automated tool that thousands of hackers use. Patching a system is something that should be done on a regular schedule and immediately if a threat has been reported. At some point, if patches are not applied in a timely manner, the server could be disconnected from the network until vulnerabilities have been addressed.
57 5.4 Virus Protection: It is expected that administrators regularly scan all servers with updated virus detection software. 5.5 Log-on Limits: Administrators should limit log-on retries. Note: Password guessing applications have a greater probability of cracking a password if given ample opportunity. For most situations, Information Technology Services recommends account lockout after three failed log-on attempts. 5.6 Account Reviews: Accounts must be regularly reviewed for inactivity, and any dormant accounts disabled. Note: Old accounts should be terminated regularly. When students, faculty, and VIP personnel leave the school, administrators should have a clear deadline for account termination. Dormant (unused for more than 60 days) accounts make attractive targets to intruders, since no one will likely notice the activity. 5.7 Local Accounts: Whenever possible, accounts should be located on and authenticated against a Kerberos, NTLM, LDAP or Active Directory based infrastructure. Administrators should only use local accounts when absolutely necessary. Note: In most cases, local accounts are not scrutinized as closely as directory based accounts and thus more susceptible to attack by automated tools. 5.8 Privileged Accounts: Special care should be taken with privileged accounts (including but not limited to "root" for UNIX and "administrator" for NT), commensurate with the privileges afforded the account. Passwords for privileged accounts should be given only to people with a need for privileged access. For NT Servers, the "administrator" account should be renamed.
58 Note: Failing to change the name of the account gives would-be intruders half the equation to compromising the server. All privileged server accounts should be password protected. 5.9 Password Protection: All accounts must conform to the Password Policy. 5.10 Service Banners: Wherever feasible, a log-on banner, stating that the system is for authorized use only, should be displayed for anyone attempting to connect to the system. Note: If possible, log-on restrictions (by time of day, by system address, etc.) should be implemented. All operating system, version/release numbers, and vendor information provided in log-on/sign-on banners should be limited or disabled. Providing this information makes attacks easier by allowing intruders to pinpoint hosts with known security vulnerabilities. 5.11 Backups: Information Technology Services encourages server administrators to maintain backups on all servers for 30 days. Note: In the event of a security breach backups are important to track down when changes occurred and which files were modified. Backups are also important to restore a server to its configuration before the intrusion occurred (i.e. no code is present which was inserted during the intrusion). 5.12 Server Logs: Logs of user activity must be retained for a period of time. Note: IT recommends that these logs be kept for at least six months. Logs should include (where feasible) the time and date of activities, the user ID, commands (and command arguments) executed, ID of either the local terminal or remote computer initiating the connection, associated system job or process number, and error conditions (failed/rejected attempts, failures in consistency checks, etc.). Logs should be checked for signs of malicious activity on a regular daily or weekly basis. Knowledge that logs are kept, acts as a deterrent to abuse. Logs are also essential in investigating incidents after the fact. Many attempted break-ins can be detected early, and sometimes prevented by early detection of unusual activity.
59 5.13 Sensitive Information: Nature’s Best of Information Technology Services must be made aware of any server that contains sensitive data. This includes but is not limited to social security number, credit card numbers, grades and other personal data. Note: Extra precaution must be taken with systems containing sensitive data. 5.14 Remote Administration: In order for a vendor or consultant to gain access to a server from off campus, they must be assigned a VPN account. The system administrator is responsible for registering the vendor or consultant before the VPN can be assigned. In addition, that vendor or consultant may be required to sign a non-disclosure agreement before gaining access to a server. Note: Many servers require administration by outside vendors or consultants. In these cases, it is preferred that this outside access be obtained by using a VPN account. The account allows for secure remote access to the server. In the case on Windows servers, Terminal services should be used through the VPN connection to administer the server. UNIX, Linux or Mac servers should use SSH. 6.0 Incident Response: AS Follows. 6.1 Response Procedure: A server administrator must read and understand the Natures Best Incident Response Policy. 1. The server will be analyzed by Information Technology Services and the server administrator to attempt to determine the method by which the server was compromised. 2. If it has been determined that the server was compromised then the server's system volume will be reformatted. The operating system will be reinstalled with the latest security patches. 3. The server must pass a security scan before being reconnected to the network. 6.2 Incident Confidentiality: Information regarding security incidents will be kept confidential by all parties involved. Only authorized personnel may disclose such information. 7.0 Compliance: Natures Best Information of Technology Services reserves the right to scan systems for known vulnerabilities. When vulnerabilities are discovered, it is expected that administrators will immediately act to close all known security vulnerabilities for which there are
60 reasonable methods to close such vulnerabilities. If the administrator is unable to do this in a timely fashion, it is expected that they will remove the server from the network to protect other systems. 8.0 Enforcement: All servers should be registered with Natures Best Information of Technology Services. Note: All server administrators must notify Nature’s Best Information of Technology Services of servers running in their department. This registration will require names and phone numbers of people to call in emergency situations including contact information during class breaks. When security related issues arise and this information is not available, there may be no choice other than to disconnect a server without notice. Natures Best Information of Technology Services must be notified upon discovery of any system breach or suspected system breach. Natures Best Information of Technology Services reserves the right to disconnect any server which poses a threat to a school network. Any server not following the above procedures will be considered unsafe, and as such poses a threat to the Company’s network and other systems.
61 Nature’s Best Disaster and Recovery Policy
62 This document delineates the policies and procedures for an Information Technology Disaster Recovery Plan (referred to as “IT Disaster Recovery Plan”), as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency situation, modifications to this document may be made to ensure physical safety of people, systems, and data. Our mission is to ensure information system operation, data integrity and availability, and business continuity. All IT disaster recovery-planning procedures and recovery solutions should be consistent with and support Local and State security policies. IT Disaster Recovery solutions should offer the same level of security as the normal operating procedure so that sensitive data is not compromised or disclosed. Because IT resources are critical to Nature’s Best success, it is essential that the services provided are able to operate effectively without excessive interruption. The IT Disaster Recovery Planning Guidelines contained in this section support this requirement by establishing a proven and structured approach to developing IT disaster recovery plans and procedures that enable a system to be recovered quickly and effectively following a service disruption or disaster. The purpose of a DRP is to document the recovery strategies and create a road map of predetermined actions that will reduce required decision-making during a disaster and systematically provide a documented recovery path. Although the likelihood of a catastrophic disaster is remote, the devastation and potential loss of the ability to perform services requires that advance planning occur in order to respond in an effective and responsible manner. The recovery strategies developed should provide a means to restore IT components quickly and effectively following a service disruption. IT Disaster Recovery Plans must document backup procedures. Procedures should specify backup frequency based on data criticality and the frequency that new data is introduced. Backups should occur daily (at a minimum). Backup procedures should designate the location of stored data, retrieval procedures, backup test procedures, file-naming conventions, media rotation frequency, method for transporting data off-site, and a description of off-site storage facility.
63 Once backup procedures are documented, they should be tested. This test should include the successful restoration of data. This includes retrieval procedures to obtain off site data. Testing backup procedures will identify missing files, missing applications, and faulty procedures. Testing backup procedures also increases the likelihood of discovering procedural inconsistencies before an emergency, rather than during one. Recovery strategies must consider damage or destruction of IT systems or unavailability of the primary site. Necessary hardware and software will need to be acquired and/or activated quickly at the alternate location. Notification procedures that describe the methods to notify recovery personnel during business and non-business hours should be developed and documented. These procedures should also cover events with and without prior notification. Primary and alternate contacts must be included along with procedures to be followed if an individual cannot be contacted. While this section lists contacts by team position, an emergency contact list that identifies personnel by the team position, name, and contact information (e.g., home, work, cell, pager numbers, e-mail addresses, and home addresses) should be appended to the plan. The type of information to be communicated to those being notified should also be documented in the plan. Recovery activities begin once the plan has been activated and recovery team(s) mobilized. Recovery phase activities focus on disaster recovery measures to execute temporary IT processing capabilities, repair damage to the system, and restore operational capabilities at the original or new facility. Recovery procedures must be documented in sequential format with step- by-step instructions to restore system components in a logical manner consistent with priorities identified in the BIA. The procedures should also indicate who is responsible for taking each action and document any coordination between activities. Because recovery procedures are likely to change frequently, it is recommended that recovery procedures and supporting exhibits be maintained as a separate document. Training and awareness programs are essential to a successful IT disaster recovery program. Personnel with recovery responsibilities should receive training at least annually. New personnel with plan responsibilities should receive training as soon as possible after they are identified. The goal of the training is to educate staff to the extent that they are able to execute their respective
64 recovery procedures without aid of the actual DRP. The following elements should be covered in the training program:  Purpose of plan  Cross-team coordination and communication requirements  Reporting procedures  Security requirements  Team and phase-specific processes (Notification/Activation, Recovery, and Reconstitution)  Individual responsibilities in each phase Plan testing is an essential element of a viable IT disaster recovery capability. The first benefit of testing the DRP is that it provides an opportunity to train personnel to execute the plan. Without practice, the key staff may have no idea what their roles are within the DRP. Secondly, periodic testing is important because it validates the effectiveness of the backup and recovery procedures. One of the key elements of a successful DRP is the ability of the recovery team to locate a current copy of the core data to replicate. If the backup and recovery activities used in the data center are not effective or fail to comply with the requirements of the BIA, a DRP test will very quickly indicate this shortcoming.
65 The third importance of testing is not that the test succeeds without problems, but that you review the test results and problems encountered and use these results to update or revise the current procedures and plans. Many agencies do not have the resources to performing a full recovery with system downtime. A total system test is ideal. If a total system test cannot be performed, individual sections or sub-systems of the DRP may be tested separately in order to confirm the recoverability of the plan as a whole. Thorough testing should include the following:  System recovery on an alternate platform from backup media  Coordination among recovery teams  System performance using alternate equipment  Restoration of normal operations  Notification and activation procedures Test results should be documented, reported to senior management, and kept on file. The IT Disaster Recovery Plan is a living document and the maintenance of the plan should be included in the general business plan. It must be updated regularly to remain viable based on the most current system architecture or environment. Each IT Disaster Recovery Plan must document plan maintenance procedures and responsibilities. This should include reassessment of the plan at least annually and a process to update the plan to reflect changes in hardware, software, and personnel.
66 Policy Statement  The Nature’s best comprehensive IT Disaster Recovery Plan shall be reviewed annually.  A risk assessment shall be undertaken periodically to determine the requirements for the IT Disaster Recovery Plan.  The IT Disaster Recovery Plan should cover all essential and critical infrastructure elements, systems and networks, in accordance with key educational activities.  The IT Disaster Recovery Plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed.  Staff must be made aware of the IT Disaster Recovery Plan and their own respective roles.  The IT Disaster Recovery Plan is to be kept up to date to take into account changing circumstances. Objectives The principal objective of the IT Disaster Recovery Plan program is to develop, test and document a well- structured and easily understood plan which will help Nature’s best recover as quickly and effectively as possible from an unforeseen disaster or emergency which interrupts information systems and educational operations. Additional objectives include the following:  The need to ensure that employees fully understand their duties in implementing such a plan.  The need to ensure that operational policies are adhered to within all planned activities.  The need to ensure that proposed contingency arrangements are cost-effective.  Disaster recovery capabilities are applicable to staff, vendors and others.
67 Prevention All attempts are made to prevent or limit the impact of a disaster on the information systems of Nature’s best. Specifically, the following steps have been taken:  All servers are in a centralized and secured, locked location with access limited to technology staff and selected buildings and grounds staff.  A separate independent cooling system is installed in the server room.  All servers are password protected, with only select administrator level user accounts given authorization to log on.  Uninterrupted power supplies are installed on all servers and key network equipment.  RAID is used on mission critical servers. Plan updating It is necessary for the IT Disaster Recovery Plan updating process to be properly structured and controlled. Whenever changes are made to the plan they are to be fully tested and appropriate amendments should be made to the training materials. This will involve the use of formalized change control procedures under the control of the Technology Department.
68 Client Configuration
69 CLIENT CONFIGURATION For the Client configuration anybody with administration rights will have the opportunity to change any configuration that they deem necessary.  For basic users, regular students that are using computer lab workstations, they will need to have authentication first, they will be given the choice to make their own password which must consist of at least 8 to 16 characters, using Caps and mixture of special characters and numbers.  Their usernames will have part of their name and student I.D. number to verify who they are upon logging on the computer lab work stations.  These passwords will have to be case sensitive and students will have to memorize and not write don’t their password so no one can gain access to their computer lab workstations.  Same will go for anybody in the Administration level, solely for security purposes.
70 Nature’s Best Test Plan
71 Test Plan In setting up our network we have been tasked with devising the test plan to ensure the functionality of the network. This plan documents the strategy in which we will verify and ensure the network meets the client’s specifications. Type of Testing  Compatibility Testing  Functional Testing  Stress/Load Testing  Performance/System Testing  Security Testing  Disaster Recovery Testing  User Acceptance Testing Training Plan  Responsible to train the IT staff, and Administrators.  Making up the schedule for who is training who and how long it’s going to take  Assembling way for all the staff to get help after we leave the school.
72 Back up policy
73 Backup Policy 1.0 Overview This policy defines the backup policy for computers within the organization which are expected to have their data backed up. These systems are typically servers but are not necessarily limited to servers. Servers expected to be backed up include the file server, the mail server, and the web server. 2.0 Purpose This policy is designed to protect data in the organization to be sure it is not lost and can be recovered in the event of an equipment failure, intentional destruction of data, or disaster. 3.0 Scope This policy applies to all equipment and data owned and operated by the organization. 4.0 Definitions 1.Backup - The saving of files onto magnetic tape or other offline mass storage media for the purpose of preventing loss of data in the event of equipment failure or destruction. 2. Archive - The saving of old or unused files onto magnetic tape or other offline mass storage media for the purpose of releasing on-line storage room. 3. Restore - The process of bringing off line storage data back from the offline media and putting it on an online storage system such as a file server. 5.0 Timing Full backups are performed nightly on Monday, Tuesday, Wednesday, Thursday, and Friday. If for maintenance reasons, backups are not performed on Friday, they shall be done on Saturday or Sunday.
74 6.0 Tape Storage There shall be a separate or set of tapes for each backup day including Monday, Tuesday, Wednesday, and Thursday. There shall be a separate or set of tapes for each Friday of the month such as Friday1, Friday2, etc. Backups performed on Friday or weekends shall be kept for one month and used again the next month on the applicable Friday. Backups performed Monday through Thursday shall be kept for one week and used again the following appropriate day of the week. 7.0 Tape Drive Cleaning Tape drives shall be cleaned weekly and the cleaning tape shall be changed monthly. 8.0 Monthly Backups Every month a monthly backup tape shall be made using the oldest backup tape or tape set from the tape sets. 9.0 Age of tapes The date each tape was put into service shall be recorded on the tape. Tapes that have been used longer than six months shall be discarded and replaced with new tapes. 10.0 Responsibility The IT department manager shall delegate a member of the IT department to perform regular backups. The delegated person shall develop a procedure for testing backups and test the ability to restore data from backups on a monthly basis. 11.0 Testing The ability to restore data from backups shall be tested at least once per month. 12.0 Data Backed Up Data to be backed up include the following information: 1. User data stored on the hard drive.
75 2. System state data 3. The registry Systems to be backed up include but are not limited to: 1. File server 2. Mail server 3 .Production web server 4. Production database server 5. Domain controllers 6. Test database server 7. Test web server 13.0 Archives Archives are made at the end of every year in December. User account data associated with the file and mail servers are archived one month after they have left the organization. 14.0 Restoration Users that need files restored must submit a request to the help desk. Include information about the file creation date, the name of the file, the last time it was changed, and the date and time it was deleted or destroyed. 15.0 Tape Storage Locations Offline tapes used for nightly backup shall be stored in an adjacent building in a fireproof safe. Monthly tapes shall be stored across town in our other facility in a fireproof safe. This policy may contain descriptions about how various systems and types of systems are backed up such as Windows or UNIX systems.
76 System Lockdown Policy
77 System Lockdown Policy 1.0 Overview This system lockdown policy is an internal IT policy and defines a general process that should be used to lock down servers and workstations. 2.0 Purpose This policy is designed to minimize risk to organizational resources and data by establishing a process for increasing the security of servers and workstations by stopping unneeded services and testing for vulnerabilities. 3.0 Server Lockdown and Hardening This section describes a general process used to lock down servers. When they are initially installed and configured. Types of servers or equipment that need hardening include but are not limited to file sharing servers, email servers, Web servers, FTP servers, DNS servers, DHCP servers, Database servers, Domain controllers, Directory servers, Network devices such as firewalls, routers, and switches. 1. List services that will be required to run on the server. Examples include: 1. DNS 2. HTTP 3. SMTP 4. POP3 2. List services that are running on the server and turn off any that the administrator is sure are not needed. 3. Do a port scan on the server - Use a security tool to test and determine any ports that the server is responding to. 4. Shut down any services that are not on the required list of services for the server. Especially remember to shut down services listed in Appendix A - Services Recommended for Shutdown 5. Remove any unnecessary programs, services, and drivers from the server especially those not loaded by default on the server. 6. Patch the server with the latest patches and patch all services running on the server. 7. Disable or change the password of any default accounts on the server or related to any operating services. 8. Be sure all passwords used to access the system or used by services on the system meet minimum requirements including length and complexity parameters. 9. Be sure all users and services have minimum required rights and do not have rights to items not needed. 10. Be sure file share and file permissions are as tight as possible. 11. Perform a vulnerability assessment scan of the server. 12. Patch or fix any vulnerabilities found. 13. Where appropriate, install and run additional security programs such as: 1. Anti-virus - Install and perform latest update of software and virus definitions. 2. Firewall
