The report is prepared for an international law firm Fenwick Inc for the identification of the potential of the business opportunity in the greater Newcastle area. In the report a design is proposed for the implementation of the secure Unified Communication (UC) in the current business process for meeting the needs of the customer. The development of the unified communication system would help the organization to eliminate the communication barrier for operating 3 large offices in different geographical location. For the management of the communication between the three large firms different services are needed to be provided for the unification of the tools used for communication and securing the communication between the employees. For interconnecting each of the branches a distributed network infrastructure should be developed that has the ability to exchange different type of information. For the development of the network solution an unified threat modelling is created and the design specification and ethical consideration are evaluated for eliminating the errors and develop the solution meeting the needs of the organization. There are different approaches that are implemented for guaranteeing service for the multimedia application and the approaches are divided into adaptation based schemes, reservation based schemes and network level protocols. The network level protocols are used for providing QoS support by analysing the network parameters and interpreting it with the application requirement. It helps in enhancement of the switches connected in the network and management of the application flow service. The reservation based schemes are used for reserving the resources of the network following the requirement of the application. Admission control mechanism are used for matching the request of the application with the availability of resource. The adaptation based schemes are used for utilizing the adaptive behaviour of the application that does not have a need of hard service and perform active resource management that is aware of different application. There are different optimization schemed that are applied for the development of unified communication network such as integration of the application processing with the data transport for improvement of the performance of the application and services.
The unified communication is used for integrating more than one real time communication system as a single platform and recording the details of the interaction between the user and the different services provided to the user connected in the network. The model should be developed such that the user connect with the network from any geographical location. There are different risk acting on the unified communication network and most of the attacks in the unified communication network occurs from the internal sources and there is a need to develop a BYOD policy for the employees for securing the network from malware, data leakage and other types of attacks(Carroll 2014). The poor security practice followed for the development of the network should be identified and proper security measures should be applied for securing the network from the internal or the external agents. The following risks are identified and need to be mitigated for the development of unified communication system such as:
Troll frauds – This risk arise when an attacker forges with the VoIP system by making calls using a stolen account and automate calls by ringing and generate massive bills for the organization. The security of the network can be compromised causing different types of attacks such as buffer overflow, bypass fraud and call transfer.
Eavesdropping – this type of attacks are performed by the attacker for compromising the network security of the unified communication network with the use of malware and exploiting the network. The hacker can steal insider information by listening to the board meetings and this type of attack may not occur at a real time since the hacker can drop in and out of the network for gathering the data or information captured that are necessary.
Packet Injection – this type of attack occurs for altering the nature of the data traffic in the network that is intended for a destination address (Inukollu, Arsi and Ravuri 2014). The attacker injects malformed packets or modifies the RTP packets for intercepting the communication.
Phishing and Vishing – this method is used for attempting and acquiring private or personal information and is performed by performing fraud attempt for gaining the banking information with the means of email. The concept of vishing is used as the backbone of phishing and it is done for the fraud the voice service that takes place using the VoIP and the telephony service of the network.
Denial of Service – it is used for overloading the system with unwanted requests such that the service are unavailable for the other users and the productivity of the organization is impacted. For causing a denial of service for the voice service a war dialler is used that overloads the system by request for outside connection.
Call hijacking – The devices that are connected as an endpoint should be safe from tampering and this can be achieved by encrypting the voice packets with the implementation of cryptographic algorithm.
For the development of the unified communication model and securing the VoIP and unified communication there are different struggle faced by the IT administrators and the staffs. There are different types of communication such as video and text, voice and they are performed in different types of formats such as telephony-type voice traffic, audio conferencing, email and instant messaging. The interaction between the users with the tools are needed to be managed by collecting different client interface and combining them to create a single interface (Mahalingam et al. 2014). There are different threats of unified communication and the voice and video communication should be integrated to form a unified communication. The main concern for modelling the unified communication is eavesdropping and unauthorised interception of the VoIP and other network traffic. The application of the VPN topology for interconnecting the different branches may reduce the threat and management of the data routes.
For securing the unified communication defence should be applied in all levels of the network such that the unauthorised access of the resources are restricted and the application and services are secured from the external agents. Security should be maintenance for the network devices such as servers, IP phones, routers, switches and the communication channels. The unused services and switch ports that are not currently used by the users should be blocked and such that it cannot be used by the external agents for intruding into the network (Thomas 2014). User group policy should be created and authentication and encryption should be applied at different levels of the connection for the management of the identity of the users using the network framework. Firewalls should be installed at the entry and exit point of the network and the routers should be configured with access control list for the authentication of the access of the network. The switches should be configured with VLANs and switchport security from preventing the illegal devices to be connected in the network and protect the IP phone and desktop to access each other.
