What is STP works?

Contents

Executive Summary 2

Project background 3

How is this project going to support the future growth of STP Ltd. 3

Project goals 3

Strategic alignment of project 4

Network Security 5

Securing Data 5

Mobile Device Security 5

Plan for hardware purchases 6

Business Continuity 8

Data Backup 9

Physical security 10

Succession planning 10

Risk Management 11

Training and awareness 12

Integration technology 12

Conclusion 12

Recommendations 13

References 14

Executive Summary

This report evaluates the information system that has been recently installed at STP work Ltd. The report investigates the networking system of the firm and its association with the staff. Different procedures and strategies have also been mentioned throughout the report for business durability and to help management in making more accurate decisions. It discusses the rebuilding of information system in all four locations of the company i.e. Wollongong, Sydney, Bathurst and Lithgow. The report has provided efficient approach to the business operations that would equip the staff with tools that would help with the growing sales.

Take help for your assignment

Whenever you are in a need of help for your assignment, essay or report, we are here to assist you

Project background

Project background provides necessary details to recognize the issues that STP Limited is facing. STP Limited is basically a cabinet maker company that is headquartered in Wollongong. With the growing sales, company has opened stores in Sydney, Bathurst and Lithgow. It has opened a state of the art computerized manufacturing to produce cupboard and drawer fronts in Sydney. To run all operations, STP’s owner has invested a valuable amount in installing a new information system and is concerned about the performance, security threats and profitable functionality of the upgraded information system. Therefore, investigation into the project is required to know why the information system was needed, what are the project scope and goals, expectations and project alignment with strategical goals.

It was planned that with the start of new project, data base and web based systems for accounting, stock control and customer management will be provided to all stores of STP Limited. STP Limited took the services of internet company ADSL (Asymmetric Digital Subscriber Line) for internet connection along with a modem and a switch that allows employees to connect with internet wirelessly through BYOD (bring your own device). Project was designed to operate in all four locations by the staff of STP Limited and further expansion of operations was also included in plan. There are 18 staff members currently working in four different locations of STP Limited, however, the project involves a plan to hire another member in Sydney store with more technical knowledge for sales representation, to deal with the growing sales.

How is this project going to support the future growth of STP Ltd.

The installation of new information system, offers STP ltd an opportunity of business expansion. In the contemporary era, technology is a vital ingredient in the success recipe of any business (Tansey, 2003, pp. 03). Evaluation of STP Ltd.’s sales, security system, customer satisfaction and privacy of data are the main objectives of this project which will help the management know where does the company stand in terms of business and what measures they can take to enhance their business.

Project goals

The foremost purpose of starting the project is to introduce a control system that covers the procedures and operations of whole company, including contents of the buildings, items in stock, property, customers’ information and accounts etc. The project intends to make network system precise and reliable. Upgradation of all stores with a new information system and related networking equipment that could serve in a better manner to fulfill the business needs is also a priority of STP limited. To assist the sales of in-stock cabinets, drawers’ fronts and cupboards, it is important to improve the system of dealing with customer relationship management, by developing a website.

Strategic alignment of project

It is imperative to understand the aims of installing new information system with the help of SWOT analysis to evaluate all internal and external factors that affect how the STP Limited functions. SWOT analysis shows that the initiative of updating the new information system is a right and valuable decision taken by the owner of STP Limited. The analysis also shows that a fast growing business can ensure productivity by equipping its employees with right tools.

Table 1: SWOT Analysis of Project

Strengths Weaknesses Opportunities Threats
Growing business No online customer based accounts Plan to launch new installation vans Quality issues with suppliers
Installation of new Information System No satisfactory strategies to improve business Planning to enhance business by offering franchises Internal threats such as threats to company’s important data because of mobile devices and BYOD
New computerized manufacturing facility in Sydney Employees with almost no technological experience Plan to make online payment system External threats such as natural disasters
Employees with years of experience in same company

Network Security

As mentioned in the project background, STP limited is using ADSL (Asymmetric Digital Subscriber Line) for internet connection and wireless internet through BYOD (bring your own device), so the network will be potentially exposed to a variety of malwares, from simple viruses like worms which enter computers through networks, to complex malwares like armored viruses which are designed in such a way that their detection is prevented by IT analysts. To encounter such viruses, it is imperative to analyse the network devices, their technologies and design.

