Enhancing Security in System Administration

Enhancing Security in System Administration

Situation & Problem Statement

MegaCorp is planning to spend a large amount of money in the near future, upgrading from Windows 2003 and Windows XP to Server 2008 and Windows 7, to take advantage of the many new features offered by those operating systems. The area receiving the most attention is system security. The MegaCorp principals are keenly aware of the increasing frequency, size, and cost of data breaches occurring worldwide. The MegaCorp CIO believes that past and current deployments of the enterprise information system have not supported system security well.

Purpose of the paper

This research paper identifies the best practices for server deployment and administration, which enhances the security of the MegaCorp.

Aims & Objectives of the paper

The aims & objectives of the paper propose how to enhance security:

before, during & after the server deployments.

before, during & after the implementation of a domain environment (i.e., AD DS).

before, during & after the infrastructure, application, file, and print service.

before, during & after the implementation of storage and high availability solutions.

The paper also aims at determining how to enhance security via the

management of enterprise server systems

monitoring of enterprise server systems

backup of enterprise server systems

Significance of information security

The goal of information security is to ensure the availability of information and information processing resources, and provide means to establish and retain the integrity and confidentiality of information within the system (Lee, 2012). Conservative estimates of annual losses due to security breaches begin at $80 million. Some survey firms (e.g. USA Research in Portland, OR) indicate that the losses may actually be in the billions of dollars . Fried estimates that a related cost of system downtime is around $4 billion a year with a loss of 37 million hours in worker productivity. On an individual organization level, Hoffer and Straub's study shows that a single breach in security can cost hundreds of thousands of dollars. Yet, the total loss resulting from security breaches is unknown. Public knowledge of security violations and resulting losses is often suppressed (Son, 2011). Lack of information concerning the total cost of security breaches and the number of actual incidents of security abuse may promote an erroneous level of comfort regarding systems security. Many organizations do not introduce appropriate security measures until a major breach in security has occurred. Today's security managers must grapple with the challenge of developing a security strategy that achieves a balance between reasonable security precautions and excessively costly measures(Lee et. al., 2010). When managers do not implement adequate security measures, they place their organizations at risk.

Enterprise Architecture

Enterprise Architecture looks at the strategies, functions, processes, data, systems, organizations and people of an enterprise in order to better align resources with the strategic objectives of the organization. It provides an enterprise-wide functional view of an organization which reduces redundancy and promotes a shared view of data and processes across the organization(Ick-Soo, 2010). By identifying common processes and data, the Smithsonian can use shared services and systems where needed, thus leveraging ...