Management Assignment sample on What’s best for Business: Utilitarianism or Deontology?

Sample Assignments

You can download the solution to the following question for free.

For further assistance in Management Assignment help, please check our offerings in Management assignment solutions. Our subject-matter-experts provide online assignment help to Management students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.

(AssignmentEssayHelp do not recommend anyone to use this sample as their own work.)

Management  Assignment Question on What’s best for Business: Utilitarianism  or Deontology?

Our organisation, after implementing mobile services the process of moving to the final cloud solution has discovered that a lot of the expected benefits have not been achieved. While the staff agree and can see how the new untethered access to business data and services can help in their day to day activities. The overhead of using the services due to authentication has resulted in poor acceptance of the system by the employees.
The security mechanism was imposed to limit the likelihood of having long term connections running from external connections. The limitations were put in place to minimise the load on the connection servers and also limit the possibility of unauthorised external entity not being identified early by the intrusion detection systems. The organisation has a large number of external business entities who regularly connect to the organisation resources as part of cooperative business processes.
After discussion with the system users a number of issues were discovered. Firstly, the system was designed so that the security management was pushed onto the mobile devices making the use of the service disruptive to the users. The accessing of different services while using mobile devices required a separate login in to each service. Not only that, but prolonged inactivity would shut down the connection to the mobile device requiring a twostep process to re-establish a connection to the device then reconnection to the service. Also it was discovered that while the system is supposed to support roaming in reality only certain services were accessible from different part of the organisation while utilising wireless devices.
The planned eventual move to the recommended cloud services has also been put on hold due to the current reports in the media of the Transport Layer vulnerability. The general consensus amongst the board of managers is that the cloud solutions may not be suitable or secure enough for their business requirements. As a result the idea of creating our own private cloud storage solution with virtualised servers to minimise the hardware requirements and management might be a better and a more secure solution.
The organisation grew up at a fairly fast rate and has moved through a number of IT solutions over the years. All the solution have been home grown and designed in house to meet the know challenges. As a result the solutions tended to be only short lived forcing a redesign in a shorter period than originally planned. For the next major redesign (the planed private cloud and virtual servers) the organisation is considering going through a tender process in the hopes of designing system that is better able to meet the future needs.
You have been tasked with writing a report to explain and explore the following technology and services:
a) There is evidently a problem with the current design in that the use of the wireless devices is more burdensome then it needs be and the access limitations the employees are experiencing. Describe the possible design problems and discuss possible solutions to make the current design more productive to the organisation?
b) Research and describe Transport Layer Security (TLS) and how it operates to provide secure communications. Report your findings in the operations of TLS and its impact if we were to move to a private cloud as suggested. Are we as an organisation going to be able to make ourselves more secure and better able to protect from unauthorised access.
c) Building a private cloud storage and virtual service type solutions sounds like a solution that provides the best of both world. Research and report on the advantages and disadvantages in building our own cloud and virtualised service type solutions. Make a recommendation with justifications as to how they should proceed (private or public type of solution)
d) Up to now the organisations IT department has been able to meet the challenges of designing and implementing the necessary communication networks for the organisation. However, with the new design (private or public cloud) the IT department is venturing into areas where they lack experience. As possible solution the idea of tendering the build through Request for Proposal process has been raised. You have been asked to do brief analyses of the Request for Proposal process and highlight the benefits and the pitfalls of the process. The management is especially interested in what they need to get right in order to have the best guarantee if success.

Management Solution for on What’s best for Business: Utilitarianism  or Deontology?

SECTION A
CURRENT DESIGN PROBLEM

Recently, there has been a global shift on the networking modules and its paradigm. The new adopted model is wireless architecture and is being globally accepted because of its robustness, cost effectiveness and its inherent property of accepting significant characteristic of both wired infrastructure and ad-hoc networking paradigm under its domain. In this report, we will discuss in detail, the initial stage wireless design problems and their viable solutions.After the migration to the proposed wireless architecture, lot of UAT testing has been done. Though the results are favorable for most of the cases, certain problems are also identified.

Read more in the complete solution PDF document at the end of this page.