78 3. Intrusion detection software - Some approved host based intrusion detection software is recommended to be run on all servers. 4. Honeypot 5. Change of system and system files detection All this software should have the latest updates installed. 14. Set security parameters on all software such as where anti-virus programs will scan, how often it will scan, and how often it will get virus definition updates. 15. Enable audit logging to log any unauthorized access. 16. Perform another vulnerability assessment scan of the server, and fix any discrepancies. 17. Take additional account management security measures including: 1. Disable the guest account 2. Rename default administrator accounts 3. Set accounts for minimum possible access 4. Be sure all accounts have passwords meeting minimum complexity and length rules. 18. Test the server to be sure all desired services are operating properly. 4.0 Enforcement Since locking down servers is critical to the security of the organization and everyone, this policy must be enforced by management through review and auditing. Appendix A - Services Recommended for Shutdown 1. File and Printer Sharing for Microsoft Networks - Uninstallation of this service is recommended. This service is not needed unless you want to share a printer on your local computer or share folders on your local computer with other computers. 2. Messenger - Disable this service in the Services applet of Administrative Tools. This service has some serious security bugs and problems and has very little use for managing the network. 3. Remote registry service - This service should be set to manual or disabled since it allows people from remote locations to modify your registry. It is a serious security risk and should only be run if required by network administrators. Set this service to manual or disabled in the Services applet of Administrative Tools. 4. Secondary Logon service - If it is not necessary for lower privileged users to use the "Run As" command to run commands that only administrators or power users can run, this service should be disabled. 5. Universal Plug and Play Device Host service - It broadcasts unnecessary information about the computer running the service. It may be used by MSN messenger. This service is a high security risk and should be disabled unless dependent services are required. 6. Wireless Zero Configuration service - Used to support wireless connections. If you are not using wireless, this should be disabled. This service is a high security risk and should be disabled unless needed. 7. Computer Browser - For home users and most organizational users, this service can be disabled. Running this service is a moderate security risk.
79 8. NetMeeting Remote Desktop sharing - A person on a remote computer can access your desktop to help you. This service may be used by network administrators to help users with tasks. Normally this service should be disabled unless needed. Running this service is a moderate security risk. 9. Remote Desktop Help Session Manager service - A person on a remote computer can access your desktop to help you. This service may be used by network administrators to help users with tasks. Normally this service should be disabled unless needed. Running this service is a moderate security risk. 10. Network DDE Service - Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. It allows two running programs to share the same data on the same computer or on different computers. Running this service is a moderate security risk. Normally this service should be disabled unless needed. 11. Network DDE DSDM Service - Manages DDE network shares. Running this service is a moderate security risk. Normally this service should be disabled unless needed. 12. NT LM Security support provider - Used for backward compatibility with older Microsoft operating systems. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. 13. SSDP Discovery service - Allows the computer to connect with networked plug and play devices on the network. This service does not support internal PnP devices. This service should be disabled unless the computer needs to connect to external networked plug and play devices. 14. Telnet service - The telnet service allows a terminal connection to or from a remote computer but sends passwords in the clear. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. 15. Terminal services - Allows a remote connection from a remote computer usually used by network administrators to help users. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. This service is commonly used by system administrators to administer servers remotely. 16. Alerted service - The alerted service allows system administrators to send messages to selected users. This service should be disabled unless specifically needed. Types of servers that need hardening (This list is not inclusive of all devices that should be hardened): 1. File sharing 2. Email Servers 3. Web servers 4. FTP servers 5. DNS servers 6. DHCP servers 7. Database servers 8. Domain controllers 9. Directory servers 10. Network devices such as firewalls, routers, and switches
80 Computer Training Policy
81 1.0 Overview This policy defines the minimum training for users on the network to make them aware of basic computer threats to protect both themselves and the network. This policy especially applies to employees with access to sensitive or regulated data. 2.0 Purpose This policy is designed to protect the organizational resources on the network and increase employee efficiency by establishing a policy for user training. When users are trained about computer use and security threats, they work more efficiently and are better able to protect organizational resources from unauthorized intrusion or data compromise. This policy will help prevent the loss of data and organizational assets. 3.0 Training Categories Training categories will include but not be limited to the following areas:  Basics: 1. What files are 2. How to set view for details and show extensions for known file types 3. Why not seeing file extensions is a security hazard to you 4. File storage size - how to determine 5. Mail attachments 6. Where to store files  How to use your network drive  What your network drive is and what it means to you 7. How to copy files 8. Ways to increase efficiency on the computer such as keyboard shortcuts  Ways to get malware: 1. Through email 2. Through browser 3. By connecting 4. By installing unapproved programs  Email viruses: 1. How they spread 2. Spoofing sender 3. Dangerous attachments  Email SPAM 1. Protect your email address 2. Filtering spam  Hoaxes: 1. Phishing 2. Fraud methods  Email use 1. How to set up email for remote users or with your ISP with POP3 2. How to set up out of office reply 3. How to set mail filtering rules
82 4. How to use, import, and export personal folders 5. What an undeliverable response to an email message means  Use of web browser 1. Safe browser? 2. Avoid adware and spyware - ignore ads that may compromise your computer or get you to install an illicit program 3. How to change browser settings for better security 4. Products to prevent malware.  Passwords 1. Why protect my password? 2. Why do I need to change my password every 30 days 3. How to change your password 4. How to choose strong passwords that you can remember 5. If I log in on a website can someone see my password?  Other 1. Reasons for firewall -- worms and others 2. Why worry about malware? 3. What is a vulnerability? 4. Why not run all services? 5. Social engineering 4.0 Training Opportunities Basic training as listed in section 3.0 shall be provided internally by the organization and shall include the following opportunities: 1. Scheduled training seminars for 1 to 4 hours per day. 2. Brown bag lunch training for lunch time training for up to 1 hour per day on one or two days per week. 5.0 Requirements All organizational staff shall make measurable and continuous progress in the training areas listed in section 3. Each employee manager shall be responsible for ensuring that employees under their supervision make progress in the required training areas. Each employee must retain knowledge about training in areas listed in section 3 within the first year of employment. 6.0 Enforcement Since training is very important to the security of the organization, auditing shall be used as a mechanism to be sure the training policy is being followed. Auditors may test employees at random about their knowledge in the areas listed in section 3. If an employee gets malware on their computer, they may be audited.
83 Mobile Computer Policy
84 1.0 Overview This policy defines the use of mobile computers in the organization. It defines: 1. The process that mobile computers must meet to leave the corporate network. Both the device and any sensitive data should be password protected. 2. How mobile computers and devices will be protected while outside the organizational network. 3. The process that mobile computers must meet to enter the corporate network when being brought into a building owned by the organization. 2.0 Purpose This policy is designed both to protect the confidentiality of any data that may be stored on the mobile computer and to protect the organizational network from being infected by any hostile software when the mobile computer returns. This policy also considers wireless access. 3.0 Scope This policy covers any computing devices brought into the organization or connected to the organizational network using any connection method. This includes but is not limited to desktop computers, laptops, and palm pilots. Note: To write this policy, consider data and the sensitivity of the data stored and viewed on the mobile computer including: 1. Email 2. Data the user is working on that is stored locally. 3. Cached data that is stored locally such as cached data from the user's browser. Windows XP allows for cached files to be encrypted using the encrypting file system (EFS). 4. Data from the internal network that the user may access while the computer is outside the network. 5. Locally stored user names and passwords. Consider loss due to: 6. Theft - should locally stored data be encrypted? 7. Hard drive failure 4.0 Responsibility The user of the mobile computer will accept responsibility for taking reasonable safety precautions with the mobile computer and agrees to adhere to this policy. The computer user will not be allowed to have administrative rights unless granted special exception by the network administrator. The user of the computer agrees not to use the mobile
85 computer for personal business and agrees to abide by the organizational computer usage policy. 5.0 Connection Terms 8. Devices connected to the organizational network must be determined to be a benefit to the organization rather than convenience by the designated IT manager. 9. All mobile devices owned by the organization or allowed on the organization network must be identified by their MAC address to the IT department before being connected. (Possibly require static IP address) 10. The device must meet the computer connection standards described in the following section. 11. The device operator must be identified by name and contact information to the IT department. 12. The computer device operator must be familiar with the organization's acceptable use policy. 13. Devices not owned by the organization are subject to a software audit to be sure no software that could threaten the network security is in operation. All computing devices are subject to a software audit at any time. 14. Access rights to the organizational network cannot be transferred to another person even if that person is using an allowed computing device. 6.0 Mobile Computer Protection 1. Any mobile computer owned by the organization shall at all times operate the following for its own protection: 1. Antivirus program named _________________ with the latest possible virus updates. The program shall be configured for real time protection, to retrieve updates daily, and to perform an anti-virus or malware scan at least once per week. 2. A firewall program named _________________ with the latest possible updated. The program shall be operational any time the computer is connected to any untrusted network including the internet to protect the computer from worms and other malware. 3. Additional malware protection software shall be active on the computer in accordance with the anti-virus and malware policy. 4. The operating system and application patch levels must be consistent with the current patch levels of our organization for similar devices and operating systems. All mobile computers in the organization shall have wireless access disabled. If wireless access is used, a specific protocol for wireless encryption shall be designated and configured. Also the maximum data sensitivity category shall be noted for the computer depending on the security of the wireless access and other features of the computer. 2. Policy for mobile computers owned by the organization and removed nightly by employees with permission to work from home. 1. These computers shall always meet requirement 6.0.1 above.
86 2. If at any time the computer shall fail to meet the requirement 6.0.1 above, the employee shall report the condition to the IT Security department and a check of the computer equivalent to any check of an unsecure computer entering the building shall be performed. 3. It shall be ensured that unauthorized persons cannot gain access to the computer without a proper user identification and password. Operating systems that do not safely support this process shall not be used in mobile computers. The IT Security department will determine and specify the proper tools to be used for authentication and access controls. 4. Data to be stored on the computer will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. 5. The computer shall be checked weekly by IT Security department personnel at designated times when the computer will be entering a secure building area. The check will include a scan for malware and a test to determine whether the computer has a worm. The state of stored sensitive data shall also be checked to determine whether it is encrypted and whether data of too high a level of security is being stored on the computer. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. 3. Policy for computers being used for travel - Protection of these computers shall be the encryption of all sensitive data and a requirement for a valid user ID to operate the computer. 4. These computers shall always meet requirement 6.0.1 above. If any additional software installation is required, it must be done and configured before the computer leaves the building. 5. It shall be ensured that unauthorized persons cannot gain access to the computer without a proper user identification and password. Operating systems that do not safely support this process shall not be used in mobile computers. The IT Security department will determine and specify the proper tools to be used for authentication and access controls. 6. Data to be stored on the computer during the time the computer is not in a security facility will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. Any data not considered to be safe to be stored on the computer will be removed using a designated program to be sure it has been removed so it cannot be read using special technology later. There will be a list of documented sensitive data including storage locations for all sensitive data stored on the computer. This list will be created before the computer leaves the facility. 7. If there is a chance that the user will view any sensitive data using their web browser or other program, cached data will need to be encrypted. Cached data that is stored locally such as cached data from the user's browser will be set to be encrypted using the encrypting file system (EFS). This may require Windows XP or some third party software. In Windows XP, this may be enabled using the following procedure:
87 1. Open "My computer" 2. Click on "Tools" and select "folder Options". 3. Select the "Offline files" tab. 4. Check the box next to "Encrypt offline files to secure data". 5. Click "OK" to exit. 8. If the computer will acquire irreplaceable and valuable data while on the road, the computer user must notify the IT department so arrangements can be made for a method to back the data up.  Policy for computers being used by contractors 1. The computer will first be checked for compliance with section 6.01 above. 2. The computer will be scanned for malware and tested to determine whether the computer has a worm. Any malware on the computer shall be removed if any was detected. Log information about any malware found. 3. If the computer is in compliance with section 6.01 and contains no malware, the contractor shall report any sensitive data related to the organization that is expected to be stored on the computer. 4. Data to be stored on the computer will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. 5. The ID of the computer shall be recorded and it shall be certified for use on the organizational network. 6. The computer shall be checked weekly by IT Security department personnel at designated times when the computer will be entering a secure building area. The check will include a scan for malware and a test to determine whether the computer has a worm. The state of stored sensitive data shall also be checked to determine whether it is encrypted and whether data of too high a level of security is being stored on the computer. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. If the computer is storing data improperly, the certification of the computer shall be reviewed. 7.0 Protecting the Network Mobile computers entering the network shall meet the following requirements. 1. If the computer is owned by the organization and used regularly by employees according to 4.0.2 above, then the computer shall be checked according to that part of the policy. 2. If the computer is owned by the organization and is returning from a period when an employee used it for travel, the following check shall be performed. 1. Determine whether the anti-virus program is up to date, has the latest virus definitions, is configured properly, and is running properly. If it fails one of these conditions or has not been scanned for a virus within the last week, a full virus scan must be done before the computer can be used in the building. 2. Test the computer and scan for additional malware such as adware or spyware test to determine whether the computer has a worm.
88 3. Test the state of stored sensitive data to be sure it is encrypted. 4. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. 3. If the computer is owned by an outside organization the following must be done. 1. The outside organization must agree in writing to allow a malware scan of their computer and agree pay any costs if malware is found on their computer. 2. A full virus scan must be done. 3. Test the computer and scan for additional malware such as adware or spyware test to determine whether the computer has a worm. 4. Remove any malware on the computer if any was detected. Log information about any malware found. The outside organization may be billed for services depending on organizational policy. 8.0 Enforcement Since improper use of mobile computers can bring in hostile software which may destroy the integrity of network resources and systems and the prevention of these events is critical to the security of the organization and all individuals, employees that do not adhere to this policy may be subject to disciplinary action up to and including dismissal.
89 Hardware Description
90 SEH ISD300-PoE Print Server Item#: YYI1-H01540 | Model#: M03722 Price: $1,48608 SEH ISD300-PoE Print Server Product Details The Cost-Effective Spooling Solution with PoE-Technology! Print job spooling is one of the core tasks in a network. Inefficient spooling by means of traditional servers causes performance problems, is expensive and requires a lot of administration. The ISD300-PoE puts an end to this! The ISD300-PoE Intelligent Spooling Device connects to your network as a specialized network appliance, effectively spooling and managing all print jobs and handling all print queues - simple, cost-effective and highly available! And it offers a large range of application scenarios! Power-over-Ethernet (PoE) Technology ISD300-PoE is equipped with Power-over-Ethernet technology.PoE-enabled network devices are powered via the data cable; eliminating the need for an external power
91 HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer - Color Laser, Up to 600 x 600 dpi, Up to 30 ppm, 1536MB Memory, 320GB HDD, 8.07" Touchscreen, Hi-Speed USB 2.0, Ethernet Item#: H24-30400 | Model#: CC523A Price: $5,44999 HP LaserJet Enterprise 700 Multifunction Printer Product Details HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer The performance-driven industry has finally met its match with the HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer. The HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer is a hardworking multifunction printer that boasts a stunning A3 color, robust scanning features, and high volume paper capacity minus the hefty price tag. Copy, scan, print, and fax with up to 600 x 600 dpi resolution from virtually anywhere using your smartphone or tablets – thanks to its HP ePrint. With up to 30 ppm print speed,you can definitely enhance your productivity. This printer's 8.07" Touchscreen makes navigating the device's features a breeze, as well as displays the content and settings with an outstanding clarity. Make use of its Ethernet capability to connect the printer to a wired network, and further enhance yourworkflow. So if you want a printer that caters to all of your documenting needs, purchasing the HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer is the way to go. What It Is And Why You Need It:  Multifunction Printer; allows printing, faxing, scanning,and copying high quality documents  8.07" Touchscreen; makes navigating the features a lot easier  Hi-Speed USB 2.0; lets you integrate various USB capable devices  Ethernet; allows easy connection to a wired network  HP ePrint; enables printing from your smartphones or tablets  High-capacity automatic document feeder; keeps large scan and copy jobs moving
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.
Network Guardians Project Charter Final Ver.

