In order for the Crescent Manufacturing Inc. Company to upgrade the whole organization to windows 8 operating system, it has to develop a comprehensive SWOT analysis so as to achieve this objective. SWOT analysis is a majorly useful technique that helps in understanding the company’s strengths, weaknesses, opportunities and threats the company may face.
Strengths
- The company will be able to connect to all its stations effectively because windows 8 has better tools for managing, connecting to and managing networks hence enabling sharing of data in the network easy.
- The company will be able to give satisfactory services to its customers
- The company will have better security to its data because windows 8 is the most secure, this is because of its features like Secure Boot, this allows only software signed by authorized certificates in order for it to boot up which will prevent BIOS from sneaking.
- Administration services in the company will be extremely effective because of the operating systems efficiency.
Weaknesses
- The company has a small IT staff to handle the upgrade in the organization as a whole.
- The company staff is not familiar with some features of windows 8, and this will make the staff production and efficiency go down. It will take a long time to train all the staff.
- It will cost large sums of money to upgrade to windows 8 in the whole organization because in locations, like Maryland, some devices are not compatible with windows 8 and will require new devices to be purchased.
- The performance of the staff will go down mainly because they are not experienced in the use of windows 8 operating system.
Opportunities
- The technology is expanding, and the company will benefit from the many features of windows 8 that will enable it to offer its services effectively and efficiently.
- The company’s IT support will find it easy and effective to manage and secure the company’s data and handle all help desk issues effectively.
- The staff in the company will get training on how to use windows 8 which is mostly used across the world currently.
Threats
- The company may not have enough cash to upgrade the whole organization to windows 8 because it will be frightfully expensive to purchase new hardware.
- Changes in technology may change this organization beyond its ability to adapt to the many possible changes.
- Most of the devices, for example, in the Maryland facility are not compatible with windows 8 operating system.
The organizations upgrade plan requires that all the devices in the organization to be compatible with windows 8. There are 250 computers in Texas and 25 in Nebraska that were upgraded one year ago by CMI’s Information Technology (IT) department, and they are compatible with windows 8. The ones in Maryland are 25 and were last upgraded five years ago. All the hardware, in this location, should be upgraded to ones that are compatible with windows 8. Also, the laptops used by sales persons need to be replaced, for example, the ipads used can only use iOS 7 operating system.
Windows 8 requires some minimum hardware requirements for its compatibility. For example, Random Access Memory (RAM) should, at least, have the following specifications. Minimum of 512 MB, but for more efficiency it is recommended that a computer should have 2 GB of RAM or more. For a 64-bit system, a maximum of 4GB for windows server 2008 Standard or 64 GB for Windows Enterprise or Windows 2008 Datacenter. Disk space should, at least, be 40 GB or more, Super VGA (800*600) or higher resolution monitor.
The systems that need hardware upgrade, are the 175 computers Maryland that were last upgraded 5 years ago by CMI’s Information Technology (IT) department, the 50 laptops and tablets used by the sales persons. The total number of hardware devices that need to be replaced with ones that are compatible with windows 8 are 225 devices. The ones in Nebraska and Texas will not be replaced.
The organization should use phased-in approach in upgrading its systems to windows 8. This upgrade should start with Texas and Nebraska locations. In Texas, there are two hundred and fifty employees and this will translate to 250 devices to be upgraded, also in Nebraska there are 25 employees and it means there are twenty five devices to be upgraded. After finishing the two stations, the 175, in Maryland, and the 50 tablets and laptops will be upgraded later when the compatible hardware is in place.
The upgrade should start from the named location because the hardware devices used in these locations meet the requirements for the upgrade. Since the devices in Texas and Nebraska were upgraded one year ago, its hardware meets the requirements for them to be compatible with windows 8. But the laptops and tablets used by sales persons and the 175 computers in Maryland need to be replaced before the upgrade process is started.