The application of host and network based intrusion detection system can also help in monitoring the data traffic flowing from different address in the network. The intrusion detection system can be combined with the intrusion prevention system for increasing the security of then network framework and management of the unified communication traffic without adding latency in the network. The intrusion prevention system or proxy servers are used for looking deep inside the unified communication network and examination of the data that is sent for sending it in an acceptable format. The host level security is needed to be measured for the implementation of the firewall, antispyware and antivirus agents (Asrani, Koul and Khot 2016). The malicious hackers can seek the path that have the least resistant to access the network and can compromise the security of the unified communication via the clients or servers installed in the system. There are specific technologies for example firewalls and SIP proxies that can be used for development of securing unified communication and mult layer defence should be applied for protecting the network and increase the security of the enterprise infrastructure.
For the implementation of the cloud service the security and threats should be identified for mitigation of the threat and securing the network. There are different models that are used for simulating the concepts and components with the system. The development of the unified communication model helps in understanding the approach that is used for understanding the problems in communication and improvement of the real life operation. There are different unified modelling techniques that can be applied for the identification of each of the steps involved in threat modelling process. The threat modelling is used for minimizing the vulnerability acting on the network (Dham and Rao 2014). For the development of the unified communication network the threats acting on the network is needed to be identified by performing a penetration test on the network. The network should be developed in individual modules for the identification of the flow of the data packets in the network and testing each of the modules for management of the exploitation of the network. The threats can be shrugged off easily such that the security of the network is not compromised and the awareness is improved for mitigation of the complex problems. After the identification of the threats acting on the network the vulnerabilities assessment is needed to be performed that helps in identification of potential impact and loss due to an attack (Kaplan et al. 2015). The vulnerability can be categorized into the following four categories such as:
Devastating – The services, assets are lost and cannot be restored and it causes huge loss in the business and reduces the number of visitors by 75%.
Severe – The network is damaged partially and some of the devices may not be restored and it needs the network to be inoperable for several weeks for configuration and management of the assets. It causes reduction of the visitors upto 50%.
Noticeable – It causes the network to be inoperable for limited time frame but it can recover within 24 hours. In this type a limited number of network devices are affected and can be recovered from the backup plan.
Minor – There are no significant impact of the vulnerability and the network downtime is less than 3 hours a no internal network devices are affected.
For the assessment of the vulnerability the potential impact of the loss of the loss due to different types of attacks are needed to eb measured and network professional with training should be recruited for performing a penetration testing. The test helps in identification in the flaws in the network design and configuration of the network devices used for the development of the proposed unified communication network framework (Puthal et al. 2017). The test can be performed with the means of automated software tools for exploitation of the network and access the core resources. Information is gathered from the network and the possible entry points in then network are identified and the attack is performed for breaking in the network. The findings are reported back for defining the weakness of the security of the network framework and securing the network. The organization security policy can also be tested for adhering the compliance requirement and increasing the security awareness between the employees for responding against the security incidents immediately. The weakness of the unified network are gathered and identified for making strategic decision and prioritizing the remediation for mitigation of the threat and vulnerability of the network.
The penetration testing can also be performed on the cloud platform for the prevention of the distributed attacks and prioritizing the investments for increasing the security. The frequency of penetration testing needed to be performed on the network depends on the organizational framework. It should be performed when there is a change in the current framework of the network i.e. new application is added or an network device is replaced. The upgrades and modification in the network and connecting new branches should be followed by a penetration testing for meeting the needs of the network (Wang et al. 2015). The regulation and compliance of the safety standards are needed to be followed for performing certain tasks and for the cloud platform permission of the cloud vendor is needed to be taken for performing the pen test. The penetration testing tools are used for scanning the malicious codes and uncovering the vulnerabilities of the standard application that may result in breaching of the codes. The encryption techniques that are used for encrypting the channels of communication can be identified with the hard coded values like password and username. The tools used for testing are easy to be deployed and configured for scanning the system easily. The vulnerabilities are categorized based on the severity and automated for verifying the vulnerabilities and generating reports and logs. Some of the widely used penetration testing tools are Metasploit, NMAP, Wireshark and John the ripper. The Metasploit is used for uncovering the security issues in a network and verify the vulnerabilities for its mitigation and managing the security process. The NMAP is used for scanning the open ports and the vulnerabilities related with the port. The IP address can be directed with the NMAP and used for monitoring the service uptime and host for mapping the network surface attacks (Bae et al. 2014). The wireshark can also be used for analysing the network packets flowing in the network by capturing it and analysing the smaller details of the activities in the network taking place. The real time traffic of the network is evaluated for the analysis of the threats related with the unified communication network and scrutinize the traffic details at the different levels. The john tool is use for cracking password in a package and identifying the password hashes for the detection of a customizable cracker. The penetration tester uses the tool for launching different types of attacks and finding the weakness of the database and the systems connected in the network.