Securing Data

STP Limited’s new information system mainly depends on internet, so it is important to introduce some policies and procedures that help technicians to design the network. The new conceptual network which STP limited intends to implement will be used to connect the servers and clients at different locations. So, it will be innately susceptible to server based attacks that can potentially result in data breach. These attacks can be of different nature i.e. cross site scripting, SQL injection etc. in which the hackers can inject different scripts into the server and hack important data of STP limited. To encounter such attacks and to ensure data security, STP limited can use encrypting technique and hashing passwords to ensure data security, as advised by Telstra (2016). STP limited can also make use of web-application firewall to secure all applications that use http.

As STP is considering expanding its business in multiple locations, data breach can occur through many ways. For instance, if employees at any of the locations do not take proper measures to secure the data, STP limited can lose important data. There must be some policies made for staff to use storage and access data, digital technologies and customer information (Queensland Government, 2016).

Mobile Device Security

By virtue of mobile devices, employees get to work with ease, flexibility and mobility but there are always potential threats to data security because of using mobile devices at work place. There is risk of unauthorized access to content and unsafe downloading of apps that could damage the network (Ciampa, 2012).

STP Limited allows its employees to use wireless connection on their own devices at all four locations, to do business related tasks. It is currently beneficial for the company in a way that it prevents extra expenditures of buying company computers at the point but it also contains risks. Personal devices of employees can be used by others and there are chances of important company information being leaked. Therefore, BYOD (bring your own device) system should be stopped as soon as possible to prevent any data security threats. Meanwhile, training employees to keep the company data secure and safe is immensely important. As employees are an important asset of STP limited and have valuable information, hackers can attack them through social engineering attacks, by asking for small information from various different employees and then using the information against STP limited. To avoid this type of information leakage, STP limited should train its employees about all types of social engineering attacks.

Plan for hardware purchases

It is imperative for STP Limited to plan for the hardware purchases to compete with the competitors. A strong procurement strategy helps to identify the services and products that are needed for a company to run the operations smoothly. Research establishes that businesses which align their strategic and purchasing orientation have demonstrated increased performance financially and operationally (Batenburg et al., 2015). Hardware purchases can put extra burden on company’s finance department but it is important to keep products in stock to be prepared for unexpected situations that could stop or decrease the sales of STP Limited.

As STP plans to run vans that provide services to install the drawer fronts, it is important to know what equipment will van drivers need. Moreover, STP will also have to buy new and updated computer systems for its employees. To organize hardware purchase, STP Limited should create and maintain an asset register, budget predictions, reviews, strategies and policies. Knowing the usage of hardware by the staff should also be a part of purchase planning. If STP Ltd. plan to get reviews from staff on regular basis it will be easier for employees to inform the management about any concerns about hardware performance. Purchasing strategies will help the company to plan its budget for hardware purchasing. Company should also avail any opportunity to buy hardware for lower prices and for that purpose it is important to choose the right supplier. This process should be easier for STP Limited because it is relatively smaller business and it is easy to communicate between departments.

There are always chances to lose IT assets of a company which contain all details of in-stock products and items that are needed to be purchased. To avoid losing such data, an asset register can be made. This register will also be helpful to know when the replacement of a company hardware is due.

STP Ltd. has installed a new web based accounting system i.e. MYOB which has proven to be a great support for company’s day to day accounts dealings. Nonetheless, there are advantages as well as downsides of this system. Pros of MYOB include it being cloud based accounting system which allows staff to use it any time from any location which saves time. MYOB automates manual accounting systems that waste time and money. Manual accounting systems require multiple entries of same information while MYOB syncs information and saves time by automating credit notes, purchase orders and payroll. With MYOB, content updates occur in real time so that employees work with the latest information of accounting records. MYOB is also cost efficient which is a huge incentive for STP Ltd. because company is trying to control some extra expenditures. On the other hand, MYOB also entail data security threat because online content is vulnerable to hackers and frauds. Another drawback is that MYOB does not facilitate the beginners. Staff of a company has to be trained in web based systems to use it which can be cost and time consuming (R&G Technologies, 2014).

The following table shows the hardware being used in four locations of STP Limited.

Table 2: Identification of IT assets of STP Limited

Office Machine Age
Wollongong 2 Warehouse Machines

2 Warehouse Machines

2 Laptops

Accounts Machine

1 year old

2 years old

3 years old

1 year old

Sydney 4 Warehouse and 1 management desktop

The new machinery for manufacturing comes with its own system and is all new

6 months old

New

Bathurst 2 Warehouse Machines (desktop with POS software installed)

1 office machine

3 years old

6 months old

Lithgow 2 counter Machines (desktop with POS software installed)

1 office machine

5 years old

  1. months old

Business Continuity

The update of information system includes the implementation of cloud based applications MYOB, Salesforce and Trade Gecko which proved to be a brilliant way of managing STP Ltd’s growth and business continuity.