SECTION A: CONCLUSION

On a concluding note, this report showcases impressive amount of research effort on design of wireless multi-hop networks and their advantages based on robustness, ease of setup/maintenance, simplicity, and self-organizing nature. Though in the starting stage, there might be few hiccups while deploying wireless architecture, but once the full-fledged architecture is deployed, advantages like heterogeneity, protocols and joint design, affordable community driven infrastructure, opportunity for using off-the-shelf hardware interfaces and increasing open-source software development can be realized. The future of all the network greatly merging into wireless deployment.

SECTION B: TLS SECURITY
Research &Describe Transport Layer Security (TLS)

This section will explain the functionality and working of transport layer security. This will also explain the implementation of transport layer on a private cloud environment as our organization is looking forward to migrate to the cloud environment. In the wake of the recent cyber-attacks, where the new vulnerabilities like Open SSL are identified which compromises the TLS security is also discussed here.
Transport layer security is an advanced version of the previous web security form known as Secure Socket Layer or SSL. TLS is a handshake protocol which is primarily used for maintaining and creating encrypted sessions to ensure privacy between applications over the internet, curtailing the possibility of eavesdropping and message tampering. The advantages of TLS/SSL can be lumped together to create secure environment over client server architecture, emailing and web browsing. This enhances the organizational security by creating secure sessions with RC4 or RSA encryption algorithms and is a good example of public key encryption. Though off late, there are certain incidents reported on the RC4 weakness and vulnerabilities which has been discussed in detail, but the advantage of using this in organization level is quite large. (Qualys Security 2013) The history of TLS/SSL security is distinctive as Netscape was the primer organization to develop and introduce the concept of secure socket layer for internet browser and web browser. (Vahab Pournaghshband 2011) .A common way to find out either your website is using this internet security is by checking the HTTP (hypertext transfer protocol), which should be ideally HTTPS. The below figure illustrates the same.

The current version of TLS uses Netscape SSL version 3.0, which utilizes two protocols viz. TLS Handshake protocol and TLS Record protocol. The first layer the TLS handshake protocol makes the server and client assessable to each other by authenticating each other using the protocol linked to the backend database server. Also, this is known as a negotiable protocol as it negotiates cryptographic keys and encryption algorithm prior to information data exchange.(Giuseppe Bianchi 2011)

DOWNFALLSOF TLS

As it is explained by the eminent researchers, and security experts that, ensuring 100% or cent percent security is a completely wrong statement or simply a myth. Certainly there are shortcomings in the TLS security version as well. The recently reported new says, the RC4 algorithm supported in TLS version has been broken and security is compromised. The known way through which the weakness can be exploited has been devised and a sophisticated attack is launched to compromise the security. The target of the attack was on the CBC suites or codes that were used in the TLS version 1.0. and are known as Beast attacks. Through these vulnerabilities millions and billions of the keys are said to be compromised. Every day a new problem can be noticed in the web security arena, the very recent one is the Open SSL 1.0 vulnerability called Heart Bleed virus. Sometime due to misconfiguration or lack of hardening leads to such vulnerabilities, just like in the case of Lucky 13 attack that compromised a huge number of keys. Session cookies are also important so as to harden session management, to support reliable rotation of cookies. These vulnerabilities tends to extract the stored password in the cookies and can launch Denial of Service attacks (DOS) and cookie poisoning. Checking certain attributes like: 1) certificate is from a trusted party; 2) Valid certificate 3) certificate bears a relationship with the site from which it’s coming. There are commercial certification bodies like VeriSign, Go Daddy, Geo trust and so far and so forth. (How Stuffworks 2011)
The Heart-bleed vulnerability is marked as CVE-2014-0160 which compromise the security to provide the attacker access privilege, to read 64kb of memory for every attach. This is generally associated with poorly written codes to steal passwords, private keys of X.509 certificates.(TechTarget 2012)

Read more in the complete solution PDF document at the end of this page.