For performing the penetration testing the scope is needed to be defined and it should include the systems, locations, tools and techniques that can be used for penetration testing. For limiting the scope of penetration testing such that the system have a control on the organization and manage the flow of the data packets (Gottimukkala et al. 2013). The penetration tester follows different types of strategies for performing the test and secure the unified communication network such as:
Targeted testing – It is applied on the targeted devices and the user connected in the network can visualize the test being carried out.
External testing – the externally visible servers of the company are targeted that includes the DNS server, firewalls, web server and email server. The main objective of this type of attacks is to find out that if an outsider can exploit the network if they gain access of this network devices.
Internal testing – It is performed inside the firewall by an authorized user who have the standard access privileges for estimating the damages causes by an disgruntles employee.
Blind test – It is used for simulating the procedures and action of a real attacker for limiting the information shared with the team or person performing the test (Liu et al. 2016). The penetration test needs much amount of time and reconnaissance that can be expensive.
Double blind test – It is used for performing blind test on the network and there are one or two people involved in the test and it can be used for monitoring the network security and identification of the incident for development of the response plan.
Black box testing – It is similar with the blind test and no information about the network is shared with the tester for performing the test and the test is performed by the tester by applying his own knowledge
White box testing – The targeted user receives all types of information about the targeted network before starting the test. The information contains the details of the IP address, protocols, network infrastructure details and the source codes.
Thus for combining the 3 large offices of Fenwick Inc. an unified communication network design is created and for enabling secure communication between the employees by means of video call, email, phone call and instant messaging. The users are enabled to collaborate in a dynamic environment for exchanging the sensitive information securely. For connecting each of the branches VPN site to site network is configured and all the communication takes place using the network access server. Since the public internet is used for establishing the connecting with the remote branch there are different security risk and it is needed to be eliminated for keeping the data or information secret. Secure communication tunnel is used for transmitting the data and allowing the company to work together in a secure environment.
In order to ensure the quality of the communication among three offices, it is highly recommended to use VPN. Fenwick wants to enable communication in this offices through video conferencing and phone call including email. The VOIP communication is changing the way of communication by route and transfer voice traffic in IP packets. VPN is mainly used to provide secure communication by encrypting the traffic. Encryption is an effective way to safe keep data from unwanted sources. The VPN will only allow communication between the IP addresses which are previously configured to receive data. Such technology is part of unified communication system. UC is able to integrate email, video, message and VoIP into one flawless application as required for Fenwick. Unified Communication is also a cost effective model for on-demand delivery of unified communications services in the cloud.
The integrated service model utilizes absolute parameters for single ?ows. However, because of scalability problems and long delays in the data transfers that take place as a result of applying this approach, a second approach based on the utilization of relative parameters is more widely practice in global Internet networks. Such an approach is employed in the differentiated services (DiffServ) model.
The different type of transportation system has different impact on the network in terms of their availability and effectiveness. The practice has been adopted by numerous infrastructure. Data networks are becoming more viable day by day in order to provide supporting telephony and the converged networks are engaging to make themselves apparent. A successful deployment must consider all of the required element of VoIP coverage. In the deployment of enterprise infrastructure appropriate guidelines needs to be set for performing an incremental rollout of IP telephony. There are certain aspects needs to consider for the development of VoIP. It also a complicated process to maintain the coverage area. Bypassing long distance toll charges for inter-office calls within the enterprise is one of the main issue. Replacing cost private branch exchanges is also needs to be considered. Deploying VOIP cannot be achieved through one stop shopping as it is very critical and maximizing the solution according to the possible scenario and facets make sense. For instance, one of the things a PBX can do for you is to multiplex ISDN circuits from a trunk group coming in from the PSTN. These can be used by data devices inside the enterprise network. Phone conversations are converted to a stream of IP packets and sent over an Ethernet network. The signals are restricted by the VPN. In terms of IP Telephony selection, the areas to deliberate are the reliability and quality of the equipment (and whether it maintain the desired applications), the usability of the services (which speaks to how readily it will be accepted), and how easily the telephony solution can be progressed (migrate) to your desired future system—these future application needs should be anticipated now. Finally, the TCO of the system must be computed to the best degree possible. Important TCO factors are upgrade costs and personnel costs to configure and maintain the converged network. The converged network architecture gives us flexibility, better response times for users, control over our telephony systems, back-end and toll-bypass savings.