Empfohlen

E Commerce Project Charter
E Commerce Project CharterE Commerce Project Charter
E Commerce Project Charterbrianbish10795
 
2013 website redesign_project_charter_final
2013 website redesign_project_charter_final2013 website redesign_project_charter_final
2013 website redesign_project_charter_finallibamend
 
ERP/SAP Project Charter
ERP/SAP Project CharterERP/SAP Project Charter
ERP/SAP Project CharterBogdan Gorka
 
Project charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeProject charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeTheodore Van Patten, Jr.
 
Software Project Management: Project Charter
Software Project Management: Project CharterSoftware Project Management: Project Charter
Software Project Management: Project CharterMinhas Kamal
 
PROJECT CHARTER
PROJECT CHARTERPROJECT CHARTER
PROJECT CHARTERMuneeb HaXan
 
Project post-mortem analysis
Project post-mortem analysisProject post-mortem analysis
Project post-mortem analysisJaiveer Singh
 
Mobile Marketing Project Charter
Mobile Marketing Project CharterMobile Marketing Project Charter
Mobile Marketing Project CharterDemand Metric
 

Empfohlen

E Commerce Project Charter
E Commerce Project CharterE Commerce Project Charter
E Commerce Project Charterbrianbish10795
 
2013 website redesign_project_charter_final
2013 website redesign_project_charter_final2013 website redesign_project_charter_final
2013 website redesign_project_charter_finallibamend
 
ERP/SAP Project Charter
ERP/SAP Project CharterERP/SAP Project Charter
ERP/SAP Project CharterBogdan Gorka
 
Project charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeProject charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeTheodore Van Patten, Jr.
 
Software Project Management: Project Charter
Software Project Management: Project CharterSoftware Project Management: Project Charter
Software Project Management: Project CharterMinhas Kamal
 
PROJECT CHARTER
PROJECT CHARTERPROJECT CHARTER
PROJECT CHARTERMuneeb HaXan
 
Project post-mortem analysis
Project post-mortem analysisProject post-mortem analysis
Project post-mortem analysisJaiveer Singh
 
Mobile Marketing Project Charter
Mobile Marketing Project CharterMobile Marketing Project Charter
Mobile Marketing Project CharterDemand Metric
 
Project Charter
Project CharterProject Charter
Project CharterKristen Marsters
 
Project Charter
Project CharterProject Charter
Project CharterDeborah Obasogie
 
Sample project-charter-template
Sample project-charter-templateSample project-charter-template
Sample project-charter-templatewebtech46
 
Project Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation SlidesProject Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation SlidesSlideTeam
 
Software Project Management Plan
Software Project Management PlanSoftware Project Management Plan
Software Project Management PlanSeval Çapraz
 
PMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified VersionPMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified VersionRicardo Viana Vargas
 
8.project management chapter 8
8.project management chapter 88.project management chapter 8
8.project management chapter 8Warui Maina
 
Software Project Management: Project Summary
Software Project Management: Project SummarySoftware Project Management: Project Summary
Software Project Management: Project SummaryMinhas Kamal
 
PMP - Risk Management plan & template
PMP - Risk Management plan & templatePMP - Risk Management plan & template
PMP - Risk Management plan & templateAllie Gentry
 
Software Project Management: Project Planning
Software Project Management: Project PlanningSoftware Project Management: Project Planning
Software Project Management: Project PlanningMinhas Kamal
 
Project Scope Management
Project Scope ManagementProject Scope Management
Project Scope ManagementAndersson Lujan Ojeda
 
Chap03 the project management process groups
Chap03 the project management process groupsChap03 the project management process groups
Chap03 the project management process groupsDhani Ahmad
 
Project Charter Template
Project Charter TemplateProject Charter Template
Project Charter Templatedmdk12
 
EP Project Charter OpenWells2.3
EP Project Charter OpenWells2.3EP Project Charter OpenWells2.3
EP Project Charter OpenWells2.3pamela burgess-nelson
 
Introduction to Software Project Management
Introduction to Software Project ManagementIntroduction to Software Project Management
Introduction to Software Project ManagementSaadi Jadoon
 
Microsoft project training manual
Microsoft project training manualMicrosoft project training manual
Microsoft project training manualKhalid Mahmood
 
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)Ricardo Viana Vargas
 
Project charterexample (1) (1)
Project charterexample (1) (1)Project charterexample (1) (1)
Project charterexample (1) (1)owaishazara
 
Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...Shuchi Joshi
 
Project Management Sample
Project Management SampleProject Management Sample
Project Management SampleLori Krein Studios
 
How to monitor mobile apps development project
How to monitor mobile apps development projectHow to monitor mobile apps development project
How to monitor mobile apps development projectHexagon Infosoft Solutions
 
Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)Devinder Kansal
 

Weitere ähnliche Inhalte

Was ist angesagt?

Sample project-charter-template
Sample project-charter-templateSample project-charter-template
Sample project-charter-templatewebtech46
 
Project Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation SlidesProject Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation SlidesSlideTeam
 
Software Project Management Plan
Software Project Management PlanSoftware Project Management Plan
Software Project Management PlanSeval Çapraz
 
PMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified VersionPMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified VersionRicardo Viana Vargas
 
8.project management chapter 8
8.project management chapter 88.project management chapter 8
8.project management chapter 8Warui Maina
 
Software Project Management: Project Summary
Software Project Management: Project SummarySoftware Project Management: Project Summary
Software Project Management: Project SummaryMinhas Kamal
 
PMP - Risk Management plan & template
PMP - Risk Management plan & templatePMP - Risk Management plan & template
PMP - Risk Management plan & templateAllie Gentry
 
Software Project Management: Project Planning
Software Project Management: Project PlanningSoftware Project Management: Project Planning
Software Project Management: Project PlanningMinhas Kamal
 
Chap03 the project management process groups
Chap03 the project management process groupsChap03 the project management process groups
Chap03 the project management process groupsDhani Ahmad
 
Project Charter Template
Project Charter TemplateProject Charter Template
Project Charter Templatedmdk12
 
Introduction to Software Project Management
Introduction to Software Project ManagementIntroduction to Software Project Management
Introduction to Software Project ManagementSaadi Jadoon
 
Microsoft project training manual
Microsoft project training manualMicrosoft project training manual
Microsoft project training manualKhalid Mahmood
 
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)Ricardo Viana Vargas
 
Project charterexample (1) (1)
Project charterexample (1) (1)Project charterexample (1) (1)
Project charterexample (1) (1)owaishazara
 
Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...Shuchi Joshi
 

Was ist angesagt? (20)

Project Charter
Project CharterProject Charter
Project Charter
 
Project Charter
Project CharterProject Charter
Project Charter
 
Sample project-charter-template
Sample project-charter-templateSample project-charter-template
Sample project-charter-template
 
Project Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation SlidesProject Execution Powerpoint Presentation Slides
Project Execution Powerpoint Presentation Slides
 
Software Project Management Plan
Software Project Management PlanSoftware Project Management Plan
Software Project Management Plan
 
PMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified VersionPMBOK® Guide 5th edition Processes Flow in English - Simplified Version
PMBOK® Guide 5th edition Processes Flow in English - Simplified Version
 
8.project management chapter 8
8.project management chapter 88.project management chapter 8
8.project management chapter 8
 
Software Project Management: Project Summary
Software Project Management: Project SummarySoftware Project Management: Project Summary
Software Project Management: Project Summary
 
PMP - Risk Management plan & template
PMP - Risk Management plan & templatePMP - Risk Management plan & template
PMP - Risk Management plan & template
 
Software Project Management: Project Planning
Software Project Management: Project PlanningSoftware Project Management: Project Planning
Software Project Management: Project Planning
 
Project Scope Management
Project Scope ManagementProject Scope Management
Project Scope Management
 
Chap03 the project management process groups
Chap03 the project management process groupsChap03 the project management process groups
Chap03 the project management process groups
 
Project Charter Template
Project Charter TemplateProject Charter Template
Project Charter Template
 
EP Project Charter OpenWells2.3
EP Project Charter OpenWells2.3EP Project Charter OpenWells2.3
EP Project Charter OpenWells2.3
 
Introduction to Software Project Management
Introduction to Software Project ManagementIntroduction to Software Project Management
Introduction to Software Project Management
 
Microsoft project training manual
Microsoft project training manualMicrosoft project training manual
Microsoft project training manual
 
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
PMBOK® Guide Processes Flow – 6th Edition (Simplified version)
 
Project charterexample (1) (1)
Project charterexample (1) (1)Project charterexample (1) (1)
Project charterexample (1) (1)
 
Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...Project Management Project Assignment - Project Schedule & Resource Allocatio...
Project Management Project Assignment - Project Schedule & Resource Allocatio...
 
Project Management Sample
Project Management SampleProject Management Sample
Project Management Sample
 

Andere mochten auch

How to monitor mobile apps development project
How to monitor mobile apps development projectHow to monitor mobile apps development project
How to monitor mobile apps development projectHexagon Infosoft Solutions
 
Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)Devinder Kansal
 
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...Wesley Brown
 
Reginald Reid Resume 2016
Reginald Reid Resume 2016Reginald Reid Resume 2016
Reginald Reid Resume 2016Reginald Reid
 
Paperless Office Project
Paperless Office ProjectPaperless Office Project
Paperless Office ProjectSiddharth Shah
 
Genrays Project Charter
Genrays Project CharterGenrays Project Charter
Genrays Project CharterApril Drake
 
Social Media Project Charter Template
Social Media Project Charter TemplateSocial Media Project Charter Template
Social Media Project Charter TemplateDemand Metric
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal pptFrankNitty II
 
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT Summary
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT SummaryPMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT Summary
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT SummaryYudha Pratama, PMP
 

Andere mochten auch (12)

How to monitor mobile apps development project
How to monitor mobile apps development projectHow to monitor mobile apps development project
How to monitor mobile apps development project
 
Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)Implementation of International Charter of Physical Education and Sport (UNESCO)
Implementation of International Charter of Physical Education and Sport (UNESCO)
 
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...
INFO 461 AS08 Project Charter, Implementation Strategy Plan & Change Manageme...
 
Reginald Reid Resume 2016
Reginald Reid Resume 2016Reginald Reid Resume 2016
Reginald Reid Resume 2016
 
Paperless Office Project
Paperless Office ProjectPaperless Office Project
Paperless Office Project
 
Charter Examples
Charter ExamplesCharter Examples
Charter Examples
 
Project charter
Project charterProject charter
Project charter
 
Genrays Project Charter
Genrays Project CharterGenrays Project Charter
Genrays Project Charter
 
Social Media Project Charter Template
Social Media Project Charter TemplateSocial Media Project Charter Template
Social Media Project Charter Template
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal ppt
 
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT Summary
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT SummaryPMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT Summary
PMBOK 5th Edition - Chapter 6 PROJECT TIME MANAGEMENT Summary
 
A3 problem solving
A3 problem solvingA3 problem solving
A3 problem solving
 

Ähnlich wie Network Guardians Project Charter Final Ver.

The Greenway Bank Presentation
The Greenway Bank PresentationThe Greenway Bank Presentation
The Greenway Bank PresentationSherrod Butler
 
JeffDavisProjectPortfolio
JeffDavisProjectPortfolioJeffDavisProjectPortfolio
JeffDavisProjectPortfolioJeff Davis
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_ResumeChuck Roden
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_ResumeChuck Roden
 
Network Developement Capstone Project 2009 Sping Quarter
Network Developement Capstone Project 2009 Sping QuarterNetwork Developement Capstone Project 2009 Sping Quarter
Network Developement Capstone Project 2009 Sping Quarterrichlan421
 
CPIN 269 Final Documentation
CPIN 269 Final DocumentationCPIN 269 Final Documentation
CPIN 269 Final DocumentationJennifer Cordes
 
Week Four JournalObjectiveYou will identify key ethical proble.docx
Week Four JournalObjectiveYou will identify key ethical proble.docxWeek Four JournalObjectiveYou will identify key ethical proble.docx
Week Four JournalObjectiveYou will identify key ethical proble.docxalanfhall8953
 
Mark Gibbons - Transitional Master 2-17
Mark Gibbons - Transitional Master 2-17Mark Gibbons - Transitional Master 2-17
Mark Gibbons - Transitional Master 2-17Mark Gibbons, PMP
 
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0Venkat Bathem
 
Anitha_Resume_BigData
Anitha_Resume_BigDataAnitha_Resume_BigData
Anitha_Resume_BigDataAnitha Bade
 
Capstone project IT Management 17 page due in 48 hours.docx
Capstone project IT Management 17 page due in 48 hours.docxCapstone project IT Management 17 page due in 48 hours.docx
Capstone project IT Management 17 page due in 48 hours.docxstirlingvwriters
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_ResumeChuck Roden
 

Ähnlich wie Network Guardians Project Charter Final Ver. (20)

The Greenway Bank Presentation
The Greenway Bank PresentationThe Greenway Bank Presentation
The Greenway Bank Presentation
 
nitesh_rajpurkar_2016
nitesh_rajpurkar_2016nitesh_rajpurkar_2016
nitesh_rajpurkar_2016
 
JeffDavisProjectPortfolio
JeffDavisProjectPortfolioJeffDavisProjectPortfolio
JeffDavisProjectPortfolio
 
Rajesh Paleru
Rajesh PaleruRajesh Paleru
Rajesh Paleru
 
Zakir Khan
Zakir KhanZakir Khan
Zakir Khan
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_Resume
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_Resume
 
Network Developement Capstone Project 2009 Sping Quarter
Network Developement Capstone Project 2009 Sping QuarterNetwork Developement Capstone Project 2009 Sping Quarter
Network Developement Capstone Project 2009 Sping Quarter
 
Kishore 6+ Years
Kishore 6+ YearsKishore 6+ Years
Kishore 6+ Years
 
CPIN 269 Final Documentation
CPIN 269 Final DocumentationCPIN 269 Final Documentation
CPIN 269 Final Documentation
 
Week Four JournalObjectiveYou will identify key ethical proble.docx
Week Four JournalObjectiveYou will identify key ethical proble.docxWeek Four JournalObjectiveYou will identify key ethical proble.docx
Week Four JournalObjectiveYou will identify key ethical proble.docx
 
Christopher Fowler CV
Christopher Fowler CVChristopher Fowler CV
Christopher Fowler CV
 
Mark Gibbons - Transitional Master 2-17
Mark Gibbons - Transitional Master 2-17Mark Gibbons - Transitional Master 2-17
Mark Gibbons - Transitional Master 2-17
 
LaMima Gilbert Lewis PM
LaMima Gilbert Lewis PMLaMima Gilbert Lewis PM
LaMima Gilbert Lewis PM
 
Nitin resume - New
Nitin resume - NewNitin resume - New
Nitin resume - New
 
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0
Resume_Informatica_4.3yrs_CSC_MCA_from_NIT_Venkat_CV.v1.0
 
Anitha_Resume_BigData
Anitha_Resume_BigDataAnitha_Resume_BigData
Anitha_Resume_BigData
 
Final package
Final packageFinal package
Final package
 
Capstone project IT Management 17 page due in 48 hours.docx
Capstone project IT Management 17 page due in 48 hours.docxCapstone project IT Management 17 page due in 48 hours.docx
Capstone project IT Management 17 page due in 48 hours.docx
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_Resume
 

Network Guardians Project Charter Final Ver.