SECTION C: BUILDINGAVIRTUAL SERVICETYPE for PRIVATE CLOUD STORAGE SOLUTIONS

As the management of the organization has realized that, virtual services when clubbed together with private cloud systems, a win-win situation can be achieved and will provide the best possible solution for the organization. Thus, to explore and research on the pitfalls and advancementsof building our own enterprise cloud and virtualized service solutions, we have referred to international journals on Virtualization and Private cloud solution to garner the understanding on the pros and cons of this technology.
To begin with, we will be referring to SANS security journal on “Virtualization and Private Cloud Security” number SEC579. This research work from SAANs focuses on rapidly evolving server virtualization technologies and devised a suitable approach for saving cost and easy deployment methodology for virtualized system. One great achievement that is being highlighted in the current virtualization workflow is easy and flexible business continuity and disaster recovery. This provides the system administrators with greater controls over multiple systems that too in a single automation point. Nevertheless, the security feature that are incorporated here are “Role based access control mechanism”, “Audit logging and Fault logging as per the ISO 27001 global information security practices” for larger infrastructure.(SANS Security 2012)
However the virtualization and virtual services has their own pitfalls and disadvantages. With each new day, a potential threat, exploits and vulnerability is being identified. One more potential problem that security and network administrator are observing is, since the technologies is new and advert, there are a lot of configuration options that has to be understood. These are added complexity that has to be tackled and managed tactfully. Often careful planning is needed to ensure that storage and backup services are carefully configured with administrative permissions, access control and virtualization server security hardening.Added to these points, organizations dwelling into private cloud and virtualized infrastructure needs to ensure that their assets are well protected through proper security architectures, planning, knowledge and expertise along with stringent policies and processes.The below figure illustrates the well-established Private cloud continuum having virtual services. The blend of visualization and private cloud is making a fast trend in the global arena, deploying maximum utilities and application at a cheaper cost of procurement, maintenance and up-gradation. In the figure, the windows Hyper-V virtualization is extended to different cloud services. Our organization is planning for a Private cloud structure based on the Infrastructure as a Service. A workflow analogy can be drawn between the two, where control to abstraction is projected with cost effective simpler management.

Read more in the complete solution PDF document at the end of this page.

PRIVATE CLOUDAND VIRTUAL SERVICE TYPE

A common misconception about virtualization and private cloud is that, non-technical staffs often take the benefaction of calling the two as one single entity. But the real fact is, virtualization is a sub set of the larger domain called cloud, be it Private or Public. The cycle of virtualization starts with limited resource virtualized computing. This is then clamped up with key attributes like, “Self-Service, Elasticity, Resource pooling and finally analytics” to attain a greater status of private cloud under Infrastructure or Network as a Services. This has been illustrated in the subsequent figure.
SECTION D: REQUESTFOR PROPOSAL PROCESSAND HIGHLIGHT THE BENEFITSAND PITFALLS

As most of the companies are looking forward for cloud solution, for a permanent and more suitable solution to their organization, one prominent form of cloud which is highly demanding is Private cloud. This structure has the benefits like no multi-tenancy problems (multiple parities sharing same infrastructure in cloud space) which can lead to security flaws with contractual obligations and pricing issues like pay-as-you go. The cloud services can be categorized as three prominent utopias for any organization. These three are shown in the below figure as PaaS (Platform as a Service), SaaS (Software as a Service), and IaaS (Infrastructure as a Service essentially called as Communication as a Service).

Read more in the complete solution PDF document at the end of this page.

DISADVANTAGES

The cons of the RFP submission are always related to the lack of subject matter expertise that imparts an opportunity to the vendor to tactically hide some of the critical clauses from the customer. These hidden clauses often prove fatal for the management, in-cases where there are legal obligations.
Thus it is very important to have a drafted Statement of Work (SOW) to demonstrate minimum requirement for desired level of project details. The vendor SOW comprises of applicable pricing and smooth implementation methodology.
For the purpose of this report, and highlight the management the nitty-gritties of RFPs and SOW, a snapshot has been gather from the implementation standard template of Private cloud RFP.

Download Free Sample AEH

(Some parts of the solution has been blurred due to privacy protection policy)

Check More Samples

Order Now

 

AssignmentEssayHelp.com is a US based website dedicated towards academic excellence for students studying in US universities. Our PhD experts are always available when you need them the most.