Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
This project is the first of a series concerned with upgrading our infrastructure to current,
modern standards in regards to both performance, storage, and security. With the
recent data breach occurring in our company, and the leak of more than 141 million
personal identifiable records, we must invest heavily in our core technologies to ensure
the longevity of Go Fund Yourself. This business has thrived in the past, and with this
necessary upgrade, it will again. We propose in this document the replacement of 100%
of both our server and network infrastructure. We believe this project to be crucial to the
continued success of the company in light of recent events. We need to have a clear
understanding of how our infrastructure is designed - which we do not have at the
moment. We cannot efficiently protect a system that is not clearly documented and
defined to the individuals that are tasked with protecting it. We currently do not have any
security systems in place that could have mitigated the recent breach. We need to
invest in these security systems. Examples of these systems would be: ASA (Advanced
Security Appliance) Firewalls, ISE (Identity Services Engine), IPS (Intrusion Prevention
Systems), and IDS (Intrusion Detection Systems). These sorts of security measures will
greatly reduce the risk of a breach in the future. We also propose the replacement of all
servers in both the production and test environment as well. Due to the recent breach,
we are unsure if these servers are able to be disinfected and be deployed for continued
use. We feel very strongly that the proposed project we discuss is necessary to the
continued success and longevity of Go Fund Yourself.
1. Introduction pg. 4
3
2. Rationale/Significance pg. 5
4. Methods pg.
8. Budget pg.
9. Conclusion pg.
Introduction (Thomas)
With the recent news of a breach of our infrastructure, and the release of millions of
records containing personally identifiable information, we must invest in a forced
infrastructure upgrade. In order to regain public trust - and the trust of the government -
we must make this an utmost priority during the remainder of this quarter. Our
Information Technology infrastructure consists currently of:
300 Dell PowerEdge Servers
4
These proposed upgrades to our company network systems would provide a multi
layered defense mechanism to protect the company database and also help minimize
the risk of an attack. The high growth rate of our company has not correlated with the
slow rate of infrastructure updates, we now currently have over 200 employees without
5
a desktop computer and over 100 senior employees who need more powerful systems
to run the softwares required to run their daily activities effectively. Several other
problems regarding out outdated systems reported by our employee relations
department include
Network outages
Employee login error
Phishing virus attack
Unauthorized use of account
We have also received complaints from our customers with issues such as
Server Intrusion malwares
Unable to process online transactions
Loss of money from credit card
Unauthorized transactions
Understanding how the our company business works in relation to cyber security is also
extremely important therefore i would recommend educating our current and future
employees through mandatory seminars on the following key areas;
How to respond to a suspected virus attack
Actions and Precautions to follow when dealing with incoming emails from an
unidentified email address
The appropriate personnel to contact in the Network Security Department
We plan to begin the work of dismantling our systems on October 17th, 2017, and with
a majority of our new equipment being delivered by October 20th, 2017, we plan to
complete the project by October 31st, 2017. The scope of this project is large. We plan
to replace around 300 servers from both our production and test infrastructure
combined. With the installation of new servers, we plan to also replace our network
infrastructure. In addition to our team of four individuals, we will also be recruiting a
Network Architect, and a Network Security Specialist. We plan to use the expertise of
the Network Architect and Security Specialist to design and implement a new network
that mitigates risk, and works to prevent and detect unwanted intrusions into our
network. Several ways we will achieve this are:
Analysing current and prior network designs in order to better enable ourselves
to design a secure network.
Collaborating with vendors to ensure that our new equipment is configured
correctly.
6
Utilizing the skills of our consultants to ensure proper placement and distribution
of the network.
We also are setting up several hundred servers. In order to ensure we do this correctly
we will:
Utilize network tools to ensure that the servers are reachable from the public
internet.
Employ a double-check policy, to ensure that all connections that are required for
proper functioning of our infrastructure are present and correct.
We must ensure that all software is running correctly on these servers, and is
configured properly.
Following these procedures and utilizing the tools at our disposal will ensure the
success of our infrastructure upgrade.
Analysing current and prior network designs in order to better enable ourselves
to design a secure network.
Collaborating with vendors to ensure that our new equipment is configured
correctly.
Utilizing the skills of our consultants to ensure proper placement and distribution
of the network.
We also are setting up several hundred servers. In order to ensure we do this correctly
we will:
Utilize network tools to ensure that the servers are reachable from the public
internet.
Employ a double-check policy, to ensure that all connections that are required for
proper functioning of our infrastructure are present and correct.
We must ensure that all software is running correctly on these servers, and is
configured properly.
7
Personnel Sketch
Thomas Obarowski - Thomas is a Network Security Engineer, and is CCIE (Cisco Certified
Internetworking Expert) Security Certified. This certification is the highest level of certification
available to individual from the highly respected networking company Cisco, and provides merit
to his expertise in defending enterprise level networks. He is also CISSP (Certified Information
Systems Security Professional), with strong qualifications in the Identity and Access
Management, and Security Engineering domains of the exam. He graduated from MIT with a
degree in Computer Science, where he also achieved his Masters and Doctorate in
Cybersecurity. He has been working with Go Fund Yourself for 3 months, and has worked in the
Information Security industry for a total of 8 years.
with a focus in Game engineering and AI Robotics. Claret is also held past employments as a
Senior Front end developer(2009 - 2013) and a Senior Project manager (2013 -2015).
Here
Intrusion Protection and Intrusion Detection are the top two that we plan on spending
the most money on; approximately $11.2 million on both combined. The third largest
sum of money that we plan on spending on this project goes towards creating Custom
Servers, and this is expected to run about $4.8 million. Our smallest amount will be
spent on Networking Switches and Firewalls which we expect to cost $4 million
together. In total, all of this meets our proposed budget of $20 million without going over
or having any left over.
Conclusion (DeiVonte)
This update will allow for our company to run even smoother than before. If we are
allowed this funding, the efficiency of our business will increase, thus increasing the
efficiency, net worth, and profits of investors who helped fund the reshaping. As our
company grows, in both revenue and clientele, we need our servers to be just as strong.
We want to have the ability to accommodate these present and future clients by not
allowing a breach in security. With this new infrastructure, our customers will be happy,
and you as investors will be happy as well. An investment in us, is a payout for you.
11