Trade gecko is an inventory management service that is used to make the inventory management of a business more accurate, seamless, strong and affordable so that the company can concentrate on actually enhancing its business. This app is easily affordable and useable for small business like STP Ltd. It has some positive elements like integration, customization, easy to use and support quality. Tools of this app let the users transfer stoke data between warehouses in less time, specifying the locations at a specific time, which is one of the needs of STP Ltd. With this app’s private B2B e-commerce portal, customers of a company log in and only see their assigned pricing and particular location where they can order, so this system maintains a business’s privacy. Soma other advantages of trade gecko include relationship management, cost tracking, custom pricing models, shipping management, supplier management and traceability. However, trade Gecko also includes some disadvantages including lack of POS support, inability to design manufacturing cycles like bill of materials and batching and lack of support drop for shipping as well (Trade Gecko: Pros and cons of the top inventory management software).

The customer management system newly implemented by STD Ltd. is Salesforce which is used to inject consumer technologies into business applications. Salesforce is based in cloud and it supports all major browsers. It requires no software and there are no hardware requirements either, so business can get started quickly and reduces training cost. Nevertheless, it is expensive for small business and is not suitable for companies which send 1000 emails per day as it has limits. Another drawback of this app is that forced updates occur when using this CRM because all clients are receiving the update simultaneously as it is a single tenant system (Gaille, 2015).

Other points that need to be considered while analyzing business continuity are data backup, physical security and succession planning.

Data Backup

STP limited has been using cloud computing software applications and there is no need for backups of these applications. However, data related to daily POS transactions is needed to be backed up and experts suggest that this kind of backups should be stored offsite to ensure the continuity of business in case of a situation that results in losing the backup. Nonetheless, hackers can also use of this data backup technique and retrieve important information regarding STP limited. To avoid the misuse of data backup, STP limited should use M of N technique that does not allow the back up and recreation of important and secret information. STP limited should backup key material and distribute it only amongst ‘M’ employees to prevent data backup by unauthentic sources.

A person at the top has a digital certificate with a private key beneath her.  Below the digital certificate are six individuals, labeled Part 1 through Part 3 for each of the two groups.  Three of the individuals are encircled and labeled “M group.”  All six individuals are encircles with the “N group.”

Fig 1: Diagrammatical illustration of how M of N control can be used to prevent data recreation. Only M employees will have access to key data (Source: Ciampa, 2012)

Physical security

Companies often get too concerned about the security of internal data that they neglect the importance of physical security for data protection. Therefore, STP limited should make sure that the buildings of all locations, where it intends to operate, are strongly secured and do not allow any intruder. The physical security includes guards, fences and protection from fire and other natural calamities like floods, earthquakes etc. (Ciampa, 2012).

Succession planning

There must be a proper planning to take measures to succeed a key employee who is unable to attend the work for longer period of time. So, it is important for STP Ltd’s management to identify the skills of the employees who could replace such an employee. An efficient model which STP limited can use for succession planning is nominal model. In this model, one or two potential successors are nominated who the management deems capable of filling any vacant position (HFI, 2015). The management of STP limited can evaluate the capabilities of employees by regular performance evaluations and then nominate successors for every position so that time elapsed between finding a successor and then filling a vacant position can be minimized.

Risk Management

STP Ltd is experiencing a rise in business growth and technology upgrading. Management must be concerned about security and privacy of system and business. Small businesses often associate security with virus related concerns (Gupta & Hammond, 2005). However, there are some other factors which can threaten the security and privacy of a company. Following table describes those risk factors, their likelihood and their impact on the operations of STP limited.

Table 3: Risk management strategies that STP limited can use to encounter various risk factors.

Impact Risk management actions
Significant

Moderate

Minor

Employees do not understand the technical implications of new network system STP limited fails to implement encryption and other techniques to secure data Theft of intellectual property
Physical security of the data is not maintained. Network failure occurs due to rain or fire STP limited loses valuable data.
Employees do not understand the legal implications of network system. Employees fail to comply with legal regulations of the firm. STP limited does not pursue the opportunity of business expansion due to network failure
Low Medium High

Likelihood

Training and awareness

For small business like STP Ltd, it is not easy to train staff as it needs extra investment and time, but it is very beneficial to minimize the risks faced by the company. According to Ciampa (2012), three element risk model is efficient to train employees, which includes prevention, detection and corrective actions, out of which, prevention is the most effective one.