  • 1. 1 ___________________________________________________________________________ NSA Capstone Project Charter ______________________________________________________________________________ Prepared By: [Joseph Douglas, Randolph Gallegos, Charles Spencer] Date of Publication: [12/17/14] Revision History Version Date Author(s) Revision Notes 1.0 12/17/14 (Joseph Douglas) (Project Objectives and Scope) 2.0 1/15/15 Joseph C Douglas, Charles Spencer, Randolph Gallegos Newly Acquired information added 3.0 3/4/15 Joseph C Douglas Charles Spencer Randolph Gallegos General Updates
  • 2. 2 Table of Contents PROJECT DESCRIPTION ........................................................................................................................................................4 PROJECT OBJECTIVES...........................................................................................................................................................4 PROJECT SCOPE .......................................................................................................................................................................4 IN SCOPE:......................................................................................................................................................................................4 OUT OF SCOPE: ...........................................................................................................................................................................5 DELIVERABLES PRODUCED: ......................................................................................................................................................5 STAKEHOLDERS: ..........................................................................................................................................................................5 REQUIREMENTS:........................................................................................................................................................................6 ACCEPTANCE CRITERIA:PROJECT ESTIMATED EFFORT/COST/DURATION .............................................6 ESTIMATED COST: .......................................................................................................................................................................7 ESTIMATED EFFORT HOURS: ....................................................................................................................................................7 ESTIMATED DURATION: ..............................................................................................................................................................7 PROJECT ASSUMPTIONS ......................................................................................................................................................8 PROJECT RISKS .........................................................................................................................................................................8 PROJECT CONSTRAINTS.......................................................................................................................................................8 PROJECT DEPENDENCIES....................................................................................................................................................8 PROJECT APPROACH .............................................................................................................................................................8 PROJECT ORGANIZATION………………………………………………………………………………………...8 COMMUNICATION PLAN:………………………………………………………………………………………….8 PROJECT GUIDELINES:..........................................................................................................................................................9 PROJECT APPROVALS ...........................................................................................................................................................9 Risk Management Plan……………………………………………………………………10-13 Quality Management Plan………………………………………………………………...14-16 Change Management Plan………………………………………………………………..17-21 Work Breakdown Structure………………………………………………………………22-26 Nature's Best Active Directory…………………………………………………………..27-28 Project Gantt chart………………………………………………………………………...29-35 Budget & Billed Material Costs…………………………………………….................................37- 41 Retail Store's Network Schematic……………………………………………………………………………..42-44 Corporate Headquarters Network Schematic………………………………………………………………..45-46
  • 3. 3 Security Policy Workstations & Domains……………………………………………………………………..46-53 Server Security Policy…………………………………………………………………………………………..54-60 Disaster and Recovery Policy………………………………………………………………………………….61-67 Client Configuration……………………………………………………………………………………………..68-69 Test Plan…………………………………………………………………………………………………………70-71 Back up Policy…………………………………………………………………………………………………..72-75 System Lockdown………………………………………………………………………………………………76-79 Computer Training Policy………………………………………………………………………………………80-82 Mobile Computer Policy………………………………………………………………………………………..83-88 Hardware Description………………………………………………………………………………………….88-100 Software Description…………………………………………………………………………………………101-104 Conclusion………………………………………………………………………………………………………….105
  • 4. 4 Project Description Our purpose is to provide high quality network and hardware solutions for Nature’s best. First thing we will do is provide a budget plan for the labor and materials for the project. Next we will be setting up the hardware and software in the main headquarters which will include the cabling, workstations, servers and the call center. We will then move onto the four branches,each branch will be set up the same way with a file/print server,two high speed network printers/copiers/scanners, fax machine, voice messaging and ten workstations. The design should ensure sufficient system capability and capacity to provide a centralized solution and provide a proportionate network infrastructure which will provide a data storage solution for the branch offices. All client information and services will be hosted at the Brea office central headquarters. Project Objectives Network Guardians objective is to provide state of the art IT Equipment and solutions to our clients to ensure a cost effective network infrastructure and meet the requested timeline of the engineered design for the company. Also help meet the company expectation for expansion. Each retail store personnel will have one administrator, two to four cashiers and four to five stockers. While the headquarters will house a president, officers, receptionist, IT department and 75 warehouseman and the call center will have 20 agents and one to two supervisors. We will implement hosting for data communications and data storage within the Brea Headquarters with consideration for growth expectations within each retail outlet. This project will meet the following objectives:  Improved Network Capability  Improved Network Infrastructure for High Speed/low bottleneck chances  Backup & Recovery Plan/ Business Continuity plan  All hardware and software will adhere to laws, regulations and codes  Implement Voice-to-Pick System for improved picking rate and speed.  Implement (WMS) software to improve overall Warehouse Performance & Productivity  Design for Growth Expectation Project Scope The scope of this project includes and excludes the following items: In Scope:  Implement a Security, Disaster Recovery, and Risk Analysis compliant by the PCI-DSS. Setup network infrastructure and connectivity for each retail store. Provide off-site storage solution for backups and easy data access back to the retail branches.
  • 5. 5  Modernize IT Hardware & Software.  Ensure sufficient system capability and capacity for all 4 retail locations to provide centralized solution for data storage and management.  Training of current IT staff to maintain the newly implement network  Implement call center in the Brea California Headquarters. Out of Scope:  Design of new conveyer belt  Removal of obsolete equipment & Software  Responsibility of Physical security of Headquarters and (4) retail store buildings Major Deliverables Produced:  Finalize Charter with approval  Finalize Network Layout with approval  Complete testing of Hardware & Software with no failures  Finalize implementation of the Network Infrastructure & Go live Stakeholders: The impact of this project on other organizations needs to be determined to ensure that the right people and functional areas are involved and communication is directed appropriately. Stakeholder How Are They Affected, or How Are They Participating? Internet Service Providers Ensure there is enough Bandwidth to accommodate the network Network System Administrator Over sees the network services and maintenance is working properly. IT Department Responsible for monitoring the network infrastructure.
  • 6. 6 Employees Will be using the workstations to process orders and use the Network services. Supervisors Oversees function of the Warehouse are met and supervise employment Truck Drivers Responsible for shipping orders to retail stores in a timely manner Call agents Responsible for Customer service inquiries Food Manufactures Manufacturer of food products to the Company Back Haul Contractors Provides backhaul loads for Truck Drivers Requirements:  Access for employees and faculty personnel to network services.  Implement fully functional servers that host banking software that track clients, demographics, accounts, and statement information that also hosts business management applications for accounting, HR,and other asset- management tools and also provide necessary network services for Active Directory, DNS, and DHCP,and online ordering.  VoIP Phone service (Cisco)  Voice messaging with forwarding services  Network devices for LAN and Wan connection (router, firewall, switch etc.)  Portable scanning devices to update shelf/stock inventory  Implement 10 workstations at each retail store.  Design for expansion Acceptance Criteria:  Requirement will be first drafted and viewed by Senior IT management that all requirements are met for Nature’s Best Corporation to implement the network infrastructure.  Once approved by Senior IT network Administrator that all requirements are met we will escalate to the Owner(s) of Nature Best for final approval.
  • 7. 7 Project Estimated Effort/Cost/Duration Estimated Cost: $587,474.75 Estimated EffortHours: 2500 Hours Estimated Duration: 3 Months and 12 days Milestone Projected Completion Date Deliverable(s) Completed Project Planning 12/17/14  Project Charter  Schedule WBS Dictionary, WBS Diagram 1/7/15  Provide work WBS  WBS Tree Structure Budget Bill 1/14/15  Estimated Cost Hardware/Software/Labor Quality & Change Plans 1/21/15  Create Quality & Change Plans Risk Management Plan 1/28/15  Create Risk Management Design Network Infrastructure 1/28/15  Blueprint of Network Final review of approval by Nature’s Best President 2/1/15  Approval to implement Network Design Start work cabling of buildings 2/15/15  Interior wall cabling of Cat6 Servers installed and tested 2/20/15  Installed servers and working with no failures Workstations installed and tested 3/1/15  Printers, workstations, and stations working properly and on appropriate network segments Hand over system to client/Go Live 3/5/15  Train IT on the system/Go Live
  • 8. 8 Project Assumptions Certain assumptions and premises need to be made to identify and estimate the required tasks and timing for the project. Based on the current knowledge today, the project assumptions are listed below. If an assumption is invalidated at a later date, then the activities and estimates in the project plan should be adjusted accordingly.  Initial configuration and updates may cause a delay  Delays due to initial hardware/software upgrades  Assuming that we will be doing this when the company is down for implementation stage Project Risks Project risks are characteristics, circumstances, or features of the project environment that may have an adverse effect on the project or the quality of its deliverables. Known risks identified with this project have been included below. A plan will be put into place to minimize or eliminate the impact of each risk to the project. The specifics of each risk area are outlined in the Risk Management Plan. Risk Area Level (H/M/L) Risk Plan 1. Communications Breakdown M Make sure everyone knows and understands their duties. 2. Over Budget of project L Stay cost efficient for the project 3. Hacked H Secure networks and firewalls 4. Employee turnover (Project Member) M Have confidence in yourself and other members in your project. 5. Parts on Back order M Inform client, Review timelines, Change documentation 6. Employees getting sick L Reshuffle work schedule with employees to complete the task. 7. Natural Disaster M Evaluate the situation / Brainstorm a solution Project Constraints The project manager should be aware of constraints because they refer to limitations that the project must execute within.  Budget  Date Deadlines  Server Room Access  Hardware/Software Limitations  Time
  • 9. 9 Project Dependencies Project Date Due Deliverable Dependency Budget 2/1/15 Approval for Budget from Nature’s Best Company Owner(s) Meet Project Deadline 3/4/15 Meet Deadline to ensure company needs are met. Project Approach  Initiation  Planning  Installation  Implement Hardware  Implement Software  Testing Hardware/Software  Finalize  Go Live Project Organization An appropriate project organization structure is essential to achieve success. The following list depicts the proposed organization: Project Sponsor: Mr. Hale Project Manager: Joseph C. Douglas (Financial Advisor) Project Member: Charles Spencer (IT Technician, Technical Advisor) Project Member: Randolph Gallegos (Head IT Technician, Technical Writer) Project Member: N/A Communication Plan:  Have meetings on project progress once a week  Progress meetings outside of class,LRC optional meeting location  Communicate via email, in-class, phone  Share files via flash drives Team Contact Information Joseph C Douglas jd@gmail.com Randolph Gallegos Randy@gmail.com Charles Spencer Spencer@gmail.com
  • 10. 10 Project Guidelines:  Complete all tasks with Quality  Complete all task on time  Communication on all levels Project Approval ______________________________________ ___________________ Project Sponsor — [insert name] Date ______________________________________ ___________________ Project Manager – [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date ______________________________________ ___________________ Project Member — [insert name] Date
  • 12. 12 Table of Contents Purpose and Scope 2 Risk Plan Objectives 2 Deliverables Produced 2 Deliverables 1 2 Deliverables 2 2 Deliverables 3 2 Project Risks 3 Risk 1 3 Risk 2 3 Risk 3 3 Disaster Recovery Plan 3 Types of Teams 3 In Event of a Disaster 3 Recovery Scenarios 3 Recovery Activities 3
  • 13. 13 Purpose and Scope The purpose of this is to address multiple areas of concern from the User Domain and the Work Station Domain to Disaster Recovery. To identify the risks we look at the User Domain. The risks here are a User opens an email with a virus and it affects the system or maybe he tries to mess with certain areas of the network where he has no knowledge. To mitigate and prevent this employee’s should only be able to open work related emails from a work email, meaning no personal email access. Risk Plan Objectives Objective 1: Describe what Unisys Stealth can do for the company Objective 2: Show our concern with risks to your systemand Mitigate or Prevent Objective 3: Give a sound Disaster Recovery Plan for the Company Deliverables Produced Deliverables 1: For the security side, I would like to introduce Unisys Stealth. This is a company and a program that when active it hides your network from any and all outside access. It also has a Disaster Recovery option where all your information is stored in a cloud like server and in the event of a Disaster that causes or destroys any of your building, you can quickly set up that buildings information in a new area anywhere you need to or are able to Deliverables 2: Mitigation or Prevention of all most all risks to the User and Work station Domains. Deliverables 3: A sound Disaster Recovery Plan and The ability to relocate when needed
  • 14. 14 Project Risks Risk 1: Risks to the User Domain can cause problems with the network and/or allow hackers to get into your systems and cause damage or steal information. A user opens an email from yahoo or Gmail and that email has a virus attach to it. An out of date virus scanner may not detect threat and it infects your system. I offer Unisys Stealth and Bit defender. Unisys protects your system from outside threats and creates a sound disaster recovery plan and Bit defender will scan all outside and inside emails for virus and erase them before infection Risk 2: Work Station Domain’s software has to remain up to date at all times. In today’s world only an up to date virus scanner can detect virus and prevent them from getting into your system. Bit Defender is a good prevention tool to use for your work stations and will stop if not prevent access of worms or virus’s Risk 3: Disaster Recovery will help the company when something unexpected happens and no time was given. Unisys Stealth steps in and helps with the recovery by giving you the ability to relocate your building anywhere that’s safe or even further. Disaster Recovery Plan Types of Teams: IT Admin and Unisys Stealth Hardware In Event of a Disaster: IT Admin from another area will log into the Unisys information and within that day have relocated the company buildings information into a new area Recovery Scenarios: Minor Damage Scenario – In case of minor damage, such as fired cables or damage to hardware Action Plan – Replace Damage component Major Damage Scenario – For Major damage such as fire to the server room or a breach in the system Action Plan – Unisys Covers any major damage scenario with back up to the cloud and the ability relocate that information to anywhere else within that day, this type is covered Recovery Activities: IT Admin logs into the Unisys Stealth and recovers the information and relocates it to where ever else they may need
  • 15. 15 By Joseph C Douglas
