Today business is moving faster than it ever has before. With the Internet and e-commerce, even brick and mortar businesses are now open twenty-four hours a day and seven days a week. However, there are security threats that linger with this new age of business that need to be mitigated. According to a survey by the National Cyber Security Alliance (NCSA) and Symantec, a company that offers security solutions, seventy-seven percent of small businesses believe that they will not fall victim to security issues (Symantec, 2012). Even more alarming is that the survey found that eighty-three percent of these businesses did not have any form of security plan.
The projected growth of the Deli and Dessert Co. (DAD’s) makes it essential to implement security procedures to protect the business today and in the future. This document will outline the approach, risks, and recommendations of a formal security plan to better prepare for the uncertainties.
In an ideal world, there would be an unlimited amount of money to fund security procedures. However, this is not something feasible for most small businesses. The recommendations laid out in this proposal take into consideration DAD’s budget and provide the minimum requirements for protection within that budget. Additionally, recommendations are made to bring an even higher level of security to the business.
As with any security plan, it will be necessary to balance security and convenience. Anytime security is increased, there is an inverse relationship with convenience (Ciampa, 2014, p.10-11). Therefore, the solutions presented also take into consideration a maximum level of security without compromising too much convenience.
On page 17 a new design has been proposed to fully secure DAD’s system. Each DAD’s store will have two new Point of Sale devices. These new machines will have Windows 8 pre-installed. The remaining eight computers will need to be updated to Windows 8 because Windows XP is no longer supported by Microsoft. All computers will need antivirus software and encryption software. The antivirus software will prevent unwanted malicious software and other malware from entering the computers. The encryption software will protect sensitive information that is sent over the Internet that may compromise the company if seen by the general public. We recommend internet access restriction software for DAD’S main store and the other five store locations. Restricting access to sites on the Internet will aid in cutting down on the vulnerabilities that the company faces by preventing employees from visiting high risk websites. Each computer will need a standby uninterrupted power supply (UPS). These UPS’s will allow time to save any data and to properly shut down a computer during a power failure. For the central office we recommend installing a network firewall that will protect all stores via a virtual private network (VPN). This firewall will continue to update...