This report depicts the importance of developing different security aspects those are necessary to be adopted by the enterprises to keep their sensitive information safe from the external attacks. For developing this particular report the selected organization is Woolworths Limited, headquartered in Australia. After analyzing the technologies and tools used in this company it has been determined that, due to lack of experts and technical opportunities currently the company is facing major level risks (Almorsy, Grundy & Müller, 2016). In order to minimize these risks, risk analysis matrices are required to be designed accordingly by Woolworths Limited. In order to design the risk analysis matrix risks are needed to be mapped and analyzed as well.
In order to gain effective success and business revenue from the competitive marketplace Woolworths Limited should develop certain strategies like Business Continuity Planning (BCP). By proposing a contingency planning the strategies can be developed in this business organization. For improving the existing technology of the company, proper security aspects for disaster recovery, security audits as well. In order to control the risks associated to the company it is necessary for the company to investigate all the existing tools and technologies those are widely using by the company to resolve their security level issues. For storing information regarding the employees and the company details, the company uses cloud storage to gain huge storage. The cloud platform has the ability to store huge information with the features like disaster recovery and data backup as well these aspects are also elaborated in this report.
The company is currently searching for technology edge even after the completion of the project galaxy. The Woolworths Limited is weeks far from completing a $100 million push for consolidating and upgrading the merchandizing software system those are used by the company is getting upgraded day by day (Ryan, 2013). The source of products and services along with the market to the consumers throughout its brand images also become cheaper after the adoption of the merchandizing software system for the company. This particular project is internally referred to as project galaxy. In order to underpin the relationship between the consumers and service providers rather for improving the customer relationship management it is necessary for the company, to introduce the new system from ER SAP.
From management system the performance reporting, buying and store ordering processes could be improved accordingly. However from the overall system development the module management system can also be promoted. Instead of online spreadsheet currently the company is using the new online portal for their company (Kshetri, 2013). For serving this purpose the company is spending the past months for training Big W Partners. The newest technology Big W is helping Woolworths Limited to enhance their consumer market. The company is willing to develop the project galaxy it is expected that the project can be successfully completely within upcoming 2 years. The current tender of the project is worth $100Million and a well known Multinational Company is working on this project. For structuring the end to end business for Woolworths Limited, the inventory, distribution centre, warehouse and transport management system is also developing accordingly by the project developers who are working for the company (Zhao, Li & Liu, 2014). In addition to this currently the company is also launching new refrigerant technologies as well.
In order to improve the existing business approach of business organization Woolworths Limited is approaching different fresh approaches towards technologies. In order to provide a much convenient direction to the consumers of Woolworths Limited the company is trying to develop their technology usage (Chou, 2013). As the company has more than 20,000 staffs and over 3,000 stores in New Zealand and Australia thus for managing the business structure the company is developing their range of technology usage. Different advanced technologies used by the company are as follows:
Radio Frequency Identification Device (RFID): As the number of consumers of the company is increasing everyday thus managing those large numbers of consumers the enterprise has developed RFID tags so that the buying and selling approach of the company become much easier and convenient as well (Kaur, Gobindgarh & Garg, 2015). This particular technology will help the business organization to manage and record the details of their products bought and sold. With the help of RFID technology the company will be able to access the correct application and data as well regardless of their location and tie as well.
Cloud: As the number of customers and products as well are increasing day by day thus for managing those data the traditional manual data management system stands very much disadvantageous (Rasheed, 2014). In order to resolve the issues associated to data management SaaS cloud platform is adopting by the company.
Innovation with Google + and Google Drive: For transferring the business aspects and other approaches, Woolworths Limited is actively looking for innovation with Google +, Google drive and Google sites as well (Tirthani & Ganesan, 2014).