  • 16. 16 Purpose and Scope The purpose of the plan is to set forth a coordinated approach to addressing the quality assessment and process improvement within the project scopes and goals for Nature’s Best New Network Infrastructure. The scope is to ensure quality Hardware & Software along with testing of proper implementation of the product. Quality Plan Objectives  All hardware and software will adhere to laws, regulations and codes.  Monitoring the quality work of the project.  Staying committed to the Quality Assurance of the project.  Develop an effective plan and processes, including quality assurance and quality control procedures, to achieve objectives. Deliverables Produced  To implement at each retail store One file/print server Two high-speed network printers/copiers/scanners Fax machine Voice messaging with forwarding services Ten workstations at each location Network devices that support the LAN and WAN connection—router, firewall, switch and Cisco VoIP phone service.  The corporate headquarters will have an application server hosting banking software installed to track all clients, demographics, accounts, and statement information A separate server that hosts business management applications, such as accounting, HR, and other asset-management tools A separate server that provides necessary network services, such as Active Directory, DNS, and DHCP A Web server(s) for online ordering network connection—router, firewall, switch Email service provided by an external provider and accessible via email client software and/or Web access One file/print server. Three network printers/copiers/scanners Cisco VoIP phone service. Identify Metrics:  Define test and quality objectives for the project.  Monitor progress towards the goals that are set.  Will monitor time spent on fixing error and defects during user acceptance tests, defects found in production after implementation.
  • 17. 17 Test Checklist:  Perform independent technical review, management oversight, and verification to ensure that quality objectives are met.  Check performance and Customer Quality Objectives performance measures thresholds to verify that performance will accomplish Quality Objectives and to verify sufficiency of the plan. Share findings with all project stakeholders to facilitate continuous improvement. Results:  Improved Network Capabilities.  Improved Network Infrastructure for High Speed/low bottleneck chances.  Overall Quality Assurance and Objectives met.
  • 18. 18 By Joseph C Douglas
  • 19. 19 Purpose The purpose of the change management plan is to communicate any changes that need to occur during the entire project. This plan will show how Network Guardians will ensure for a seamless and beneficial change. The Goals of Network Guardians plan is: 1. The project is changed to fit the scope of the project. 2. To make sure that changes are followed approved, documented and implemented. 3. To ensure the change is necessary and reasonable. 4. Changes are communicated to all parties. Responsibilities for the change management plan: 1. Network Guardians is responsible to generate the change management plan. 2. The change management plan will be implemented into the project plan. 3. Make sure that there is enough founding for the change and obtain approval to implement the change. 4. Network Guardians is responsible for the completion of the change management plan in the time estimated. 5. The change management plans will be approved by Nature’s best and communication of the implementation of the plan.
  • 20. 20 Change management Frame The project manager Joseph Douglas will have the responsibility of allocating the execution of the change management plan. Joseph will also be the one who is in charge of the communication of the plan and will be in charge of making sure the change management plan will stay on course as according to the scope of the project. These steps will take place in order to complete the task: 1. Recognize the change needed to be made and log the request for change. 2. Assess the change, inspect the change to the project plan, and allocate the work needed to be done and the estimated time of the change to the project plan. 3. Ascertain the risk of the change and how the impact is going to change the project plan. 4. Collect the change approval from Nature’s best. This will consist of possibly negotiations of the plan in parts, scheduling and communicate all changes to all parties. 5. Implement the change into the project plan. Will stay on site throughout the project to make sure that the team stay’s within the scope of the new changed plan.
  • 21. 21 Change Management Scope The scope to the change management will be followed to manage the project scope. The details of change management, allocates responsibilities and will tell the team what needs to be done, tools possibly needed, equipment possibly needed, and the documentation of all parts to the change including the schedule. In short, the processes for this change management scope are: 1. Communicate with stakeholders about changes needed and document the wants needs and constraints of the stakeholders. 2. Change the needs into high-priority requirements to equipment; make sure that the new high-priority requirements to gain a better network. 3. Check with stakeholders when the change has been identified. 4. Verify the change is the change has been made and communicate that with the stakeholders throughout the different parts of the project. Make sure that the end product matches the scope of the plan and meets up to code. 5. Follow the process of the change management plan to manage modification’s and additions to the plan, will stay on schedule
  • 22. 22 Schedule Change Plan In the documentation of the change management plan, the changes that need to be made to the plan that might change plan’s schedule will be specified. Cost management of the change plan The cost for the change management plan will be specified in the documentation of the plan. The change cost will be specified, and what conditions need to be made will also be specified. If the projected cost of the change doesn’t meet the needs for the project plan negotiations will be documented.
  • 23. 23 By Joseph C Douglas
  • 24. 24 1.0 Nature’s Best Project 1.1 Initiation 1.2 Recommendations 1.3 Develop Charter 1.4 Submit Charter 1.5 Sponsor Reviews Charter 1.6 Charter Signed/Approved 2.0 Planning 2.1 Create Scope Statement 2.2 Determine Project Team 2.3 Team Plan Meeting 2.4 Implement Project Plan 2.5 Submit Project Plan 2.6 Project Plan Approval 3.0 Installation 3.1 Installation Planning 3.2 Installation Development System 3.3 Installation of live system 3.4 Test all installation 4.0 Hardware 4.1 Hardware Requirements 4.2 Hardware Testing 4.3 Validate User Requirements 4.4 User Training 5.0 Software 5.1 Software Requirements 5.2 Software Testing 5.3 User Training 6.0 Project Management 6.1 Planning 6.2 Budget 6.3 Meetings 6.4 Risk Management 6.5 Update Project Management Plan 7.0 Finalize 7.1 Update files/Records 7.2 Document Lessons learned 7.3 Audit Procurement
  • 25. 25 7.4 Gain Formal Acceptance Dictionary Level WBS Code WBS Code Definitions 1 1.0 Nature’s Best Project Plan and Design a Network Foundation for Nature’s Best Headquarters. 2 1.1 Initiation The work to Initiate the Project. 3 1.2 Recommendations Working Group to make a solution and Recommendations for the project. 3 1.3 Develop Charter Project Manager Implements a Project Charter. 3 1.4 Submit Charter Project charter is given to the sponsor. 3 1.5 Sponsor Reviews Charter Project Sponsor Evaluates the charter. 3 1.6 Charter signed & approved Project Sponsor signs the charter to forward authorization for the planning process. 2 2.0 Planning The work for the planning process of the project. 3 2.1 Create Scope Statement Project Manager to create a scope statement. 3 2.2 Determine Project Team Project Manager Determines the team and resources needed for the project. 3 2.3 Team Plan Meeting Meeting for the Project plan with members working on the project. 3 2.4 Implement Project Plan Project Manager directs and team develops the project plan. 3 2.5 Submit Project Plan Project plan gets submitted for approval by the Project Manager. 3 2.6 Project Plan Approval Plan is approved and Project Manager can proceed to implement the project plan. 2 3.0 Installation Installation for Modern IT Hardware and Software 3 3.1 Installation Planning Plan start date and end date of installation 3 3.2 Installation Development System Installation of development system for testing and customizing of user interfaces. 3 3.3 Installation of Live System Actual systemis installed and configured 3 3.4 Test all Installation Tests done to ensure proper functions of installation 2 4.0 Hardware Computer, Printers, cabling, phones, computer hardware for project.
  • 26. 26 3 4.1 Hardware Requirements Required hardware for project according to budget and topology used. 3 4.2 Hardware Testing Tests done for quality of installation. 3 4.3 Validate User Requirements Original user requirements are reviewed and validated with the users. 3 4.4 Users Training All users will receive training class on new hardware. 2 5.0 Software Programs and applications for the computers, workstations etc. 3 5.1 Software Requirements Required software for project according to budget and topology used. 3 5.2 Software Testing Test done for quality of installation. 3 5.3 User Training All users will receive training on new software. 2 6.0 Project Management Overall Management of the project. 3 6.1 Planning Overall Plan to implement the project. 3 6.2 Budget Maintain a cost efficient budget for the bid. 3 6.3 Meetings Manager and project members group to discuss project issues and goals for success. 3 6.4 Risk Management Risk management efforts to avoid any unacceptable risks or failures. 3 6.5 Update Project Management Updates on the project as it progress. 2 7.0 Finalize The work to finish the project. 3 7.1 Update files & Records Files and records are update to reflect the Nature’s best network infrastructure and design. 3 7.2 Document Lessons learned Manager and project members document lesson learned for throughout the project. 3 7.3 Audit Procurement Audit for all hardware and software procured for the project, to be sure that all procured products is accounted for in the project. 3 7.4 Gain Formal Acceptance Project Sponsor accepts and signs the acceptance document included in the project plan.
  • 27. 27 Nature’s Best Project 1.0 Initiation 1.1 Planning 2.0 Installation 3.0 Finalize 7.0 Project Management 6.0 Software 5.0 Hardware 4.0 Hardware Requirements 4.1 Recommendations 1.2 Develop Charter 1.3 Submit Charter 1.4 Sponsor Reviews Charter 1.5 Charter signed/ approved 1.6 Nam e Title Create Scope Statement 2.1 Determine Project Team 2.2 Team Plan Meeting 2.3 Implement Project Plan 2.4 Submit Project Plan 2.5 Project Plan Approval 2.6 Installation Planning 3.1 Installation Development System 3.2 Installation of live System 3.3 Test all Installation 3.4 Hardware Testing 4.2 Validate User Requirements 4.3 User Training 4.4 Software Requirements 5.1 Software Testing 5.2 User Training 5.3 Planning 6.1 Budget 6.2 Meetings 6.3 Risk Management 6.4 Update Project Management Plan 6.5 Update files/ Records 7.1 Document Lessons Learned 7.2 Audit Procurement 7.3 Gain Formal Acceptance 7.4
  • 28. 28 By Joseph C Douglas
  • 29. 29 VPNConnectionVPNConnection Headquarters/NTB.COM Domain Domain OUITDept. OU/HRDept. OU/Accounting.Payroll User User User Computer Computer Computer LABranch/LANTB.COM Domain Group Group Group Group NYBranch/NYNTB.COM Domain Policy Policy Policy SeattleBranchStore/SNTB.COM Domain Contact Contact Contact Authentication Server CertificateTemplate User Computer User Computer User Computer OrlandoBranchStore/ONTB.COM Domain User Computer Domain Sitelinkbridge File/Print Server File/Print Server File/Print Server File/Print Server OU/Employeeusers OU/Employeeusers OU/EmployeeUsers OU/EmployeeUsers OU/CallCenter OrganizationalUnit User Computer Group Nature’sBestActive Directory Policy DNS/DHCP Server Web/Application Server File/Print Server Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Pritner/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Databaseserver
  • 30. 30 VPN ConnectionVPN Connection Headquarters/NTB.COM Domain Domain OU IT Dept. OU/HR Dept. OU/Accounting.Payroll User User User Computer Computer Computer LA Branch/LANTB.COM Domain Group Group Group Group NY Branch/NYNTB.COM Domain Policy Policy Policy Seattle Branch Store/SNTB.COM Domain Contact Contact Contact Authentication Server Certificate Template User Computer User Computer User Computer Orlando Branch Store/ONTB.COM Domain User Computer Domain Site link bridge File/Print Server File/Print Server File/Print Server File/Print Server OU/Employee users OU/Employee users OU/Employee Users OU/Employee Users OU/Call Center Organizational Unit User Computer Group Nature’s Best Active Directory Policy DNS/DHCP Server Web/Application Server File/Print Server Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Printer/Copier Scanner Pritner/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Printer/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Print/Copier/Scanner Database server By Charles Spencer
  • 31. 31 Task Name Duration Start Finish Predecessors Resource Names Project START 56 days? Wed 12/10/14 Wed 2/25/15 WEEK 1 6 days Wed 12/10/14 Wed 12/17/14 Team Meeting 1 day Wed 12/10/14 Wed 12/10/14 Joseph Douglas,Ernest Dalusong,Charles Spencer,Randolph Gallegos Logo 1 day Wed 1/7/15 Wed 1/7/15 Randolph Gallegos Team Roles 1 day Wed 12/10/14 Wed 12/10/14 Ernest Dalusong,Joseph Douglas,Charles Spencer,Randolph Gallegos Analyze Protect 5 days Wed 12/10/14 Tue 12/16/14 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos Assign Tasks 5 days Wed 12/10/14 Tue 12/16/14 Research 5 days? Wed 12/10/14 Tue 12/16/14 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos In/Out Scope 0.25 days Wed 12/17/14 Wed 12/17/14 Equipment Removal 0.25 days Wed 12/17/14 Wed 12/17/14 Charles Spencer,Ernest Dalusong,Joseph Douglas,Randolph Gallegos New Conveyer 0.25 days Wed 12/17/14 Wed 12/17/14 Charles Spencer,Ernest Dalusong,Joseph Douglas,Randolph Gallegos WEEK 2 6 days Wed 12/17/14 Wed 12/24/14 Netw orkTopology Discussion 3 days Wed 12/17/14 Fri 12/19/14 Joseph Douglas,Ernest Dalusong Project Charter Develirables 3 days Wed 12/17/14 Fri 12/19/14 Joseph Douglas Cost Analysis- Hardware 3 days Wed 12/17/14 Fri 12/19/14 Randolph Gallegos Cost Analysis- Software 3 days Wed 12/17/14 Fri 12/19/14 Ernest Dalusong Unysis Stealth Security 3 days Wed 12/17/14 Fri 12/19/14 Charles Spencer Design Phase 3 days Wed 12/17/14 Fri 12/19/14 Retail Outlets 3 days Wed 12/17/14 Fri 12/19/14 BackHauling Freight 3 days Wed 12/17/14 Fri 12/19/14 Handheld Scanners 3 days Wed 12/17/14 Fri 12/19/14
  • 32. 32 WEEK 3 6 days Wed 1/7/15 Wed 1/14/15 Journal 1 day Wed 1/7/15 Wed 1/7/15 Ernest Dalusong,Charles Spencer,Joseph Douglas,Randolph Gallegos WBS and WBS Dictionary 1 day? Wed 1/7/15 Wed 1/7/15 JosephDouglas Project Management Plan 1 day? Wed 1/7/15 Wed 1/7/15 Design a Product Charter 1 day? Wed 1/7/15 Wed 1/7/15 Identify Scope 1 day? Wed 1/7/15 Wed 1/7/15 Preliminary Schedule 1 day? Wed 1/7/15 Wed 1/7/15 Ernest Dalusong WEEK 4 5 days Wed 1/14/15 Tue 1/20/15 Team Journal 1 day? Wed 1/14/15 Wed 1/14/15 Journal 1 day? Wed 1/14/15 Wed 1/14/15 Hardw are / Software Documentation 1 day Wed 1/14/15 Wed 1/14/15 Budget 1 day? Wed 1/14/15 Wed 1/14/15 Research on Retail, Warehouse, Transportation problems 1 day? Wed 1/14/15 Wed 1/14/15 WEEK 5 6 days Wed 1/21/15 Wed 1/28/15 Team Journal 1 day Wed 1/21/15 Wed 1/21/15 Journal 1 day Wed 1/21/15 Wed 1/21/15 Change Management Plan 1 day Wed 1/21/15 Wed 1/21/15 Quality Plan 1 day Wed 1/21/15 Wed 1/21/15 WEEK 6 6 days Wed 1/28/15 Wed 2/4/15 29 Team Journal 1 day? Wed 1/28/15 Wed 1/28/15 Journal 1 day? Wed 1/28/15 Wed 1/28/15 50% Pow er Point 5 days? Wed 1/28/15 Tue 2/3/15 Netw orkInfrastucture Configuration Draft 5 days? Wed 1/28/15 Tue 2/3/15 Active Directory Draft 5 days? Wed 1/28/15 Tue 2/3/15 Risk Management Plan 5 days? Wed 1/28/15 Tue 2/3/15 Netw orkSchematic Draft 5 days? Wed 1/28/15 Tue 2/3/15 Server Configuration Draft 5 days? Wed 1/28/15 Tue 2/3/15 WEEK 7 5 days? Wed 2/4/15 Tue 2/10/15 35 Team Journal 5 days? Wed 2/4/15 Tue 2/17/15 Journal 5 days? Wed 2/4/15 Tue 2/17/15 Researchs on Firew alls 5 days? Wed 2/4/15 Tue 2/10/15 Week 8 5 days? Wed 2/11/15 Tue 2/17/15 49 Team Journal 5 days? Wed 2/11/15 Tue 2/17/15 Journal 1 day? Wed 2/11/15 Wed 2/11/15 Client Configuration Draft 1 day? Wed 2/11/15 Wed 2/11/15 Week 9 1 day? Wed 2/18/15 Wed 2/18/15 Team Journal 1 day? Wed 2/18/15 Wed 2/18/15 Journal 1 day? Wed 2/18/15 Wed 2/18/15 Week 10 1 day? Wed 2/25/15 Wed 2/25/15 Team Journal 1 day? Wed 2/25/15 Wed 2/25/15 Journal 1 day? Wed 2/25/15 Wed 2/25/15 Server Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 Client Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 95% Presentation 1 day? Wed 2/25/15 Wed 2/25/15 Netw orkInfrastructure Configuration Final 1 day? Wed 2/25/15 Wed 2/25/15 Active Directory Final 1 day? Wed 2/25/15 Wed 2/25/15 Implementation Demo 1 day? Wed 2/25/15 Wed 2/25/15 Netw orkSchematic Final 1 day? Wed 2/25/15 Wed 2/25/15
  • 33. 33
  • 34. 34
  • 35. 35
  • 36. 36
  • 37. 37 By Joseph C Douglas & Randolph Gallegos
  • 38. 38 Hardware Cost Servers Quantity Individual Cost Sales Tax8.25% Total QCost Barracuda840LoadBalancerADC 1 $64,407.99 $69,721.65 $69,721.65 Nfina328i4DualProccessor300series 5 $3,907.25 $4,229.60 $21,148 Nfina528i4DualProccessor500series 2 $3,367.10 $3,644.88 $7,289.77 WebserverPoweredgeT630 1 $1,609.00 $1,741.74 $1,741.74 Printer/Scanners/Copiers HPLaserJetEnterprise700M775fCC523A 11 $5,449.99 $5,899.61 $64,895.75 Workstations HPZ230WorkstationPC 40 $849.99 $920.11 $36,804.56 Portable Scanning Devices Intermec1552Sabre 24 $695.00 $752.33 $18,055.22 Network Devices CiscoASR1002-Router 5 $22,074.99 $23.896.17 $119,480.85 CiscoSmall Business SG200-26PManagedPoE Switch 4 $425.99 $461.13 $1,845.20 TrippLiteB096-01616-PortSerialConsoleServerManagementSwitch 1 $1,663.99 $1,801.26 $1,801.26 VoIPPhone Service VoIP3CXPhoneSystem(3CXPS16)Server 5 $1,395.00 $1,510.08 $7,550.40 Aastra67531IPPhone 40 $148.55 $160.80 $6,432 Total $356,766.40
  • 39. 39 Software Cost NexoroneBankingSoftware 1 $12,500.00 13,531 $13,531 AdobeAcrobat 40 $299.99 $325 $13,000 WindowsOS8.1Pro 40 $132.99 $143.96 $5,758.40 BitDefenderAntiVirus Plus 2015 40 $89.95 $97.37 $3,894.80 MicrosoftOffice365Personnel 40 $69.99 $75.76 $3,030.40 VueScanPortalableScanningSoftware 24 $39.95 $43.24 $1,123.37 Total $40,337.97 Miscellaneous Hardware Cost UTouchPOSRegisters 16 $1,039.72 $1,133.21 $18,131.36 Cat6cablingboxes1000ft 15 $119.99 $129.89 $1,948.35 Off-SiteDatabackupserviceBarracudaBackup390 Monthly $150.00 $1,800 $1,800 SmartRack4postopenframerack 5 $288.95 $312.79 $1,563.95 RJ-45Cat6ModularPlugs(2perbox) 100 $1.20 $1.30 $1,300 J-Hooksw/HOK-24Clip(100pcsperbox) 2boxes $256.04 $277.16 $554.32 48portpatchpanel 4 $54.99 $59.52 $238.08 96portpatchpanel 1 $119.99 $129.89 $129.89 TrippLiteWallMount 2postopenframerackmount 1 $114.95 $124.43 $124.43 Total $25,790.38