Integration technology

Integration of the information system for real time reporting has an ability to provide STP Ltd with more potential than with the adoption of SaaS (software as a service) model. Integration of the applications is possible through mashups which are similar to web pages that combine external sources and through platform as a service (PaaS) (Mahmood and Hill, 2011, pp. 59). An example of PaaS is force.com which enables independent software vendors to build and run applications on the same infrastructure as Salesforce (Mahmood and Hill, 2011, pp. 59).

Conclusion

The main objective of this report was to evaluate the newly installed information system at STP Ltd. SWOT analysis of information system shows that the system offers more opportunities than threats to the company. The paper investigated the threats posed by system to come up with plausible solutions. Security threats related to this system were thoroughly evaluated in the report. The usefulness of new system was studied with regard to STP Ltd.’s information/data, business continuity and its compliance with firm’s regulations. It was found that there are some issues which are needed to be resolved to protect the assets of the company. Management needs to introduce and implement some policies regarding security issues. As far as business continuity is concerned, there is no current succession plan in order to replace a key employee in case of an emergency. As shown in the case study, STP Ltd is experiencing a rapid growth in its sales, so the company has to modify its business practices to gain maximum profits. For this purpose, the management should resolve the issues according to the solutions suggested in this report.

Learn how can Essay Assignment Writing assist you

We are a team of professional assignment writers, essay experts, editors, proofreaders and tutors. We
can help you with all your projects, dissertations and reports. We guarantee a service that satisfies you
100%.

Recommendations

To maximize the benefits offered by newly installed system, it is recommended that STP Ltd. should

  1. Introduce policies and procedures that are helpful for business continuity and data protection.
  2. Prevent server-based attacks like SQL injection, cross-site scripting via encryption and hashing passwords.
  3. Minimize the use of mobile devices and BYOD to prevent security threats to company data until security protections are provided and employees are trained to combat social engineering attacks.
  4. Create an asset register to support the strategies made for hardware purchase.
  5. Prevent data loss by using a cloud base system that will provide offsite backups of organization. Data backup by hackers can be avoided using M of N control.
  6. Use nominal model for succession planning to find an equally talented replacement of a key employee who is unexpectedly absent for long term.
  7. Establish an awareness and training program for STP Ltd.’s employees for data securing management.

References

Ciampa, M., 2012. Security + guide to security fundamentals. 5th edition. Cengage, Boston.

Crawford. M, Horstmann. B, Keller. S, Powell. A, & Predmore, C. (2005). ‘Information security threats and practices in small businesses’, Information Systems Management, 22 (2), pp. 7-19. Retrieved from http://ezproxy.usc.edu.au:2048/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=heh&AN=16195727&site=ehost-live

George. E., 2013. ‘5 steps to planning for internal successors in a small business environment’, Journal of Financial Planning, 26 (8), pp. 21-23. Retrieved from http://web.b.ebscohost.com.ezproxy.usc.edu.au:2048/ehost/pdfviewer/pdfviewer?sid=46892c54-447f-43c5-8e15-93f417c642d0%40sessionmgr102&vid=1&hid=116

Gupta, A. and Hammond. R., 2005. ‘Information systems security issues and decisions for small businesses: An empirical examination’, Information Management & Computer Security, 13 (4), pp. 297 – 310, Doi: 10.1108/09685220510614425

HFI, 2015. 3 Models of Succession Planning [Online]. HFInsight. Retrieved from http://www.hfi.com/articles/three-models-succession-planning (Accessed 16.10.2017)

Queensland Government., 2016. Key components of a digital strategy. Retrieved from https://www.business.qld.gov.au/business/running/technology-for-business/digital-strategy/key-components (Accessed on 8th October, 2017)

Tansey, S.D., 2003. Business, Information Technology and Society. Psychology Press.

Telstra., 2016. ‘Broadband security’. Telstra Corporation. Retrieved from https://www.telstra.com.au/support/category/broadband/security/what-is-telstra-network-security Accessed 9th October, 2017

Mahmood, Z., Hill, R., 2011. Cloud Computing for Enterprise Architectures. Springer Science & Business Media.

Like this article?

Share on facebook
Share on Facebook
Share on twitter
Share on Twitter
Share on linkedin
Share on Linkdin
Share on pinterest
Share on Pinterest