Every organization and departments needs and maintain a full-fledged Local area network for interconnecting computers. The IP network can be operated through different media as fiber, wireless and copper. The advanced IP phones can also be plugged into the computer network while utilizing RJ-45 jacks. Not only the hardware, the latest software development and their standardization acceptance ensured that the real time applications such as video and voice can run alongside data on a computer network. The unified strategy needs to be planned and executed properly. There are also other critical components of the Services provides by the IP networks that assist the mass adoption which enables the tighter and newer integration among the voice, data and video applications. Typical IP telephony server always not support most of the features of the existing EPABX. The server can also be con figured to enable new feature out of box like CRM, database integration for allow call recording, meet ne conference, presence information, single number reach, communication capabilities and IVR enhancement and unified communication capabilities. Likely. Video conferencing system all over the worlds works effectively if both side of network provide optimal data connection. Such approach eliminates the requirement of the dedicated ISDN/PRI lines at each location and also did not have to pay for per minute charge which is applicable for common communication. There are mainly four components which is necessary for the IP network. The computer network itself required all the passive and active components to build VoIP and video over IP systems. The different type of transportation system has different impact on the network in terms of their availability and effectiveness. The practice has been adopted by numerous infrastructure. Data networks are becoming more viable day by day in order to provide supporting telephony and the converged networks are engaging to make themselves apparent. A successful deployment must consider all of the required element of VoIP coverage. In the deployment of enterprise infrastructure appropriate guidelines needs to be set for performing an incremental rollout of IP telephony. There are certain aspects needs to consider for the development of VoIP. It also a complicated process to maintain the coverage area.
The best of class unified communications platforms provide advanced functionality and features which could differ slightly from the competitors. The system can be designed to operate as end to end solution for all of the enterprise communication. The system must be modified according to the business requirement. Some of the requirements are listed below:
Every department of the company will, be able to communicate with the other department flawlessly through the unified communication system .The system will enable numerous feature. Some of the other features are also listed below:
Additionally, the utilization of owned session border controller device could ensure higher quality security between vendors. These pieces of equipment act as a conduct for voice communications, creating a barrier among the public and private network by offering IP-based signalling translation. IT professionals are mostly familiar with the five nines when it times to creating technical business needs for high demand environments. Without access to phones and data, your organization’s ability to communicate internally and externally is limited, which can result in devastating damage to customer relationships and loss of revenue. Some Unified Communications platforms only scale to 500 or 2,000 users. If you have a lot of users or aggressive growth goals, ensure that your solution can support cost-effective scaling to more users and sites.
Unified communication is becoming the modern standards for communication for business context. However it has several security threats that not only need to be identified but needs to be mitigated as well.
The common threats related to the unified communication are:
typically solution to unified communication threats include IPPBX, voice mail, core network solution, conference calls, wireless mobile devices, video conferencing solutions and the contact centre. Hence the solution to the security issues in the UC network cam be broadly classified into two categories:
UC infrastructure security encompasses physical and network security. In order to secure the UC solution it is required to ensure a secured network and telephony setup and that has to be ensure at the same time.
Physical security embraces batched and restricted access and that is made mandatory for the employees. It is also need to be made sure that no third parties or vendors have the access to the data centre and no one should be allowed to enter inside the data centre. Network security typically comprises arrangement of security for effectively securing the switching layer, routing layer, peripherals and wireless networks. Firewalls and an intrusion prevention system are also effective solutions that is worth considering for peripheral security. In order to secure network security remotely SSL or IPsec VPN might also be considered for achieving the mobile solution.
Securing the UC application is another important step for securing the UC network and communication through the network. The basic yet most effective solution is to secure the base OS. Other important components such as host intrusion prevention system, internal firewalls, network system need to be secured as well for ensuring secured access to the network. UC application security is typically achieved through enhancing security for the voice mail application, contact centre application and meeting places.
The system also needs to be maintained regularly in order to avoid any vulnerability. Intrusion detection process needs to be adopt which refers to monitoring network and hosts activities. It is used in computer security as it analyses the network activities and detect intrusion in system. The main reason of adopting such process is it assist to alert system administration and IT professionals with in the organization about any potential threat or weakness. The intrusion system also allow to prevent such threat which act as an active solution.
IDS:
The Intrusion detection system is designed to monitor outbound and inbound network activity which is useful to detect any suspicious action or threat that could attack the network. For instance, if some third parties is attempting to access the system in order to compromise the network or any secure data from the organization. It considered as a passive system as its only monitor the system and alerts the administrators. It cannot prevent the threat from attack. Generally, IDS analyses the network data and traffic in order to identify any exploits, attacks and probes or other vulnerabilities. It can respond in many different ways after detecting any threats. For instance, it can display an alert or paging or logging the event an administrator. Advanced IDS are able to reconfigure the network in order to reduce the effects of the exploits.