  • 40. 40 Labor&Testing Cost Labor&Implementationfees 500/hrs $150.00P/H $75,000 Hardware&SoftwareTestingfees 500/hrs 100.00P/H $50,000 ITMaintenancefees 300/hr $100.00P/H $30,000 TrainingforITStaff 70/hrs $75.00 P/H $5,250 Total $160,250 LicensingCost AcademicOPEN1Microsoftoffice1licensing 40 $59.99 $64.94 $2,598 MicrosoftSinglesoftwareAssurance1licensing 40 $40.00 $43.30 $1,732 Total $4,330 ProjectTotalCost GrandTotal $587,474.75
  • 41. 41 Retail store’s Network Schematic By Joseph Douglas
  • 42. 42 INTERNET Nfina 328i4 File/Print Server Cisco ASR-1002 Router Cisco SG200-26P SwitchFirewall HP LaserJet Printer/copier/scanner 10x HP Z230 Workstation PC/ Retail Stores 10x Aastra 67531 VoIP Phone PBX Nature’s Best Headquarters Touch Screen Cash Register Touch Screen Cash Register HP LaserJet Printer/copier/scanner Class B IP Range 172.16.0.1- 172.16.0.30/27 Subnet Mask 255.255.255.224 Broadcast Address 172.16.0.31 Subnet ID 172.16.0.0 Retail Store’s Network Schematic Vlan Switch
  • 43. 43 LA Branch Class B Address Subnet: 172.16.0.0 IP: 172.16.0.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 NY Branch Class B Address Subnet: 172.16.1.0 IP: 172.16.1.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 Seattle Branch Class B Address Subnet: 172.16.2.0 IP: 172.16.2.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30 Orlando Branch Class B Address Subnet: 172.16.3.0 IP: 172.16.3.1 Subnet Mask: 255.255.255.224/27 IP Range: 1-30
  • 45. 45 INTERNET Tripplite B096-16 CONSOLE Server Management Switch Email/Web Server File/Print Server Application/Database Server DNS/DHCP/Directory Server Barracuda 840 Load Balancer ADC HP LaserJet Enterprise Printer/copier/scanner HP LaserJet Enterprise Printer/copier/scanner HP LaserJet Enterprise Printer/copier/scanner Firewall Cisco ASR 1002 Router Aastra 67531 VoIP Phone Corporate Headquarters Network Schematic LA,NY,Sea,Orl Branch’s HP Z230 Workstations PBX Class C IP Range 192.168.0.1- 192.168.0.254/24 Subnet Mask 255.255.255.0 Broadcast Address 192.168.0.255 Subnet ID 192.168.0.0 Vlan Switch
  • 46. 46 Natures Best Security Policy Workstations & User Domain By Joseph C Douglas
  • 47. 47 Purpose: The purpose of these policies is to provide an up to date corporate security plan for the User and Workstation Domains at all of Nature’s best branch offices. Scope: This policy will apply to all Nature’s Best employees who have access to their Workstations and User Domain. It will ensure confidentiality, integrity and availability of sensitive information, including protected and personal information is restricted to authorized users only.
  • 48. 48 Common Vulnerabilities o Lack of awareness or concern for security policy o Intentional malicious activity o Violation of security policy o Unauthorized user access o Weakness in installed software o Malicious software introduced o Social engineering Threat Targets of the User and Workstation Domains o PC’S o Smartphones o Personal Digital Assistants (PDAs) o Application Software (productivity, Web browsing) o Administrative workstations o Servers, network and operating-system software o Departmental workstations
  • 49. 49 User Domain & Workstation Policy o Implement an acceptable security policy. o Apply awareness training on the policies. o Establish unique logon credentials for users that require a strong password. o Grant only user privileges to that users required tasks. o Enable password protection for workstations o Conduct a second-level test to verify a user’s access. o Automatic antivirus scans for inserted CDs, DVDs, and USB drives that have files at all workstations. o Content filtering and scanning for virus at internet entry and exit points. o Have workstation domain vulnerability tests to find gaps
  • 50. 50 Continued…. o Minimize write/delete permissions to the data owner only. o Disable internal CD drives and USB ports. o Enable automatic antivirus scans for media drives, files and e- mail attachments. o Enable content filtering for antivirus scanning of email attachments. o Track and monitor abnormal employee behavior. o Updates on application software and security patches. o Antivirus and malicious scans that update workstations with proper protection. o Enable workstations auto-scans for all new files and automatic file quarantine for unknown files.
  • 51. 51 VoIP & SIP Security policy and administration. o Before dial tone users must prove their identity. o Only minimum functions and features will be used on all IP phones with specific phone extensions. o PIN numbers or Password will be required before granting dial tone of IP phones. o Long distances calls will require a valid code or permission from It Management. o Encryption (VPN,SSH,HTTPS etc.) will be used for remote access and management to call servers and VoIP o Call- Detail recordings for periodic auditing of users extensions, inbound or outbound dialing, and toll calls.
  • 52. 52 Miscellaneous o All N.B.-owned workstations, whether on the N.B. domain or not, must have a centrally-managed N.B. administrative group required for the Information Security Function. o Wireless connections are only to be used on approved portable devices if wireless access is used on a mobile device, then the device must connect to an approved wireless access point. o The use of insecure protocols such as FTP and Telnet are prohibited o All server rooms, electrical closets, and locations where any network equipment such as routers, switches, firewalls or servers are housed will be secured and locked at all times. o All workstations should have an established, documented, and consistently-used backup plan.
  • 53. 53 Enforcement of Policy Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
  • 54. 54 Nature’s Best Server Security Policy
  • 55. 55 Server Security Policy 1.0 Premise: Every server administrator must take reasonable security measures to secure their hosts as outlined by this policy. Computer security is not something that is done once a year, once a month, or even once a day. It is the frame of mind that there are real threats and that part of the job includes keeping users, data and transactions safe from these threats. 2.0 Purpose: This policy is for all computer system administrators managing a computer server connected to a network. The following policies define common sense security practices expected of all computer server administrators and users. 3.0 Scope: This policy addresses any server connected to a network providing any type of service to other users. 4.0 Ownership and responsibilities: A server administrator, upon connecting their server to a network, is responsible for the security of that device in accordance with IT guidelines. Note: An administrator is held accountable when a compromise occurs. It is also expected that the administrator will demonstrate reasonable precautions to ensure the security of their hosts. 5.0 Server Policy: As follows.
  • 56. 56 5.1 Location: Servers should be placed in physically secured areas accessible only to authorized personnel. There is no substitute for physical security. Each Server room will be located next to each lab and contains the IT essentials for each lab including, servers, racks, cabling and cabinets. Server rooms should have limited access • The door will be equipped with a key card system and qualified personnel will have to swipe their card to enter • If you card is lost/stolen please call our IT support immediately and they will deactivate your card • A new card will be overnighted to you immediately • If you need the uses of a card today, IT director will have a spare key card on hand for emergencies 5.2 Services Supported: Administrators should run only services on a server that are needed for it to complete its designed task. Every service running should be regarded as a mode of entry. The number of entry points should be limited to only those needed. Note: The chance that a computer will be compromised is increased with the number of services being run. Therefore, it is expected that every administrator knows exactly what and why services are running. 5.3 Security Updates: The latest system patches should be applied regularly. Note: Security related patches for systems often mean that there has been a successful exploit of a particular vulnerability. The vulnerability of a system is directly proportional to the age of the patches. The longer one waits before applying a patch, the more likely it is that it will be successfully exploited. It is not uncommon to have a three-month-old vulnerability incorporated into an automated tool that thousands of hackers use. Patching a system is something that should be done on a regular schedule and immediately if a threat has been reported. At some point, if patches are not applied in a timely manner, the server could be disconnected from the network until vulnerabilities have been addressed.
  • 57. 57 5.4 Virus Protection: It is expected that administrators regularly scan all servers with updated virus detection software. 5.5 Log-on Limits: Administrators should limit log-on retries. Note: Password guessing applications have a greater probability of cracking a password if given ample opportunity. For most situations, Information Technology Services recommends account lockout after three failed log-on attempts. 5.6 Account Reviews: Accounts must be regularly reviewed for inactivity, and any dormant accounts disabled. Note: Old accounts should be terminated regularly. When students, faculty, and VIP personnel leave the school, administrators should have a clear deadline for account termination. Dormant (unused for more than 60 days) accounts make attractive targets to intruders, since no one will likely notice the activity. 5.7 Local Accounts: Whenever possible, accounts should be located on and authenticated against a Kerberos, NTLM, LDAP or Active Directory based infrastructure. Administrators should only use local accounts when absolutely necessary. Note: In most cases, local accounts are not scrutinized as closely as directory based accounts and thus more susceptible to attack by automated tools. 5.8 Privileged Accounts: Special care should be taken with privileged accounts (including but not limited to "root" for UNIX and "administrator" for NT), commensurate with the privileges afforded the account. Passwords for privileged accounts should be given only to people with a need for privileged access. For NT Servers, the "administrator" account should be renamed.
  • 58. 58 Note: Failing to change the name of the account gives would-be intruders half the equation to compromising the server. All privileged server accounts should be password protected. 5.9 Password Protection: All accounts must conform to the Password Policy. 5.10 Service Banners: Wherever feasible, a log-on banner, stating that the system is for authorized use only, should be displayed for anyone attempting to connect to the system. Note: If possible, log-on restrictions (by time of day, by system address, etc.) should be implemented. All operating system, version/release numbers, and vendor information provided in log-on/sign-on banners should be limited or disabled. Providing this information makes attacks easier by allowing intruders to pinpoint hosts with known security vulnerabilities. 5.11 Backups: Information Technology Services encourages server administrators to maintain backups on all servers for 30 days. Note: In the event of a security breach backups are important to track down when changes occurred and which files were modified. Backups are also important to restore a server to its configuration before the intrusion occurred (i.e. no code is present which was inserted during the intrusion). 5.12 Server Logs: Logs of user activity must be retained for a period of time. Note: IT recommends that these logs be kept for at least six months. Logs should include (where feasible) the time and date of activities, the user ID, commands (and command arguments) executed, ID of either the local terminal or remote computer initiating the connection, associated system job or process number, and error conditions (failed/rejected attempts, failures in consistency checks, etc.). Logs should be checked for signs of malicious activity on a regular daily or weekly basis. Knowledge that logs are kept, acts as a deterrent to abuse. Logs are also essential in investigating incidents after the fact. Many attempted break-ins can be detected early, and sometimes prevented by early detection of unusual activity.
  • 59. 59 5.13 Sensitive Information: Nature’s Best of Information Technology Services must be made aware of any server that contains sensitive data. This includes but is not limited to social security number, credit card numbers, grades and other personal data. Note: Extra precaution must be taken with systems containing sensitive data. 5.14 Remote Administration: In order for a vendor or consultant to gain access to a server from off campus, they must be assigned a VPN account. The system administrator is responsible for registering the vendor or consultant before the VPN can be assigned. In addition, that vendor or consultant may be required to sign a non-disclosure agreement before gaining access to a server. Note: Many servers require administration by outside vendors or consultants. In these cases, it is preferred that this outside access be obtained by using a VPN account. The account allows for secure remote access to the server. In the case on Windows servers, Terminal services should be used through the VPN connection to administer the server. UNIX, Linux or Mac servers should use SSH. 6.0 Incident Response: AS Follows. 6.1 Response Procedure: A server administrator must read and understand the Natures Best Incident Response Policy. 1. The server will be analyzed by Information Technology Services and the server administrator to attempt to determine the method by which the server was compromised. 2. If it has been determined that the server was compromised then the server's system volume will be reformatted. The operating system will be reinstalled with the latest security patches. 3. The server must pass a security scan before being reconnected to the network. 6.2 Incident Confidentiality: Information regarding security incidents will be kept confidential by all parties involved. Only authorized personnel may disclose such information. 7.0 Compliance: Natures Best Information of Technology Services reserves the right to scan systems for known vulnerabilities. When vulnerabilities are discovered, it is expected that administrators will immediately act to close all known security vulnerabilities for which there are
  • 60. 60 reasonable methods to close such vulnerabilities. If the administrator is unable to do this in a timely fashion, it is expected that they will remove the server from the network to protect other systems. 8.0 Enforcement: All servers should be registered with Natures Best Information of Technology Services. Note: All server administrators must notify Nature’s Best Information of Technology Services of servers running in their department. This registration will require names and phone numbers of people to call in emergency situations including contact information during class breaks. When security related issues arise and this information is not available, there may be no choice other than to disconnect a server without notice. Natures Best Information of Technology Services must be notified upon discovery of any system breach or suspected system breach. Natures Best Information of Technology Services reserves the right to disconnect any server which poses a threat to a school network. Any server not following the above procedures will be considered unsafe, and as such poses a threat to the Company’s network and other systems.
  • 61. 61 Nature’s Best Disaster and Recovery Policy
  • 62. 62 This document delineates the policies and procedures for an Information Technology Disaster Recovery Plan (referred to as “IT Disaster Recovery Plan”), as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency situation, modifications to this document may be made to ensure physical safety of people, systems, and data. Our mission is to ensure information system operation, data integrity and availability, and business continuity. All IT disaster recovery-planning procedures and recovery solutions should be consistent with and support Local and State security policies. IT Disaster Recovery solutions should offer the same level of security as the normal operating procedure so that sensitive data is not compromised or disclosed. Because IT resources are critical to Nature’s Best success, it is essential that the services provided are able to operate effectively without excessive interruption. The IT Disaster Recovery Planning Guidelines contained in this section support this requirement by establishing a proven and structured approach to developing IT disaster recovery plans and procedures that enable a system to be recovered quickly and effectively following a service disruption or disaster. The purpose of a DRP is to document the recovery strategies and create a road map of predetermined actions that will reduce required decision-making during a disaster and systematically provide a documented recovery path. Although the likelihood of a catastrophic disaster is remote, the devastation and potential loss of the ability to perform services requires that advance planning occur in order to respond in an effective and responsible manner. The recovery strategies developed should provide a means to restore IT components quickly and effectively following a service disruption. IT Disaster Recovery Plans must document backup procedures. Procedures should specify backup frequency based on data criticality and the frequency that new data is introduced. Backups should occur daily (at a minimum). Backup procedures should designate the location of stored data, retrieval procedures, backup test procedures, file-naming conventions, media rotation frequency, method for transporting data off-site, and a description of off-site storage facility.
