Go Fund Yourself LLC

A Proposal to Fund Replacement of

Damaged/Old Infrastructure
October 2nd, 2017
 2

Project Summary (Thomas)

This project is the first of a series concerned with upgrading our infrastructure to current,
modern standards in regards to both performance, storage, and security. With the
recent data breach occurring in our company, and the leak of more than 141 million
personal identifiable records, we must invest heavily in our core technologies to ensure
the longevity of Go Fund Yourself. This business has thrived in the past, and with this
necessary upgrade, it will again. We propose in this document the replacement of 100%
of both our server and network infrastructure. We believe this project to be crucial to the
continued success of the company in light of recent events. We need to have a clear
understanding of how our infrastructure is designed - which we do not have at the
moment. We cannot efficiently protect a system that is not clearly documented and
defined to the individuals that are tasked with protecting it. We currently do not have any
security systems in place that could have mitigated the recent breach. We need to
invest in these security systems. Examples of these systems would be: ASA (Advanced
Security Appliance) Firewalls, ISE (Identity Services Engine), IPS (Intrusion Prevention
Systems), and IDS (Intrusion Detection Systems). These sorts of security measures will
greatly reduce the risk of a breach in the future. We also propose the replacement of all
servers in both the production and test environment as well. Due to the recent breach,
we are unsure if these servers are able to be disinfected and be deployed for continued
use. We feel very strongly that the proposed project we discuss is necessary to the
continued success and longevity of Go Fund Yourself.

Table of Contents (DeiVonte)

1. Introduction pg. 4
 3

2. Rationale/Significance pg. 5

3. Plan of Work pg. 5

4. Methods pg.

5. Task Breakdown pg.

6. Problem analysis pg.

7. Personnel/Bio Sketch pg.

8. Budget pg.

9. Conclusion pg.

10. References/Appendices pg.

Introduction (Thomas)

With the recent news of a breach of our infrastructure, and the release of millions of
records containing personally identifiable information, we must invest in a forced
infrastructure upgrade. In order to regain public trust - and the trust of the government -
we must make this an utmost priority during the remainder of this quarter. Our
Information Technology infrastructure consists currently of:
300 Dell PowerEdge Servers
 4

250 Cisco 3560G Catalyst Switches

~150 Laptop/Desktop Computers
~100 mobile devices
The main focus of this upgrade is to increase the robustness of our security systems. It
is obvious from recent events that this must be done. We currently employee no
security measures to protect our data. We are proposing that you approve an initial
funding request of approximately $20,000,000 USD. This amount is the minimum
amount that will allow us to invest in new technologies such as:
Intrusion Protection Systems (IPS) - We are in discussion with multiple vendors.
Prospective vendors include: Cisco, Juniper Networks, Palo Alto Security.
Intrusion Detection Systems (IDS) - We are in discussion with multiple vendors.
Prospective vendors include: 123Security, Cisco, Juniper Networks, Palo Alto
Security.
Networking Firewalls - We are in discussion with Cisco about the implementation
of their ASA (Advanced Security Appliance) Firewalls.
Networking Switches - We are in discussion with multiple vendors such as:
Cisco, Juniper Networks, Netgear.
Custom Designed Servers - We are in discussion with several different Computer
companies who specialize in Server design. These companies include Dell, Intel,
and Supermicro.
In addition to investing in physical technologies, we will use these funds to hire
consultants - in order to ensure proper implementation and deployment of all new
Information Technology investments. We are going to hire consultants in the fields of:
Network Architect - We are currently looking for several individuals to consult for
Network Design. We are only searching for individuals who are CCAr (Cisco
Certified Architect) certified. Regardless of the vendor we may purchase
networking equipment from, this ensures the individual is an expert in the field of
Networking.
Network Security - We are looking individuals who hold CCIE (Cisco Certified
Internetwork Expert - Security) certification.
The expertise of vendors, consultants, and our team at Go Fund Yourself will ensure the
success of this project.

Rationale & Significance (Claret)

These proposed upgrades to our company network systems would provide a multi
layered defense mechanism to protect the company database and also help minimize
the risk of an attack. The high growth rate of our company has not correlated with the
slow rate of infrastructure updates, we now currently have over 200 employees without
 5

a desktop computer and over 100 senior employees who need more powerful systems
to run the softwares required to run their daily activities effectively. Several other
problems regarding out outdated systems reported by our employee relations
department include
Network outages
Employee login error
Phishing virus attack
Unauthorized use of account
We have also received complaints from our customers with issues such as
Server Intrusion malwares
Unable to process online transactions
Loss of money from credit card
Unauthorized transactions
Understanding how the our company business works in relation to cyber security is also
extremely important therefore i would recommend educating our current and future
employees through mandatory seminars on the following key areas;
How to respond to a suspected virus attack
Actions and Precautions to follow when dealing with incoming emails from an
unidentified email address
The appropriate personnel to contact in the Network Security Department

Plan of Work (Thomas)