Different tools and technologies used in this company are as follows:
|
Context establishment |
Description of risks |
||||||
|
Context |
Objectives |
Source of risks |
Description |
Current control |
Control rating |
Risk rating |
Risk evaluation |
|
Internal risk |
To increase business productivity |
The technologies used in the business organization |
If the company fails to identify the technologies properly then due to lack of management of technology the company will face major level of risks (Salah et al., 2013). |
In order to control the risks currently the company has adopted different technologies such as cloud, RFID etc. With the help of the RFID and cloud the information cloud is controlled completely |
This particular control approach could be rated as 6 out of 10. |
The impact of this particular risk is very high |
In order to manage this particular risk it is necessary for the company to adopt proper risk evaluation technology in terms of barcode scanning and RFID as well. |
|
Internal risk |
To increase business productivity |
Technologies used in Woolworths Limited |
If the company fails to analyze the risks properly then the company will not be able to manage the security risks accurately (Duncan, Zhao & Whittington, 2017). In order to manage the rate of risks service level technologies and different tools should be adopted by the management authority (Whaiduzzaman & Gani, 2014). |
For mitigating this risk currently the company does not have any such technology but though they have a current technology named as project galaxy. |
Medium |
High |
In order to manage this particular kind of risk it is necessary for the company to adopt proper security aspects |
|
Internal risk |
Data breaches |
Technologies used in Woolworths Limited |
In order to manage the risks of security the company should adopt proper encryption algorithm for the company (Sachdev & Bhansali, 2013). |
Currently the company has cloud platform for controlling these risks. |
High |
High |
In order to mitigate this particular risk the company should adopt proper encryption algorithm (Popa et al., 2013). With the help of encryption algorithm none of the external and unwanted attackers could hijack information the data server (Taha et al., 2014). |
|
Probability of occurrence |
Impact of occurrence |
||||
|
Very low |
Low |
Medium |
High |
Very high |
|
|
Rare |
|||||
|
Unlikely |
|||||
|
Possible |
Managerial issues |
Security issues |
|||
|
Likely |
Absence of Design Methodology |
Failure of the system |
|||
|
Almost Certain |
Project completion delay |
After analyzing different risks those are rising in Woolworths Limited it has been defined that, many components are needed to be considered by the management authority of the business organization. Due to lack of financial support the company fails to adopt all the necessary security aspects (Hendre & Joshi, 2015). In order to recover information from the data server proper and effective information processes are required to be adopted by the management authority of the business organization. For processing information technology quickly and effectively information are required to be controlled accurately. The employees working for the organization use Voice over Internet Protocol (VoIP) telephone for communicating to each other. In order to transit information from one end to the other Electronic Data Interchange (EDI) technology is required to be used (Kazim & Zhu, 2015). For order entry and payment processing these particular technologies are widely used by the business organization.
Due to lack of proper data management approaches, business strategies and technical experts currently the company is facing major issues throughout. In order to create, process, manage information in a correct direction different digital devices are used by the management authority (Khalil et al., 2013). For controlling these issues accurate disaster recovery plan is needed to be adopted by the company. However, if the company fails to adopt these recovery plans properly then the company will face both financial as well as security level risks (Ramachandran & Chang, 2016). The steps those should be adopted for developing the disaster recovery plans are as follows:
After the development of the Disaster Recovery Plan (DRP) for Woolworths Limited the company will be able to gain the following:
|
Name of the risks |
Impact |
Frequency |
Details description |
|
Data hacking |
High |
High |
The information stored in the data server used in Woolworths Limited could be hacked by the external and unwanted attackers and misused as well. (Mishra et al., 2013) |
|
Inadequate IT trained staffs |
High |
Medium |
Due to lack of trained IT staffs the management authority and employees as well who are working in the business organization will fail to work efficiently even they will also fail to handle technologies (Khan & Tuteja, 2014). |
|
Lack of Backup operators |
High |
High |
Due to lack of backup operators the employees and management authority will not be able to retrieve information from the storage (Donald, Oli & Arockiam, 2013). Though, data recovery is referred to as one of the most important things that are strictly required to be considered. If any information gets hijacked then there must be an existing technology that could be used for retrieving information. |
|
Lack of resources |
Medium |
Medium |
Due to lack of resources the company might fail to develop the required plans. In order to resolve the issues associated to lack of resources proper financial support and capital investment is required to be done by the management authority (Tsalis, Theoharidou & Gritzalis, 2013). |
After developing the business strategies those are required to be managed in a well manner and even for long term success and measurable revenue value business continuity planning are required to be developed by the management authority of Woolworths Limited. In order to maintain the business functionalities and operations business continuity plan considering the disaster recovery is needed to be developed by the management authority of Woolworths Limited. The necessary steps those ought to be adopted for giving long term success to the company are as follows:
Development of contingency planning policy statement to provide the authority and guidance necessary for the development of effective contingency planning
Seven different layers are there in the OSI model and among those layers security should be developed in the transmission layer and data link layers. While transmitting information from the sender side to the receiver side it is necessary for the management authority to adopt encryption algorithm and application firewall as well (Ryan, 2013). It will help Woolworths Limited to secure the transmission channel to protect information from the external attackers.
Not only in the transmission layer but also in the data link layer these security mechanisms are needed to be adopted for protecting the content of the information from external attackers.