  • 63. 63 Once backup procedures are documented, they should be tested. This test should include the successful restoration of data. This includes retrieval procedures to obtain off site data. Testing backup procedures will identify missing files, missing applications, and faulty procedures. Testing backup procedures also increases the likelihood of discovering procedural inconsistencies before an emergency, rather than during one. Recovery strategies must consider damage or destruction of IT systems or unavailability of the primary site. Necessary hardware and software will need to be acquired and/or activated quickly at the alternate location. Notification procedures that describe the methods to notify recovery personnel during business and non-business hours should be developed and documented. These procedures should also cover events with and without prior notification. Primary and alternate contacts must be included along with procedures to be followed if an individual cannot be contacted. While this section lists contacts by team position, an emergency contact list that identifies personnel by the team position, name, and contact information (e.g., home, work, cell, pager numbers, e-mail addresses, and home addresses) should be appended to the plan. The type of information to be communicated to those being notified should also be documented in the plan. Recovery activities begin once the plan has been activated and recovery team(s) mobilized. Recovery phase activities focus on disaster recovery measures to execute temporary IT processing capabilities, repair damage to the system, and restore operational capabilities at the original or new facility. Recovery procedures must be documented in sequential format with step- by-step instructions to restore system components in a logical manner consistent with priorities identified in the BIA. The procedures should also indicate who is responsible for taking each action and document any coordination between activities. Because recovery procedures are likely to change frequently, it is recommended that recovery procedures and supporting exhibits be maintained as a separate document. Training and awareness programs are essential to a successful IT disaster recovery program. Personnel with recovery responsibilities should receive training at least annually. New personnel with plan responsibilities should receive training as soon as possible after they are identified. The goal of the training is to educate staff to the extent that they are able to execute their respective
  • 64. 64 recovery procedures without aid of the actual DRP. The following elements should be covered in the training program:  Purpose of plan  Cross-team coordination and communication requirements  Reporting procedures  Security requirements  Team and phase-specific processes (Notification/Activation, Recovery, and Reconstitution)  Individual responsibilities in each phase Plan testing is an essential element of a viable IT disaster recovery capability. The first benefit of testing the DRP is that it provides an opportunity to train personnel to execute the plan. Without practice, the key staff may have no idea what their roles are within the DRP. Secondly, periodic testing is important because it validates the effectiveness of the backup and recovery procedures. One of the key elements of a successful DRP is the ability of the recovery team to locate a current copy of the core data to replicate. If the backup and recovery activities used in the data center are not effective or fail to comply with the requirements of the BIA, a DRP test will very quickly indicate this shortcoming.
  • 65. 65 The third importance of testing is not that the test succeeds without problems, but that you review the test results and problems encountered and use these results to update or revise the current procedures and plans. Many agencies do not have the resources to performing a full recovery with system downtime. A total system test is ideal. If a total system test cannot be performed, individual sections or sub-systems of the DRP may be tested separately in order to confirm the recoverability of the plan as a whole. Thorough testing should include the following:  System recovery on an alternate platform from backup media  Coordination among recovery teams  System performance using alternate equipment  Restoration of normal operations  Notification and activation procedures Test results should be documented, reported to senior management, and kept on file. The IT Disaster Recovery Plan is a living document and the maintenance of the plan should be included in the general business plan. It must be updated regularly to remain viable based on the most current system architecture or environment. Each IT Disaster Recovery Plan must document plan maintenance procedures and responsibilities. This should include reassessment of the plan at least annually and a process to update the plan to reflect changes in hardware, software, and personnel.
  • 66. 66 Policy Statement  The Nature’s best comprehensive IT Disaster Recovery Plan shall be reviewed annually.  A risk assessment shall be undertaken periodically to determine the requirements for the IT Disaster Recovery Plan.  The IT Disaster Recovery Plan should cover all essential and critical infrastructure elements, systems and networks, in accordance with key educational activities.  The IT Disaster Recovery Plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed.  Staff must be made aware of the IT Disaster Recovery Plan and their own respective roles.  The IT Disaster Recovery Plan is to be kept up to date to take into account changing circumstances. Objectives The principal objective of the IT Disaster Recovery Plan program is to develop, test and document a well- structured and easily understood plan which will help Nature’s best recover as quickly and effectively as possible from an unforeseen disaster or emergency which interrupts information systems and educational operations. Additional objectives include the following:  The need to ensure that employees fully understand their duties in implementing such a plan.  The need to ensure that operational policies are adhered to within all planned activities.  The need to ensure that proposed contingency arrangements are cost-effective.  Disaster recovery capabilities are applicable to staff, vendors and others.
  • 67. 67 Prevention All attempts are made to prevent or limit the impact of a disaster on the information systems of Nature’s best. Specifically, the following steps have been taken:  All servers are in a centralized and secured, locked location with access limited to technology staff and selected buildings and grounds staff.  A separate independent cooling system is installed in the server room.  All servers are password protected, with only select administrator level user accounts given authorization to log on.  Uninterrupted power supplies are installed on all servers and key network equipment.  RAID is used on mission critical servers. Plan updating It is necessary for the IT Disaster Recovery Plan updating process to be properly structured and controlled. Whenever changes are made to the plan they are to be fully tested and appropriate amendments should be made to the training materials. This will involve the use of formalized change control procedures under the control of the Technology Department.
  • 69. 69 CLIENT CONFIGURATION For the Client configuration anybody with administration rights will have the opportunity to change any configuration that they deem necessary.  For basic users, regular students that are using computer lab workstations, they will need to have authentication first, they will be given the choice to make their own password which must consist of at least 8 to 16 characters, using Caps and mixture of special characters and numbers.  Their usernames will have part of their name and student I.D. number to verify who they are upon logging on the computer lab work stations.  These passwords will have to be case sensitive and students will have to memorize and not write don’t their password so no one can gain access to their computer lab workstations.  Same will go for anybody in the Administration level, solely for security purposes.
  • 71. 71 Test Plan In setting up our network we have been tasked with devising the test plan to ensure the functionality of the network. This plan documents the strategy in which we will verify and ensure the network meets the client’s specifications. Type of Testing  Compatibility Testing  Functional Testing  Stress/Load Testing  Performance/System Testing  Security Testing  Disaster Recovery Testing  User Acceptance Testing Training Plan  Responsible to train the IT staff, and Administrators.  Making up the schedule for who is training who and how long it’s going to take  Assembling way for all the staff to get help after we leave the school.
  • 73. 73 Backup Policy 1.0 Overview This policy defines the backup policy for computers within the organization which are expected to have their data backed up. These systems are typically servers but are not necessarily limited to servers. Servers expected to be backed up include the file server, the mail server, and the web server. 2.0 Purpose This policy is designed to protect data in the organization to be sure it is not lost and can be recovered in the event of an equipment failure, intentional destruction of data, or disaster. 3.0 Scope This policy applies to all equipment and data owned and operated by the organization. 4.0 Definitions 1.Backup - The saving of files onto magnetic tape or other offline mass storage media for the purpose of preventing loss of data in the event of equipment failure or destruction. 2. Archive - The saving of old or unused files onto magnetic tape or other offline mass storage media for the purpose of releasing on-line storage room. 3. Restore - The process of bringing off line storage data back from the offline media and putting it on an online storage system such as a file server. 5.0 Timing Full backups are performed nightly on Monday, Tuesday, Wednesday, Thursday, and Friday. If for maintenance reasons, backups are not performed on Friday, they shall be done on Saturday or Sunday.
  • 74. 74 6.0 Tape Storage There shall be a separate or set of tapes for each backup day including Monday, Tuesday, Wednesday, and Thursday. There shall be a separate or set of tapes for each Friday of the month such as Friday1, Friday2, etc. Backups performed on Friday or weekends shall be kept for one month and used again the next month on the applicable Friday. Backups performed Monday through Thursday shall be kept for one week and used again the following appropriate day of the week. 7.0 Tape Drive Cleaning Tape drives shall be cleaned weekly and the cleaning tape shall be changed monthly. 8.0 Monthly Backups Every month a monthly backup tape shall be made using the oldest backup tape or tape set from the tape sets. 9.0 Age of tapes The date each tape was put into service shall be recorded on the tape. Tapes that have been used longer than six months shall be discarded and replaced with new tapes. 10.0 Responsibility The IT department manager shall delegate a member of the IT department to perform regular backups. The delegated person shall develop a procedure for testing backups and test the ability to restore data from backups on a monthly basis. 11.0 Testing The ability to restore data from backups shall be tested at least once per month. 12.0 Data Backed Up Data to be backed up include the following information: 1. User data stored on the hard drive.
  • 75. 75 2. System state data 3. The registry Systems to be backed up include but are not limited to: 1. File server 2. Mail server 3 .Production web server 4. Production database server 5. Domain controllers 6. Test database server 7. Test web server 13.0 Archives Archives are made at the end of every year in December. User account data associated with the file and mail servers are archived one month after they have left the organization. 14.0 Restoration Users that need files restored must submit a request to the help desk. Include information about the file creation date, the name of the file, the last time it was changed, and the date and time it was deleted or destroyed. 15.0 Tape Storage Locations Offline tapes used for nightly backup shall be stored in an adjacent building in a fireproof safe. Monthly tapes shall be stored across town in our other facility in a fireproof safe. This policy may contain descriptions about how various systems and types of systems are backed up such as Windows or UNIX systems.
  • 77. 77 System Lockdown Policy 1.0 Overview This system lockdown policy is an internal IT policy and defines a general process that should be used to lock down servers and workstations. 2.0 Purpose This policy is designed to minimize risk to organizational resources and data by establishing a process for increasing the security of servers and workstations by stopping unneeded services and testing for vulnerabilities. 3.0 Server Lockdown and Hardening This section describes a general process used to lock down servers. When they are initially installed and configured. Types of servers or equipment that need hardening include but are not limited to file sharing servers, email servers, Web servers, FTP servers, DNS servers, DHCP servers, Database servers, Domain controllers, Directory servers, Network devices such as firewalls, routers, and switches. 1. List services that will be required to run on the server. Examples include: 1. DNS 2. HTTP 3. SMTP 4. POP3 2. List services that are running on the server and turn off any that the administrator is sure are not needed. 3. Do a port scan on the server - Use a security tool to test and determine any ports that the server is responding to. 4. Shut down any services that are not on the required list of services for the server. Especially remember to shut down services listed in Appendix A - Services Recommended for Shutdown 5. Remove any unnecessary programs, services, and drivers from the server especially those not loaded by default on the server. 6. Patch the server with the latest patches and patch all services running on the server. 7. Disable or change the password of any default accounts on the server or related to any operating services. 8. Be sure all passwords used to access the system or used by services on the system meet minimum requirements including length and complexity parameters. 9. Be sure all users and services have minimum required rights and do not have rights to items not needed. 10. Be sure file share and file permissions are as tight as possible. 11. Perform a vulnerability assessment scan of the server. 12. Patch or fix any vulnerabilities found. 13. Where appropriate, install and run additional security programs such as: 1. Anti-virus - Install and perform latest update of software and virus definitions. 2. Firewall
  • 78. 78 3. Intrusion detection software - Some approved host based intrusion detection software is recommended to be run on all servers. 4. Honeypot 5. Change of system and system files detection All this software should have the latest updates installed. 14. Set security parameters on all software such as where anti-virus programs will scan, how often it will scan, and how often it will get virus definition updates. 15. Enable audit logging to log any unauthorized access. 16. Perform another vulnerability assessment scan of the server, and fix any discrepancies. 17. Take additional account management security measures including: 1. Disable the guest account 2. Rename default administrator accounts 3. Set accounts for minimum possible access 4. Be sure all accounts have passwords meeting minimum complexity and length rules. 18. Test the server to be sure all desired services are operating properly. 4.0 Enforcement Since locking down servers is critical to the security of the organization and everyone, this policy must be enforced by management through review and auditing. Appendix A - Services Recommended for Shutdown 1. File and Printer Sharing for Microsoft Networks - Uninstallation of this service is recommended. This service is not needed unless you want to share a printer on your local computer or share folders on your local computer with other computers. 2. Messenger - Disable this service in the Services applet of Administrative Tools. This service has some serious security bugs and problems and has very little use for managing the network. 3. Remote registry service - This service should be set to manual or disabled since it allows people from remote locations to modify your registry. It is a serious security risk and should only be run if required by network administrators. Set this service to manual or disabled in the Services applet of Administrative Tools. 4. Secondary Logon service - If it is not necessary for lower privileged users to use the "Run As" command to run commands that only administrators or power users can run, this service should be disabled. 5. Universal Plug and Play Device Host service - It broadcasts unnecessary information about the computer running the service. It may be used by MSN messenger. This service is a high security risk and should be disabled unless dependent services are required. 6. Wireless Zero Configuration service - Used to support wireless connections. If you are not using wireless, this should be disabled. This service is a high security risk and should be disabled unless needed. 7. Computer Browser - For home users and most organizational users, this service can be disabled. Running this service is a moderate security risk.
  • 79. 79 8. NetMeeting Remote Desktop sharing - A person on a remote computer can access your desktop to help you. This service may be used by network administrators to help users with tasks. Normally this service should be disabled unless needed. Running this service is a moderate security risk. 9. Remote Desktop Help Session Manager service - A person on a remote computer can access your desktop to help you. This service may be used by network administrators to help users with tasks. Normally this service should be disabled unless needed. Running this service is a moderate security risk. 10. Network DDE Service - Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. It allows two running programs to share the same data on the same computer or on different computers. Running this service is a moderate security risk. Normally this service should be disabled unless needed. 11. Network DDE DSDM Service - Manages DDE network shares. Running this service is a moderate security risk. Normally this service should be disabled unless needed. 12. NT LM Security support provider - Used for backward compatibility with older Microsoft operating systems. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. 13. SSDP Discovery service - Allows the computer to connect with networked plug and play devices on the network. This service does not support internal PnP devices. This service should be disabled unless the computer needs to connect to external networked plug and play devices. 14. Telnet service - The telnet service allows a terminal connection to or from a remote computer but sends passwords in the clear. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. 15. Terminal services - Allows a remote connection from a remote computer usually used by network administrators to help users. Running this service is a moderate security risk. Normally this service should be disabled unless needed or set to manual. This service is commonly used by system administrators to administer servers remotely. 16. Alerted service - The alerted service allows system administrators to send messages to selected users. This service should be disabled unless specifically needed. Types of servers that need hardening (This list is not inclusive of all devices that should be hardened): 1. File sharing 2. Email Servers 3. Web servers 4. FTP servers 5. DNS servers 6. DHCP servers 7. Database servers 8. Domain controllers 9. Directory servers 10. Network devices such as firewalls, routers, and switches