We plan to begin the work of dismantling our systems on October 17th, 2017, and with
a majority of our new equipment being delivered by October 20th, 2017, we plan to
complete the project by October 31st, 2017. The scope of this project is large. We plan
to replace around 300 servers from both our production and test infrastructure
combined. With the installation of new servers, we plan to also replace our network
infrastructure. In addition to our team of four individuals, we will also be recruiting a
Network Architect, and a Network Security Specialist. We plan to use the expertise of
the Network Architect and Security Specialist to design and implement a new network
that mitigates risk, and works to prevent and detect unwanted intrusions into our
network. Several ways we will achieve this are:
Analysing current and prior network designs in order to better enable ourselves
to design a secure network.
Collaborating with vendors to ensure that our new equipment is configured
correctly.
 6

Utilizing the skills of our consultants to ensure proper placement and distribution
of the network.
We also are setting up several hundred servers. In order to ensure we do this correctly
we will:
Utilize network tools to ensure that the servers are reachable from the public
internet.
Employ a double-check policy, to ensure that all connections that are required for
proper functioning of our infrastructure are present and correct.
We must ensure that all software is running correctly on these servers, and is
configured properly.
Following these procedures and utilizing the tools at our disposal will ensure the
success of our infrastructure upgrade.

Task breakdown (Michael)

Analysing current and prior network designs in order to better enable ourselves
to design a secure network.
Collaborating with vendors to ensure that our new equipment is configured
correctly.
Utilizing the skills of our consultants to ensure proper placement and distribution
of the network.
We also are setting up several hundred servers. In order to ensure we do this correctly
we will:
Utilize network tools to ensure that the servers are reachable from the public
internet.
Employ a double-check policy, to ensure that all connections that are required for
proper functioning of our infrastructure are present and correct.
We must ensure that all software is running correctly on these servers, and is
configured properly.
 7

Problem analysis (Michael)

Ever since the servers were hacked the company has felt vulnerable with its most important
information. Instead of fixing any tiny issue that might cause a new issue we have decide to
overhaul the entire IT Department and start from scratch. This was we have everything working
on the same page.

Personnel Sketch
Thomas Obarowski - Thomas is a Network Security Engineer, and is CCIE (Cisco Certified
Internetworking Expert) Security Certified. This certification is the highest level of certification
available to individual from the highly respected networking company Cisco, and provides merit
to his expertise in defending enterprise level networks. He is also CISSP (Certified Information
Systems Security Professional), with strong qualifications in the Identity and Access
Management, and Security Engineering domains of the exam. He graduated from MIT with a
degree in Computer Science, where he also achieved his Masters and Doctorate in
Cybersecurity. He has been working with Go Fund Yourself for 3 months, and has worked in the
Information Security industry for a total of 8 years.

DeiVonte Freeman-Jackson - Senior Budget Analyst, with a Masters in Economics. DeiVonte is

a certified Government Financial Manager as well as the ________ for the finance department
of Go Fund Yourself. He has acquired numerous awards in his time as a Budget Analyst for a
number of his teams projects. He joined the GFY team in Spring of 2017, and has been working
in his field since the Summer of 2006.

Claret Oguejiofor - Senior Software Engineer at Ubisoft Entertainment(2016 - Present),

Graduated with a Masters in Computer Science from The University of North Carolina Charlotte
 8

with a focus in Game engineering and AI Robotics. Claret is also held past employments as a
Senior Front end developer(2009 - 2013) and a Senior Project manager (2013 -2015).

Here

Budget (cost Proposal)

Below is a breakdown of the estimated costs of the parts of our new system. This is
intended to showcase what we plan to do with the money, if granted. In making this
budget, we have allotted the minimum of $20,000,000. You will see that our money has
been divided in order to accommodate what we feel are the more important aspects of
this update (Figure 1).
9
 10

Figure 1 The infrastructure budget by percent of funds used

Intrusion Protection and Intrusion Detection are the top two that we plan on spending
the most money on; approximately $11.2 million on both combined. The third largest
sum of money that we plan on spending on this project goes towards creating Custom
Servers, and this is expected to run about $4.8 million. Our smallest amount will be
spent on Networking Switches and Firewalls which we expect to cost $4 million
together. In total, all of this meets our proposed budget of $20 million without going over
or having any left over.

Conclusion (DeiVonte)
This update will allow for our company to run even smoother than before. If we are
allowed this funding, the efficiency of our business will increase, thus increasing the
efficiency, net worth, and profits of investors who helped fund the reshaping. As our
company grows, in both revenue and clientele, we need our servers to be just as strong.
We want to have the ability to accommodate these present and future clients by not
allowing a breach in security. With this new infrastructure, our customers will be happy,
and you as investors will be happy as well. An investment in us, is a payout for you.
 11

References /Appendices (Claret)

Understanding information systems security policy compliance: An
integration of the theory of planned behavior and the protection
motivation theory, Shannon School of Business, Cape Breton University,
Canada, 2016.
https://www.cisco.com/c/en/us/products/security/ngips/index.html
https://researchcenter.paloaltonetworks.com/2017/09/cd-securing-
diversity-cybersecurity/
https://researchcenter.paloaltonetworks.com/2017/09/cso-
highlighting-japan-india-cybersecurity-cooperation-confluence-two-
seas/