Case Study – Architecture Firm
Â
Â
Â
Â
Â
Â
Â
Â
Â
Â
Â
Â
Â
Bellevue University
C
YBR
510
as of:
July 2014
CYBR
510
Case
Study
–
Architecture Firm.
Dalton, Walton, & Carlton, Inc. is
an architecture firm with approximately 250 employees in
four cities in a regional area. The main office is in Kansas City, Mo, which houses 100 of the
employees. The main office is located in a
small office park in a
suburb
an
neighborhood
near
the Unive
rsity of Missouri, Kansas City, Volker Campus
.
The satellite offices are in downtown
Des Moines, IA, Springfield, MO, and Omaha, NE.
Their physical security infrastructure
for the main office
is as follows:
o
The main office building is three stories t
all with Dalton, Walton, & Carlton, Inc. occupying the
top two floors. There are two, unrelated businesses on the first floor.
DW&C leases the floors
from a management company.
o
The building as one elevator along with a front and back staircase.
o
The bui
lding uses standard windows that are slightly tinted, but you can still see in from outside.
The windows do not open.
o
Both floors are basically laid out the same. Each floor has:
o
Drop ceilings used throughout.
o
Six offices on the exterior and two interior
offices.
o
One large conference room and two smaller ones.
o
The third floor as a small reception area monitored by an administrative assistant. There is a
locked door leading from the reception area to the back offices that required a key card.
o
The admin has a master key card kept in a desk drawer.
o
Visitors are provided with access badges that they sign out and are supposed to return each day.
These allow access to the full facility except for the server room.
o
When visitors sign in, they nee
d to provide the name of their contact, but don’t need to
be escorted when in the facility.
o
Access to
the building and
the floors is controlled with a key card access. This access allows
entry at a front and back door
s
on each floor. It is also used to
control the small server room
on
the third floor
.
o
The building management company administers the key card access server.
o
The front and back doors for the building open automatically at 6am and lock at 6pm,
Monday through Saturday. All other times
they are locked requiring key card access.
o
The door to the DW&C third floor reception is unlocked from 7am
-
6pm Monday through
Friday.
o
The exterior and primary interior doors all have alarms that go to DW&C facilities manager and
the building manager. Th
ey are deactivated during business hours as noted above. The alarms
have the capability to trigger if the door is propped open, but that is not used due to past false
alarms.
o
The server room
on the third floor
used to be a storage closet.
o
When it was
converted, they added raised floor and extra air handling.
o
There’s also
are two
Tripp Lite SMART1500LCDT
UPS towers that are expected to
provide 90 minutes of power in a blackout.
o
IT also uses this facility to build and maintain servers and PCs.
o
The I
T
staff all sit
outside the server room / closet. They will occasionally prop the door
open when they are frequently accessing the room.
o
The building uses dual HVAC systems run by building management.
o
There is one telecommunications drop for the building.
Bellevue University
C
YBR
510
as of:
July 2014
o
The main power breakers for the building are on the first floor in a room locked by building
management.
o
Each floor has power breakers in an interior coat closet.
o
That area on the second floor is a
storage closet
housing business supplies.
o
The CEO and CFO both have corner offices on the third floor. Access is controlled with a
standard key. Each of their offices contain multiple, lockable file cabinets
containing company
sensitive documents
.
o
Employees that aren’t in
offices are in standard cubes with 5 foot walls.
o
All employees have desks and cabinets that lock
.
o
The CFO’s admin assistant controls all of the keys. She also has master keys to access any room,
desk, or cabinet that she keeps l
ocked in a small safe under her desk.
o
There are five security cameras spread throughout the building as follows:
o
External Front Door
o
External Back Door
o
Interior front stairwell on the first floor
o
Interior back stairwell on the first floor
o
Facing the ele
vator
The camera feeds go to a single DVR unit managed by building management.
The CCTV’s
are in the building mailroom on the first floor where they are monitored by
the facilities
manager and
mail room personnel.
Their physical security
infrastructure
for the three remote offices
is as follows:
o
The remote offices have approximately 50 employees and are used by sales and local design
teams
.
o
The offices are located in the downtown areas of
Des Moines, IA, Springfield, MO, and
Omaha, NE
.
T
he intent is to have offices in close proximity with customers.
o
DW&C leases building space for these offices
.
Each is in a multi
-
story office building where
DW&C uses a floor or a portion of a floor. Each facility is managed by local building
managemen
t.
o
Each
building uses standard windows that are slightly tinted, but you can still see in from
outside. The windows do not open.
o
There are offices and standard cubes in each facility. The senior director at each facility is also
responsible for the sa
fety and security of that facility.
o
Access to each facility is controlled using key cards administered by local building management.
These systems are not tied to the main office’s key card system.
o
Each facility has cameras so you can know who has ent
ered/exited the building. Only one of the
buildings has a camera on the interior door to access the DW&C offices.
o
An admin sits near the front door and monitors visitor access, but this is a part
-
time duty.
o
The doors are unlocked
and unarmed
based on t
he same schedule as the main office.
Their
IT
infrastructure is as follows:
o
They primarily use Microsoft servers and PCs with a number of Mac computers used to perform
design work. They use Active Directory,
have a Web Server for their Internet web site, four
servers used as file shares (one in each office),
four
servers
housing their architecture
Bellevue University
C
YBR
510
as of:
July 2014
applications
,
a training server,
five
MS
SQL database servers
, and two Microsoft Exchange
servers for email
.
o
Each satellite office has 3
-
4 servers for storing files and running local applications.
o
Each office has its own, decentralized wireless network connected to the production
network.
o
Each employee has a desktop or laptop PC running Windows 7.
HR personnel ha
ve
laptops for conducting interviews.
o
There is a Director of IT who has a full time staff of 5 employees, one of which does security
duties part time.
There are a few known issues with their infrastructure and organization:
o
Recently, a number of PCs and
office equipment has been stolen out of the office.
o
It’s at the data owner’s discretion as to whether or not to secure their data files or folders.
Many do not
secure
their files, while some lock them so only they have access. There have been
rumors that
customer data and intellectual property have been lost.
o
Two employees recently left your company and went to your biggest competitor, where they
just landed a contract with your largest account.
o
Vendors are allowed access to the site and computers without
authorization or supervision.
o
Onsite staff at each location provides IT support part time along with their other responsibilities.
Password resets are done by giving out a generic password
—
Chiefs2011
.
See the specific assignment requirements on the we
ekly assignment’s page.
Â
Answers
Status NEW
Posted 10 Sep 2017 03:09 PM
My Price 10.00
----------- He-----------llo----------- Si-----------r/M-----------ada-----------m -----------Tha-----------nk -----------You----------- fo-----------r u-----------sin-----------g o-----------ur -----------web-----------sit-----------e a-----------nd -----------acq-----------uis-----------iti-----------on -----------of -----------my -----------pos-----------ted----------- so-----------lut-----------ion-----------. P-----------lea-----------se -----------pin-----------g m-----------e o-----------n c-----------hat----------- I -----------am -----------onl-----------ine----------- or----------- in-----------box----------- me----------- a -----------mes-----------sag-----------e I----------- wi-----------ll
Not Rated(0)