The security policies those should be developed by the business organization named as Woolworths Limited are as follows:
Conclusion
From the overall discussion it can be concluded that, in order to resolve the issues associated to technology and tools used by Woolworths Limited could be completely minimized or even resolved after the implementation of proper security technology. The existing tools used by the company are RFID, cloud and Google App as well however, many issues are again associated to it. With the help of cloud computing technology the issues of disaster recovery, data backup, and security risks could be completely minimized. The applications through which the issues of data backup, disaster recovery can be resolved completely are also elaborated in this report. In addition to this, a risk register and security approach is also elaborated on these reports that are helpful for resolving the issues of cyber security. If proper security aspects are not adopted then, the company will be not be able to develop proper security therefore for improving the existing system of the company business continuity planning should be adopted and regulated by the management authority of the organization and the way through which the development is done are also illustrated in this report. After identifying the risks, those risks should be analyzed accordingly and for mitigating those risks risk analysis and control mechanism are also needed to be adopted by Woolworth Limited. After adopting Cloud platform in the organization, it will be able to gain application resilience, data backup and disaster recovery features.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of Computer Science & Information Technology, 5(3), 79.
Donald, A. C., Oli, S. A., & Arockiam, L. (2013). Mobile cloud security issues and challenges: A perspective. International Journal of Electronics and Information Technology (IJEIT), ISSN, 2277-3754.
Duncan, B., Zhao, Y., & Whittington, M. (2017, February). Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle?. In Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017). IARIA.
Hendre, A., & Joshi, K. P. (2015, June). A semantic approach to cloud security and compliance. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on (pp. 1081-1084). IEEE.
Kaur, J., Gobindgarh, M., & Garg, S. (2015). Survey paper on security in cloud computing. International Journal in Applied Studies and Production Management.
Kazim, M., & Zhu, S. Y. (2015). A survey on top security threats in cloud computing. International Journal of Advanced Computer Science and Applications (IJACSA).
Khalil, I. M., Khreishah, A., Bouktif, S., & Ahmad, A. (2013, April). Security concerns in cloud computing. In Information Technology: New Generations (ITNG), 2013 Tenth International Conference on(pp. 411-416). IEEE.
Khan, M. S. S., & Tuteja, R. R. (2014). Security in cloud computing using cryptographic algorithms. IJCA.
Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4), 372-386.
Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing security. International Journal on Recent and Innovation Trends in Computing and Communication, 1(1), 36-39.
Popa, D., Cremene, M., Borda, M., & Boudaoud, K. (2013, January). A security framework for mobile cloud applications. In Roedunet International Conference (RoEduNet), 2013 11th (pp. 1-4). IEEE.
Ramachandran, M., & Chang, V. (2016). Towards performance evaluation of cloud service providers for cloud data security. International Journal of Information Management, 36(4), 618-625.
Rasheed, H. (2014). Data and infrastructure security auditing in cloud computing environments. International Journal of Information Management, 34(3), 364-368.
Ryan, M. D. (2013). Cloud computing security: The scientific challenge, and a survey of solutions. Journal of Systems and Software, 86(9), 2263-2268.
Sachdev, A., & Bhansali, M. (2013). Enhancing cloud computing security using aes algorithm. International Journal of Computer Applications, 67(9).
Salah, K., Calero, J. M. A., Zeadally, S., Al-Mulla, S., & Alzaabi, M. (2013). Using cloud computing to implement a security overlay network. IEEE security & privacy, 11(1), 44-53.
Sari, A. (2015). A Review of Anomaly Detection Systems in Cloud Networks and Survey of Cloud Security Measures in Cloud Storage Applications. Journal of Information Security, 6(02), 142.
Taha, A., Trapero, R., Luna, J., & Suri, N. (2014, September). Ahp-based quantitative approach for assessing and comparing cloud security. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on (pp. 284-291). IEEE.
Tirthani, N., & Ganesan, R. (2014). Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography. IACR Cryptology ePrint Archive, 2014, 49.
Tsalis, N., Theoharidou, M., & Gritzalis, D. (2013, December). Return on security investment for Cloud platforms. In Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on (Vol. 2, pp. 132-137). IEEE.
Tsugawa, M., Matsunaga, A., & Fortes, J. A. (2014). Cloud computing security: What changes with software-defined networking?. In Secure Cloud Computing (pp. 77-93). Springer New York.
Whaiduzzaman, M., & Gani, A. (2014, February). Measuring security for cloud service provider: A Third Party approach. In Electrical Information and Communication Technology (EICT), 2013 International Conference on (pp. 1-6). IEEE.
Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on fully homomorphic encryption. In Advanced Communication Technology (ICACT), 2014 16th International Conference on (pp. 485-488). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download