IDS searches for any unusual activity in the network which might be result of a hack, worm or virus. Such detection method is achieved by searching for known intrusion signature which stores information about previous captured exploits, virus and worms. IDS also analyse the traffic activity and alert the administrator if something unusual activity occurs. The only drawback is it can only detect known threats which are stored in the intrusion signature.
The IDS solution comes in various form. Network administrator need to configure both hardware and software at different location of the network. They also needs to look out for any alert initiated by the IDS and took action accordingly.
However, the organization cannot be totally rely on the IDS as it only assist to detect any potential theat. Here, IPS comes in action which is considered as next level security technology. IPS has the capability to provide security at all level of system which makes it superior to others. It also provides set of rules and guidelines for nnetwork traffic alsong with alerting system. Where IDS informs of a potential attack, an IPS makes attempts to stop it. Another huge leap over IDS, is that IPS has the capability of being able to prevent known intrusion signatures, but also some unknown attacks due to its database of generic attack behaviours. Thought of as a combination of IDS and an application layer firewall for protection, IPS is generally considered to be the “next generation” of IDS.
Manage VoIP
The success of the VOIP is mostly depends on the end-users. It offers high quality service as expected by the end-user. Due to the high expectation here is concern about relying on a delay-tolerant data infrastructure to carry delay-sensitive voice services. It is noticed that before auditioning voice, data networks becomes complicated because of the new applications, multitude of technologies and numerous combination of server and systems. It also increase the complexity for managing the performance. The system must be built for delay-tolerant applications as packet loss in the time of data applications transportation over a same system. However, IP voice communication works on real time which can be achieved flawlessly on a dedicated analogue network. However, when the voice becomes subject to the lows and high of a constant changing data network environment.
|
Characteristics |
Recommendation |
Definition |
|
Packet loss |
Dropped packets: Voice typically uses the RIP protocol running over UDP which doesn’t retransmit lost packets, meaning portions of the conversation can be lost. |
Below I% and 13% |
|
jitter |
Jitter is the variance in delay. When some voice packets arrive with little of Standards and delay followed by additional voice packets with greater delay, pans of the conversation on the receiving end will become unman. |
< 40ms |
|
Delay/latency |
The time it takes for data to get from point A to point B on the network. VolP is sensitive to delay because human conversation occurs in real time. |
Below 150ms. |
Additionally, managing VOIP required focus on some specific aspects which are listed below:
Remote IT infrastructure management services and IP telephony management services are prerequisites for enabling communication. Remote user management allows remote users to communicate with the other offices over the internet. The only drawback of the remote connection is options like call-back is not available. Some security challenges also may occur as the connection allow each local network to be validated for the network access while enabling virtual connection. Every organization and departments needs and maintain a full-fledged Local area network for interconnecting computers. The IP network can be operated through different media as fiber, wireless and copper. The advanced IP phones can also be plugged into the computer network while utilizing RJ-45 jacks. Not only the hardware, the latest software development and their standardization acceptance ensured that the real time applications such as video and voice can run alongside data on a computer network. The unified strategy needs to be planned and executed properly. There are also other critical components of the Services provides by the IP networks that assist the mass adoption which enables the tighter and newer integration among the voice, data and video applications. Typical IP telephony server always not support most of the features of the existing EPABX. The server can also be con figured to enable new feature out of box like CRM, database integration for allow call recording, meet ne conference, presence information, single number reach, communication capabilities and IVR enhancement and unified communication capabilities.
A fully secure unified communications requires significant changes in terms of the organization and IT environment. Some ethical aspects needs to be consider while utilizing such unified communication system. Establishment of a safe-environment throughout the organization is necessary for ensuring that the digital workplace stay secure. HR and IT departments must educate the potential users of such technology abot the guidelines ad workplace policies. Employees accessing Unified Communications remotely, or from their own devices can pose security risks if they do not comply with company security policies.
The utilization of system examination to make authoritative and personal changes, moreover presents risks for the academic field of interpersonal organization research about in light of the fact that information of the risks of rounding out a system overview will lead association individuals to stand up to taking action, or to reply in self-serving ways. The responses makes investigate more troublesome, and the second introduces threats to validity.
The term ethics is characterized as “a set of good standards” or “the standards of direct overseeing an individual or a group.” Since the beginning of civilization, the investigation of ethics and their effect has entranced civilization. But, what do ethics have to do with data frameworks?