The upgrade plan for the Crescent Manufacturing Inc. (CMI) organization will take a long time to be completed. First, all employees should be trained on how to use windows 8. After that, the IT technicians will begin the upgrade starting with critical departments in the organization's structure, in Texas and Nebraska stations.
This upgrade plan will not be completed in a short time because there is no enough personnel in the IT help desk to implement the upgrade. The 50 IT technicians, in the company, will be overwhelmed by the pool of work of training the employees on how to use windows 8 and implementing the actual upgrade plan. Also, the organization may not have enough funds to purchase the new hardware that must be acquired before the process begins in some locations.
One approach that IT can use in order to ensure that they test thoroughly critical business applications is using Penetration Testing services (External and Internal). Its purpose is to validate existing security control effectiveness. Also, it is to evaluate the awareness of the organizations security, intrusion detection and response to incident capabilities during testing. This technique is designed to demonstrate what a dedicated and skilled attacker might accomplish during the test period.
IT can conduct testing to identify and exploit the vulnerabilities so as to acquire key logical targets. The targets consist of many types of data, like customer information, credit cards information, confidential employee information and company’s financial information and the types of system access, for example, administrative access to network devices or windows domain administrator privileges. This test follows least resistance approach path such that it is only done on the vulnerabilities that are necessary to access the systems, escalate the privileges and expose the confidential data so as to achieve the project targets.
This test is intended to simulate the attack on real world scenarios and to demonstrate the impact of human security weaknesses, technical and procedural defenses that include the overall security of both the internal and external environment. This test consists of the following activities. External penetration testing which include; reconnaissance of publicly available company information, reviewing the company’s information, manual attempt to identify and exploit security vulnerabilities and social engineering via emails.
Internal penetration testing include offsite meeting near one physical targets physical intrusion attempts into target locations, and attempt to gain access to any physical targets. There is also attempt to gain access to the internal network via the existing computer connection, and attempt to gain access to internal networks via wireless network connection. Another penetration mechanism and attempt include manual attempts to identify and exploit security vulnerabilities. There is also an analysis of findings in order to determine and document information regarding the level of risk severity impacted systems and summary of the business risk.
Some practices can be employed to protect the tablets and laptops using windows 8 used by the sales people. These security practices will protect their data, in case their gadgets get lost, stolen or data being compromised by hackers. One of the Practices is to back up critical data frequently, this will help protect data in case of hardware failure, operating system crash or even attack by viruses which may corrupt the stored data. The data can be stored in USB flash drives, Oncourse resources or cloud storage.
Making use of BitLocker Drive Encryption mechanism. This will protect the data in laptops and tablets against all physical threats in case of anything mostly when it is lost or stolen. It will help encrypt the laptops hard drives to give enhanced protection to removable drives that are used by sales persons in case they lose them stolen, also prevent data theft or any exposure in the computers. This is a feature that is available in windows 8 Enterprise, windows 8 Pro and also in all editions of the Windows server 2012.
Windows Accounts should be secured by renaming the Administrators account; this will help prevent most of the attacks like brute force password and the tried login combinations of the administrator’s passwords. This is because, being administrators’ account is left open to hackers, then one will have given them more than 50% of the information they require so that they can compromise your computer account and should be avoided by all means possible.
AppLocker is a standard group policy-based software that can be used, by administrators, to specify the applications that they want to block. They should create rules that will tell windows which applications to block or allow in the system. This will make it easy to achieve the desired level of control of applications. AppLocker has some advantages and disadvantages as well.
One of the advantage of AppLocker is that it lowers support costs hence the organization will save a lot of money. It makes sure that employees will not run any application that can interfere with computers stability. Some applications if installed to the computers may affect the functionality of other programs that are critical to the business and in the long run lowering the productivity of the persons using them.
There is also AppLocker help in Software License Control. Before it was introduced, organizations had considerable difficulty in tracking software licenses mainly because they are required, by law, to own licenses for all the applications being used in their computers. If any user/employee installs unauthorized software, the organization will be liable for the license of that software. This is so, even if it was installed without the consent of IT support. AppLocker will help a terrific deal in preventing such cases.