  • 81. 81 1.0 Overview This policy defines the minimum training for users on the network to make them aware of basic computer threats to protect both themselves and the network. This policy especially applies to employees with access to sensitive or regulated data. 2.0 Purpose This policy is designed to protect the organizational resources on the network and increase employee efficiency by establishing a policy for user training. When users are trained about computer use and security threats, they work more efficiently and are better able to protect organizational resources from unauthorized intrusion or data compromise. This policy will help prevent the loss of data and organizational assets. 3.0 Training Categories Training categories will include but not be limited to the following areas:  Basics: 1. What files are 2. How to set view for details and show extensions for known file types 3. Why not seeing file extensions is a security hazard to you 4. File storage size - how to determine 5. Mail attachments 6. Where to store files  How to use your network drive  What your network drive is and what it means to you 7. How to copy files 8. Ways to increase efficiency on the computer such as keyboard shortcuts  Ways to get malware: 1. Through email 2. Through browser 3. By connecting 4. By installing unapproved programs  Email viruses: 1. How they spread 2. Spoofing sender 3. Dangerous attachments  Email SPAM 1. Protect your email address 2. Filtering spam  Hoaxes: 1. Phishing 2. Fraud methods  Email use 1. How to set up email for remote users or with your ISP with POP3 2. How to set up out of office reply 3. How to set mail filtering rules
  • 82. 82 4. How to use, import, and export personal folders 5. What an undeliverable response to an email message means  Use of web browser 1. Safe browser? 2. Avoid adware and spyware - ignore ads that may compromise your computer or get you to install an illicit program 3. How to change browser settings for better security 4. Products to prevent malware.  Passwords 1. Why protect my password? 2. Why do I need to change my password every 30 days 3. How to change your password 4. How to choose strong passwords that you can remember 5. If I log in on a website can someone see my password?  Other 1. Reasons for firewall -- worms and others 2. Why worry about malware? 3. What is a vulnerability? 4. Why not run all services? 5. Social engineering 4.0 Training Opportunities Basic training as listed in section 3.0 shall be provided internally by the organization and shall include the following opportunities: 1. Scheduled training seminars for 1 to 4 hours per day. 2. Brown bag lunch training for lunch time training for up to 1 hour per day on one or two days per week. 5.0 Requirements All organizational staff shall make measurable and continuous progress in the training areas listed in section 3. Each employee manager shall be responsible for ensuring that employees under their supervision make progress in the required training areas. Each employee must retain knowledge about training in areas listed in section 3 within the first year of employment. 6.0 Enforcement Since training is very important to the security of the organization, auditing shall be used as a mechanism to be sure the training policy is being followed. Auditors may test employees at random about their knowledge in the areas listed in section 3. If an employee gets malware on their computer, they may be audited.
  • 84. 84 1.0 Overview This policy defines the use of mobile computers in the organization. It defines: 1. The process that mobile computers must meet to leave the corporate network. Both the device and any sensitive data should be password protected. 2. How mobile computers and devices will be protected while outside the organizational network. 3. The process that mobile computers must meet to enter the corporate network when being brought into a building owned by the organization. 2.0 Purpose This policy is designed both to protect the confidentiality of any data that may be stored on the mobile computer and to protect the organizational network from being infected by any hostile software when the mobile computer returns. This policy also considers wireless access. 3.0 Scope This policy covers any computing devices brought into the organization or connected to the organizational network using any connection method. This includes but is not limited to desktop computers, laptops, and palm pilots. Note: To write this policy, consider data and the sensitivity of the data stored and viewed on the mobile computer including: 1. Email 2. Data the user is working on that is stored locally. 3. Cached data that is stored locally such as cached data from the user's browser. Windows XP allows for cached files to be encrypted using the encrypting file system (EFS). 4. Data from the internal network that the user may access while the computer is outside the network. 5. Locally stored user names and passwords. Consider loss due to: 6. Theft - should locally stored data be encrypted? 7. Hard drive failure 4.0 Responsibility The user of the mobile computer will accept responsibility for taking reasonable safety precautions with the mobile computer and agrees to adhere to this policy. The computer user will not be allowed to have administrative rights unless granted special exception by the network administrator. The user of the computer agrees not to use the mobile
  • 85. 85 computer for personal business and agrees to abide by the organizational computer usage policy. 5.0 Connection Terms 8. Devices connected to the organizational network must be determined to be a benefit to the organization rather than convenience by the designated IT manager. 9. All mobile devices owned by the organization or allowed on the organization network must be identified by their MAC address to the IT department before being connected. (Possibly require static IP address) 10. The device must meet the computer connection standards described in the following section. 11. The device operator must be identified by name and contact information to the IT department. 12. The computer device operator must be familiar with the organization's acceptable use policy. 13. Devices not owned by the organization are subject to a software audit to be sure no software that could threaten the network security is in operation. All computing devices are subject to a software audit at any time. 14. Access rights to the organizational network cannot be transferred to another person even if that person is using an allowed computing device. 6.0 Mobile Computer Protection 1. Any mobile computer owned by the organization shall at all times operate the following for its own protection: 1. Antivirus program named _________________ with the latest possible virus updates. The program shall be configured for real time protection, to retrieve updates daily, and to perform an anti-virus or malware scan at least once per week. 2. A firewall program named _________________ with the latest possible updated. The program shall be operational any time the computer is connected to any untrusted network including the internet to protect the computer from worms and other malware. 3. Additional malware protection software shall be active on the computer in accordance with the anti-virus and malware policy. 4. The operating system and application patch levels must be consistent with the current patch levels of our organization for similar devices and operating systems. All mobile computers in the organization shall have wireless access disabled. If wireless access is used, a specific protocol for wireless encryption shall be designated and configured. Also the maximum data sensitivity category shall be noted for the computer depending on the security of the wireless access and other features of the computer. 2. Policy for mobile computers owned by the organization and removed nightly by employees with permission to work from home. 1. These computers shall always meet requirement 6.0.1 above.
  • 86. 86 2. If at any time the computer shall fail to meet the requirement 6.0.1 above, the employee shall report the condition to the IT Security department and a check of the computer equivalent to any check of an unsecure computer entering the building shall be performed. 3. It shall be ensured that unauthorized persons cannot gain access to the computer without a proper user identification and password. Operating systems that do not safely support this process shall not be used in mobile computers. The IT Security department will determine and specify the proper tools to be used for authentication and access controls. 4. Data to be stored on the computer will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. 5. The computer shall be checked weekly by IT Security department personnel at designated times when the computer will be entering a secure building area. The check will include a scan for malware and a test to determine whether the computer has a worm. The state of stored sensitive data shall also be checked to determine whether it is encrypted and whether data of too high a level of security is being stored on the computer. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. 3. Policy for computers being used for travel - Protection of these computers shall be the encryption of all sensitive data and a requirement for a valid user ID to operate the computer. 4. These computers shall always meet requirement 6.0.1 above. If any additional software installation is required, it must be done and configured before the computer leaves the building. 5. It shall be ensured that unauthorized persons cannot gain access to the computer without a proper user identification and password. Operating systems that do not safely support this process shall not be used in mobile computers. The IT Security department will determine and specify the proper tools to be used for authentication and access controls. 6. Data to be stored on the computer during the time the computer is not in a security facility will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. Any data not considered to be safe to be stored on the computer will be removed using a designated program to be sure it has been removed so it cannot be read using special technology later. There will be a list of documented sensitive data including storage locations for all sensitive data stored on the computer. This list will be created before the computer leaves the facility. 7. If there is a chance that the user will view any sensitive data using their web browser or other program, cached data will need to be encrypted. Cached data that is stored locally such as cached data from the user's browser will be set to be encrypted using the encrypting file system (EFS). This may require Windows XP or some third party software. In Windows XP, this may be enabled using the following procedure:
  • 87. 87 1. Open "My computer" 2. Click on "Tools" and select "folder Options". 3. Select the "Offline files" tab. 4. Check the box next to "Encrypt offline files to secure data". 5. Click "OK" to exit. 8. If the computer will acquire irreplaceable and valuable data while on the road, the computer user must notify the IT department so arrangements can be made for a method to back the data up.  Policy for computers being used by contractors 1. The computer will first be checked for compliance with section 6.01 above. 2. The computer will be scanned for malware and tested to determine whether the computer has a worm. Any malware on the computer shall be removed if any was detected. Log information about any malware found. 3. If the computer is in compliance with section 6.01 and contains no malware, the contractor shall report any sensitive data related to the organization that is expected to be stored on the computer. 4. Data to be stored on the computer will be evaluated and rated to consider the sensitivity of the data according to the Data Assessment Process document. Any data stored on the computer that is considered to be sensitive will be stored only in an encrypted format, possibly using an Encrypting File System (EFS). The policy must define the encryption tool to use and how it will be maintained. 5. The ID of the computer shall be recorded and it shall be certified for use on the organizational network. 6. The computer shall be checked weekly by IT Security department personnel at designated times when the computer will be entering a secure building area. The check will include a scan for malware and a test to determine whether the computer has a worm. The state of stored sensitive data shall also be checked to determine whether it is encrypted and whether data of too high a level of security is being stored on the computer. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. If the computer is storing data improperly, the certification of the computer shall be reviewed. 7.0 Protecting the Network Mobile computers entering the network shall meet the following requirements. 1. If the computer is owned by the organization and used regularly by employees according to 4.0.2 above, then the computer shall be checked according to that part of the policy. 2. If the computer is owned by the organization and is returning from a period when an employee used it for travel, the following check shall be performed. 1. Determine whether the anti-virus program is up to date, has the latest virus definitions, is configured properly, and is running properly. If it fails one of these conditions or has not been scanned for a virus within the last week, a full virus scan must be done before the computer can be used in the building. 2. Test the computer and scan for additional malware such as adware or spyware test to determine whether the computer has a worm.
  • 88. 88 3. Test the state of stored sensitive data to be sure it is encrypted. 4. Remove any malware on the computer if any was detected. Log information about any malware found. Log any information about data that was not stored properly. 3. If the computer is owned by an outside organization the following must be done. 1. The outside organization must agree in writing to allow a malware scan of their computer and agree pay any costs if malware is found on their computer. 2. A full virus scan must be done. 3. Test the computer and scan for additional malware such as adware or spyware test to determine whether the computer has a worm. 4. Remove any malware on the computer if any was detected. Log information about any malware found. The outside organization may be billed for services depending on organizational policy. 8.0 Enforcement Since improper use of mobile computers can bring in hostile software which may destroy the integrity of network resources and systems and the prevention of these events is critical to the security of the organization and all individuals, employees that do not adhere to this policy may be subject to disciplinary action up to and including dismissal.
  • 90. 90 SEH ISD300-PoE Print Server Item#: YYI1-H01540 | Model#: M03722 Price: $1,48608 SEH ISD300-PoE Print Server Product Details The Cost-Effective Spooling Solution with PoE-Technology! Print job spooling is one of the core tasks in a network. Inefficient spooling by means of traditional servers causes performance problems, is expensive and requires a lot of administration. The ISD300-PoE puts an end to this! The ISD300-PoE Intelligent Spooling Device connects to your network as a specialized network appliance, effectively spooling and managing all print jobs and handling all print queues - simple, cost-effective and highly available! And it offers a large range of application scenarios! Power-over-Ethernet (PoE) Technology ISD300-PoE is equipped with Power-over-Ethernet technology.PoE-enabled network devices are powered via the data cable; eliminating the need for an external power
  • 91. 91 HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer - Color Laser, Up to 600 x 600 dpi, Up to 30 ppm, 1536MB Memory, 320GB HDD, 8.07" Touchscreen, Hi-Speed USB 2.0, Ethernet Item#: H24-30400 | Model#: CC523A Price: $5,44999 HP LaserJet Enterprise 700 Multifunction Printer Product Details HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer The performance-driven industry has finally met its match with the HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer. The HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer is a hardworking multifunction printer that boasts a stunning A3 color, robust scanning features, and high volume paper capacity minus the hefty price tag. Copy, scan, print, and fax with up to 600 x 600 dpi resolution from virtually anywhere using your smartphone or tablets – thanks to its HP ePrint. With up to 30 ppm print speed,you can definitely enhance your productivity. This printer's 8.07" Touchscreen makes navigating the device's features a breeze, as well as displays the content and settings with an outstanding clarity. Make use of its Ethernet capability to connect the printer to a wired network, and further enhance yourworkflow. So if you want a printer that caters to all of your documenting needs, purchasing the HP LaserJet Enterprise 700 M775f CC523A Multifunction Printer is the way to go. What It Is And Why You Need It:  Multifunction Printer; allows printing, faxing, scanning,and copying high quality documents  8.07" Touchscreen; makes navigating the features a lot easier  Hi-Speed USB 2.0; lets you integrate various USB capable devices  Ethernet; allows easy connection to a wired network  HP ePrint; enables printing from your smartphones or tablets  High-capacity automatic document feeder; keeps large scan and copy jobs moving