The introduction of network adoption can profoundly affect human conduct. New advancements give such capacities that organization didn’t have previously, which introduces such conditions and circumstances that have not been explicitly tended in moral terms. In 1913, Henry Ford actualized the primary moving mechanical production system to make his Model T autos. While this was an extraordinary advance forward innovatively (and monetarily), the sequential construction system diminished the estimation of people in the generation procedure.
One strategy for exploring new moral waters is a code of ethicsr. A code of morals is a report that plots a lot of worthy practices for an expert or social gathering; for the most part, it is consented to by all individuals from the gathering. The record subtleties distinctive activities that are viewed as fitting and wrong.
A genuine example of a code of morals is the Code of Ethics and Professional Conduct of the Association for Computing Machinery, an association of processing experts that incorporates scholastics, specialists, and professionals. Here is a statement from the prelude:
Responsibility to moral expert lead is anticipated from each part (casting a ballot individuals, relate individuals, and understudy individuals) of the Association for Computing Machinery (ACM).
This Code, comprising of 24 objectives defined as explanations of moral duty, distinguishes the components of such a responsibility. It contains many, however not all, issues experts are probably going to confront. Area 1 diagrams basic moral contemplations, while Section 2 tends to extra, progressively explicit contemplations of expert lead. Proclamations in Section 3 relate all the more explicitly to people who have a position of authority, regardless of whether in the working environment or in a volunteer limit, for example, with associations like ACM. Standards including consistence with this Code are given in Section 4.
In the ACM’s code, experts will discover numerous clear moral directions, for example, the reprimand to be straightforward and reliable. But since this is likewise an association of experts that centres around figuring, there are increasingly explicit rebukes that relate straightforwardly to information technology:
Authoritative pioneers are in charge of guaranteeing that PC frameworks improve, not debase, the nature of working life. While executing a PC framework, associations must think about the individual and expert advancement, physical security, and human respect everything being equal. Suitable human-PC ergonomic norms ought to be considered in framework plan and in the working environment.
Planning or actualizing frameworks that intentionally or incidentally belittle people or gatherings is morally unsatisfactory.
Nobody ought to enter or utilize another’s PC framework, programming, or information records without authorization. One should dependably have fitting endorsement before utilizing framework assets, including correspondence ports, document space, other framework peripherals, and PC time.
One of the real favourable circumstances of making a code of morals is that it clears up the satisfactory norms of conduct for an expert gathering. The differed foundations and encounters of the individuals from a gathering lead to an assortment of thoughts in regards to what is adequate conduct. While to numerous the rules may appear glaringly evident, having these things point by point gives lucidity and consistency. Unequivocally expressing principles imparts the regular rules to everybody in an unmistakable way.
Having a code of morals can likewise have a few disadvantages. Above all else, a code of morals does not have lawful specialist; as it were, breaking a code of morals isn’t a wrongdoing in itself. So what occurs on the off chance that somebody abuses one of the rules? Numerous codes of morals incorporate a segment that depicts how such circumstances will be taken care of. By and large, rehashed infringement of the code result in ejection from the gathering.
Account of ACM: “Adherence of experts to a code of morals is to a great extent an intentional issue. Notwithstanding, if a part does not pursue this code by participating in gross offense, enrollment in ACM might be fired.” Expulsion from ACM might not have a lot of an effect on numerous people, since participation in ACM is generally not a necessity for business. Be that as it may, removal from different associations, for example, a state bar association or restorative board, could convey a gigantic effect.
Another conceivable inconvenience of a code of morals is that there is dependably a possibility that essential issues will emerge that are not explicitly tended to in the code. Innovation is rapidly changing, and a code of morals probably won’t be refreshed frequently enough to stay aware of the majority of the changes. A decent code of morals, in any case, is written in a sufficiently wide manner that it can address the moral issues of potential changes to innovation while the association behind the code makes corrections.
At long last, a code of morals could have additionally be a disservice in that it may not by any means mirror the morals or ethics of each individual from the gathering. Associations with a differing enrolment may have interior clashes about what is worthy conduct. For instance, there might be a distinction of supposition on the utilization of mixed drinks at organization occasions. In such cases, the association must settle on a decision about the significance of tending to an explicit conduct in the code.
Numerous associations that give innovation administrations to a gathering of constituents or general society expect consent to a worthy use approach (AUP) before those administrations can be gotten to. Like a code of morals, this approach diagrams what is permitted and what isn’t permitted while somebody is utilizing the association’s administrations. An ordinary case of this is the terms of administration that must be consented to before utilizing the general population Wi-Fi at Starbucks, McDonald’s, or even a college. Here is a case of a satisfactory use strategy from Virginia Tech.