Malware prevention is another greatest advantage of AppLocker to the company this is because it prevents any application from running unless they are authorized specifically to do so. The company can stop using antivirus software in the workstations network and instead use AppLocker. This will make the organization save enormous sums of money annually in purchasing antivirus software. This is the case, and yet AppLocker is built into windows and no cost will be incurred in using it.
AppLocker also has its limitations, as well. One of it is that it cannot control Arbitrary File Extensions, for example, PL for Perl scripts. Therefore, AppLocker rules cannot be created in order to block or prevent execution of Perl scripts. It may be used to prevent execution or installation of Perl script interpreter if they are needed. This is because third party Perl script interpreters are not designed to make use of Applocker application programming interfaces. This is the reason why AppLocker rule cannot block PL scripts from running in the computers.
It cannot hold the WSF Scripts. AppLocker can be used to block some kinds of scripts from running in the organizations computers it can control the execution of Windows command line scripts (.CMD), Windows Powershell (.PS1), batch scripts (.BAT), javaScript (.JS) and VBScript (.VBS), but it cannot be used with the Windows Script File (WSF) scripts. Also, it cannot be used to lock down other active embedded content and micros within excel spreadsheets or word documents.
AppLocker cannot handcuff local administrators, this means that it if the users of personal computers have the privileges of a local admin, AppLocker cannot lock them down. If the computers are domain joined and AppLocker policy and group policy applied, then the AppLocker domain based policy are both applied in a fashion which is additive.
It cannot also deal with 16-bit apps if the organization still uses 16-bit applications, for example if a computer is running a 32-bit windows version AppLocker cannot be used to block installation of some specific 16-bit programs. In 16-bit programs, since 16-bit programs are loaded by NTVDM.EXE, AppLocker cannot be used in blocking execution of such programs by locking down NTVDM.EXE and 16-bit programs will not run in those systems which include those needed to run the business.
The company can manage application installation to computers and tablets used by its employees through windows store. Windows app store is Microsoft Windows online store. This platform provide listings for desktop and mobile applications that are certified to run on windows. There are some steps that companies should follow in order to establish a company’s account, enroll their devices and distribute the applications to the enrolled devices.
The following process should be followed, by the CMI organization, to register its account on windows phone Development Center. This is to acquire an Enterprise certificate from Symantec. It should create an application enrollment token (AET) which is used to enroll phones in the company account. Develop a company Hub app that will be installed and used by company employees, the app should be prepared for distribution by pre-compiling assemblies included in the XAP into the native code; finally the company’s employees should enroll for the company app distribution on their computers and phones and install the company apps from the Company Hub app.
When the upgrade is complete, and all devices are running windows 8, the company will benefit a terrific deal because it will make service delivery to its customers efficient, and, on the other hand, the IT help desk will find it easy to handle all issues effectively because of windows 8 administrative advantages. The company’s employees and customer’s data will be secure from any attack by hackers or when the devices are lost. The company will be able to save large sums of money on the maintenance hence high profits.
References
Shinder, D. (2012). Windows 8 Tablets: Secure enough for the Enterprise. Retrieve May 24th, 2014, from<http://www.windowsecurity.com/articles-tutorials/Mobile_Device_Security/Windows-8-Tablets-Secure-enough-Enterprise.html/>
Poarch D. (2014). Steps to an Effective Vulnerability Assessment. Retrieve May 24th, 2014, from
<http://focus.forsythe.com/articles/211/8-Steps-to-an-Effective-Vulnerability-Assessment>
Critical Start. (2014). Penetration Testing and Vulnerability Management. Retrieve May 24th, 2014, from <http://www.criticalstart.com/penetration-testing-and-vulnerability-management/>
Jones, D. (2013). . AppLocker and Least Privilege. California: USA