Our organisation, after implementing mobile services the process of moving to the final cloud solution has discovered that a lot of the expected benefits have not been achieved. While the staff agree and can see how the new untethered access to business data and services can help in their day to day activities. The overhead of using the services due to authentication has resulted in poor acceptance of the system by the employees.

The security mechanism was imposed to limit the likelihood of having long term connections running from external connections. The limitations were put in place to minimise the load on the connection servers and also limit the possibility of unauthorised external entity not being identified early by the intrusion detection systems. The organisation has a large number of external business entities who regularly connect to the organisation resources as part of cooperative business processes.

After discussion with the system users a number of issues were discovered. Firstly, the system was designed so that the security management was pushed onto the mobile devices making the use of the service disruptive to the users. The accessing of different services while using mobile devices required a separate login in to each service. Not only that, but prolonged inactivity would shut down the connection to the mobile device requiring a twostep process to re-establish a connection to the device then reconnection to the service. Also it was discovered that while the system is supposed to support roaming in reality only certain services were accessible from different part of the organisation while utilising wireless devices.

The planned eventual move to the recommended cloud services has also been put on hold due to the current reports in the media of the Transport Layer vulnerability. The general consensus amongst the board of managers is that the cloud solutions may not be suitable or secure enough for their business requirements. As a result the idea of creating our own private cloud storage solution with virtualised servers to minimise the hardware requirements and management might be a better and a more secure solution.

The organisation grew up at a fairly fast rate and has moved through a number of IT solutions over the years. All the solution have been home grown and designed in house to meet the know challenges. As a result the solutions tended to be only short lived forcing a redesign in a shorter period than originally planned. For the next major redesign (the planed private cloud and virtual servers) the organisation is considering going through a tender process in the hopes of designing system that is better able to meet the future needs.

You have been tasked with writing a report to explain and explore the following technology and services:

a) There is evidently a problem with the current design in that the use of the wireless devices is more burdensome then it needs be and the access limitations the employees are experiencing. Describe the possible design problems and discuss possible solutions to make the current design more productive to the organisation?

b) Research and describe Transport Layer Security (TLS) and how it operates to provide secure communications. Report your findings in the operations of TLS and its impact if we were to move to a private cloud as suggested. Are we as an organisation going to be able to make ourselves more secure and better able to protect from unauthorised access.

c) Building a private cloud storage and virtual service type solutions sounds like a solution that provides the best of both world. Research and report on the advantages and disadvantages in building our own cloud and virtualised service type solutions. Make a recommendation with justifications as to how they should proceed (private or public type of solution)