Similarly likewise with a code of morals, these worthy use approaches indicate what is permitted and what isn’t permitted. Once more, while a portion of the things recorded are evident to most, others are not all that self-evident: “Acquiring” another person’s login ID and secret word is disallowed.
Utilizing the access for business purposes, for example, facilitating your own business site, isn’t permitted. Conveying spontaneous email to an extensive gathering of individuals is denied.
Additionally likewise with codes of morals, infringement of these strategies have different outcomes. By and large, for example, with Wi-Fi, abusing the adequate use strategy will imply that you will lose your entrance to the asset. While losing access to Wi-Fi at Starbucks might not have an enduring effect, a college understudy getting restricted from the college’s Wi-Fi (or potentially all system assets) could have a huge effect.
A fully secure unified communications requires significant changes in terms of the organization and IT environment. Some ethical aspects needs to be consider while utilizing such unified communication system. Establishment of a safe-environment throughout the organization is necessary for ensuring that the digital workplace stay secure. HR and IT departments must educate the potential users of such technology abot the guidelines ad workplace policies. Employees accessing Unified Communications remotely, or from their own devices can pose security risks if they do not comply with company security policies.
The utilization of system examination to make authoritative and personal changes, moreover presents risks for the academic field of interpersonal organization research about in light of the fact that information of the risks of rounding out a system overview will lead association individuals to stand up to taking reaction, or to reply in self-serving ways. The responses makes investigate more troublesome, and the second introduces threats to validity.
The utilization of system examination to make authoritative and personal changes, moreover presents risks for the academic field of interpersonal organization research about in light of the fact that information of the risks of rounding out a system overview will lead association individuals to stand up to taking reaction, or to reply in self-serving ways. The responses makes investigate more troublesome, and the second introduces threats to validity.
The term ethics is characterized as “a set of good standards” or “the standards of direct overseeing an individual or a group.” Since the beginning of civilization, the investigation of ethics and their effect has entranced civilization. But, what do ethics have to do with data frameworks?
The introduction of network adoption can profoundly affect human conduct. New advancements give such capacities that organization didn’t have previously, which introduces such conditions and circumstances that have not been explicitly tended in moral terms. In 1913, Henry Ford actualized the primary moving mechanical production system to make his Model T autos. While this was an extraordinary advance forward innovatively (and monetarily), the sequential construction system diminished the estimation of people in the generation procedure.
One strategy for exploring new moral waters is a code of ethics. A code of morals is a report that plots a lot of worthy practices for an expert or social gathering; for the most part, it is consented to by all individuals from the gathering. The record subtleties distinctive activities that are viewed as fitting and wrong.
Conclusion
From the above report it can be concluded that for the development of the unified communication model there are different things that should be considered such as identification of the multiple services and the implementation of the VoIP communication system that would help in development of a fully conveyed IP network. The main effort of development should be given on maximizing the security of the network and allow the management to monitor the activity of the user connected in the network. An advanced user notification system should be developed that would help in management of the secure information and supporting the wired and wireless network. The existing communication tool used by the company are analysed for the identification of the threat, attacks that are relevant with the tools and the design of the network. The network should be designed for securely transmit information with the users connected in the network in different location. The legal, ethical issues and the social requirement for the development of the framework is analysed for the development of the unified solution. The unified communication is used for getting real time communication service and it includes the voice over internet protocol, instant messaging, voicemail etc. The unified communication is deployed in the organizational network as a replacement of the old telecommunication system. The implementation of the unified communication helps in eliminating the need of installation of redundant equipment for converging and integrating different forms of communication in a single platform. With the implementation of the unified communication the productivity and efficiency of the network can be improved by enabling the business and consumer effectively communicate with each other. For the implementation of the unified communication the selection of the cloud platform would help in management of the unified communication and include multi server platform for increasing the security of communication. A performance analysis is done for the selection of the cloud service and platform and providing QoS for the network intended to deliver VoIP and video services. A penetration testing is performed on the network for the identification of the vulnerabilities with the present network and mitigate the threats for the development of the new unified communication network. After the identification of the threat the mitigation of the threat is identified and applied in the network by checking the parameters of security that are caused by the threat model. An unified communication threat model is created for enumeration of the cause of the threat and it is applied for the mitigation and testing of the threat. The strategy can be applied for ensuring the security of the network is maintained and the entry and exit point of the network are secured from the external agents.
Asrani, A., Koul, V. and Khot, R., 2016. Review of Network Steganography Techniques. Imperial Journal of Interdisciplinary Research, 2(12).
Bae, M., Kim, H., Kim, E., Chung, A.Y., Kim, H. and Roh, J.H., 2014. Toward electricity retail competition: Survey and case study on technical infrastructure for advanced electricity market system. Applied Energy, 133, pp.252-273.
Basile, C., Lioy, A., Pitscheider, C., Valenza, F. and Vallini, M., 2015, April. A novel approach for integrating security policy enforcement with dynamic network virtualization. In Network Softwarization (NetSoft), 2015 1st IEEE Conference on (pp. 1-5). IEEE.
Baskerville, R.L. and Wood-Harper, A.T., 2016. A critical perspective on action research as a method for information systems research. In Enacting Research Methods in Information Systems: Volume 2 (pp. 169-190). Springer International Publishing.
Bezukladnikov, I.I., Dadenkov, S.A. and Kon, E.L., 2016, February. A survey on methods of timing parameters’ probabilistic evaluation in distributed control systems: High-fidelity model of LonWorks-based network. In 2016 IEEE NW Russia Young Researchers in Electrical and Electronic Engineering Conference (EIConRusNW) (pp. 141-145). IEEE.
Carroll, J.M., 2014. Computer security. Butterworth-Heinemann.
Chen, G., Gong, Y., Xiao, P. and Chambers, J.A., 2015. Physical layer network security in the full-duplex relay system. IEEE transactions on information forensics and security, 10(3), pp.574-583.
Deter, M.L., Albright, D.T., Drongesen, K.G., Gonsalves, J.K., Borz, J.P., Bigley, J., Takayama, K.M., Soesbe, J.H. and Wong, D., Hewlett-Packard Development Company, LP, 2015. Office machine security policy. U.S. Patent 9,189,636.
Dham, V. and Rao, P.R., Sling Media, Inc., 2014. Systems and methods for establishing network
Gottimukkala, S., Huynh, L., Joseph, D., Overby, L., Devine, W., Behrendt, M. and Breiter, G., International Business Machines Corporation, 2013. Method of dynamically updating network security policy rules when new network resources are provisioned in a service landscape. U.S. Patent 8,424,053.
Inukollu, V.N., Arsi, S. and Ravuri, S.R., 2014. Security issues associated with big data in cloud computing. International Journal of Network Security & Its Applications, 6(3), p.45.
Kahate, A., 2013. Cryptography and network security. Tata McGraw-Hill Education.
Kaldor, M. and Rangelov, I. eds., 2014. The handbook of global security policy. John Wiley & Sons.
Kaplan, J., Bortz, A., Euresti, D., Tian, S. and Kao, A., DROPBOX, INC., 2015. SECURE LOCAL SERVER FOR SYNCHRONIZED ONLINE CONTENT MANAGEMENT SYSTEM. U.S. Patent 20,150,358,328.
Kaur, D. and Singh, P., 2014. Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WSNs during Wormhole Attack. International Journal on Network Security, 5(1), p.62.
Liang, C.S. ed., 2016. Europe for the Europeans: The foreign and security policy of the populist radical right. Routledge.
Liu, J., Li, Y., Wang, H., Jin, D., Su, L., Zeng, L. and Vasilakos, T., 2016. Leveraging software-defined networking for security policy enforcement. Information Sciences, 327, pp.288-299.
Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M. and Wright, C., 2014. Virtual extensible local area network (VXLAN): A framework for overlaying virtualized layer 2 networks over layer 3 networks (No. RFC 7348).
Mowry, R.P., Mowry and Robert P., 2015. METHOD AND APPARATUS FOR A STORAGE SERVER TO AUTOMATICALLY DISCOVER AND JOIN A NETWORK STORAGE CLUSTER. U.S. Patent 20,150,326,438.
Perlman, R., Kaufman, C. and Speciner, M., 2016. Network security: private communication in a public world. Pearson Education India.
Puthal, D., Nepal, S., Ranjan, R. and Chen, J., 2017. A dynamic prime number based efficient security mechanism for big sensing data streams. Journal of Computer and System Sciences, 83(1), pp.22-42.
Sherif, M.H., 2016. Protocols for secure electronic commerce. CRC press.
Siponen, M. and Vance, A., 2014. Guidelines for improving the contextual relevance of field surveys: the case of information security policy violations. European Journal of Information Systems, 23(3), pp.289-305.
Smith, J.A. ed., 2015. Qualitative psychology: A practical guide to research methods. Sage.
Thomas, R.G., 2014. Indian Security Policy: Foreword by Joseph S. Nye. Princeton University Press.
Wang, Y., Chi, N., Wang, Y., Tao, L. and Shi, J., 2015. Network architecture of a high-speed visible light communication local area network. IEEE Photonics Technology Letters, 27(2), pp.197-200.
White, G.B., Fisch, E.A. and Pooch, U.W., 2017. Computer system and network security. CRC press.
Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download