The three subproblems identified were that of policy, marketing, and tracking. The final system solution would be applied to solve the given sub-problems in the following ways.
Policy and Training
The final system solution for the policy and training involved a non-COTS recommendation of creating a Chief of Information Security Officer (CISO) position. The following table presents the context of the policy and training problem and how the solution of a CISO position will be applied.
Delegate your assignment to our experts and they will do the rest.
Policy and Training Problem | Solution through CISO Position |
Design of policies and keeping them updated | The CISO is knowledgeable about policy design |
Customized policy and training for the employees. | The CISO understands company’s needs and would customize the policy and training accordingly. |
Policy to meet industry standards | The CISO will be knowledgeable about industry standards on cybersecurity policies e.g. NIST SP 800-53 or ISO/IEC 27002 (Tariq et al., 2016). |
Policies to meet employee’s needs | The CISO should design a training curriculum for employees based on their current knowledge. |
Policies the right policies for cybersecurity needs | The CISO should search online and formulate policies that should meet the organization’s cybersecurity needs. |
Finding the right training for policies | The CISO should create an online security awareness training program that meets the cybersecurity training needs for employees. |
Marketing
The final system solution for marketing was the use of COTS solution through Google Ads and a non-COTS solution using YouTube. The following table presents the context of the marketing problem and how the solution Google Ads and YouTube will solve it.
Marketing Problem | Solution through Google Ads and YouTube |
Finding the right marketing solution to fit FAACI’s needs | Google ads is compatible on different platforms, operating systems, and a large audience |
Target marketing and advertising | Google Ads allows for population segmentation and audience targeting |
Secure marketing | Google Ads incorporates multi-factor authorization (MFA) with increased security (Dasgupta et al., 2017) |
Scalability of marketing | Google Ads provides a scalability for marketing depending on the company’s budget |
Marketing costs | Google Ads has no minimum startup costs and can vary from $12 to $30 a day to $365 to $912 of monthly advertisements based on 150 to 570 clicks. |
Awareness and education | YouTube will be used for education using videos on how to install and apply the system. |
Ease of campaign and event promotion | YouTube allows for easy promotion and campaigning to spread news about upcoming events and latest campaigns. |
Tracking
The final system solution for tracking involved using Microsoft Intune services. The following table presents the context of the tracking problem and how the use of Microsoft Intune services will solve it.
Tracking Problem | Solution through Microsoft Intune Services |
Tracking employee location and data | The solution offers comprehensive tracking of location and data. |
Delayed development in tracking | The solution can be deployed quickly with no delays |
Compatibility problems | Easily computability with several systems |
Liability problems | Sensitive data stored with increased security to prevent liability problems |
Scalability problems | The solution can be scaled up as the organization grows |
Costs | Affordable going at $14.80 per month per user. |
Description of the COTS Package Proposed – Microsoft Intune
The proposed COTS package proposed for tracking is Microsoft Intune, a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). When installed by the employees, the management should monitor various information like the device owner, device name, device model, device serial number, device IMEI, and other app inventory and app names. The organization will also provide corporate devices that allow for additional viewing of information like the phone number, location, network information, device storage paces, and app inventory details (Katzer, 2018). The information will facilitate a robust approach to tracking the company’s resources. Microsoft Intune will also facilitate an improvement in the management of the company’s mobile devices and improve the security of the organization. The organization can manage different devices like laptops, tablets, and mobile phones and prevent emails from being sent outside the organization.
Intune offers several features that FAACI can apply to improve its services and cybersecurity infrastructure. The system integrates with Azure Active Directory (Azure AD) facilitating a better control about the individuals with different access to information and what they can access. It also integrates with Azure Information Protection that enhances data protection. The software can also be deployed with other programs such as OneNote, Microsoft Teams, and Microsoft 365 apps enabling people in the organization to be productivity on their different devices. The cost consideration for Microsoft Intune are expected to vary from
Administrators that use Microsoft Intune for tracking can engage perform different functions. The administrator can view the devices enrolled and get an inventory of all the devices that access the organization’s resources. One can configure all the devices to ensure that they meet all the security standards. The use of VPN and push certificates can also be applied to ensure that different users access the Wi-Fi network safely. The software also makes it possible for the administrator to view the logs and reports on the devices and users to critically analyze a complaint. In case a device that accessed is stolen or lost, the administrator can delete all the data. The use of Microsoft Intune can improve the organization’s tracking and also facilitate an improvement in the security infrastructure.
Finalized Protocols, Rules, and Policies for Marketing
The protocols, rules, and policies for the marketing sub-problem will be outlined as follows. The organization should ensure that the marketing approach will first involve understanding and knowing the target audience. Before any marketing, there will be a research on the audience to understand the specific target market. A segmentation of the target market should be done to allow for the personalization of the marketing strategy (Gajanova et al., 2019). The messages included in the marketing strategy should be short and motivated towards the target market and make them take the required action. Any form of marketing undertaken by the organization should have a clear strategy in a written format submitted to the company’s executives.
All marketing and advertising should follow ethical guidelines and a specific code of conduct. They must be accurate in the description of products and services. They should also be legal, truthful, honest, and socially responsible. Social responsibility will involve not encouraging activities that influence anti-social behavior or activities that are unsafe and illegal. The marketing department should also adhere to cybersecurity protocols. Any form of marketing that could negatively impact the company’s cybersecurity infrastructure should be avoided. The legal constraints established by the government for marketing should be followed when undertaking the marketing. Examples of the legal framework that should govern the marketing procedures include the Data Protection Act of 1998, the Consumer Protection from Unfair Trading Regulations, local health watch regulations and regulations stipulated by local authorities and NHS bodies (Martin & Murphy, 2017). Following the marketing policies should ensure that the organization engages in the correct practices for its marketing services.
Description of Training, Advertising, Websites in Marketing for Current and Future Customers
Current Customers
The organization currently incorporates multiple policies for its advertising, marketing and tracking to ensure that current customer information is secure. The organization uses trusted approaches for marketing such as Google Ads that offer robust security ensuring that the company’s resources and client information are always safe. The tracking software implemented through Microsoft Intune also incorporates latest security protocols and unauthorized third parties will not access the company’s resources. The employees also go through periodic training activities regarding how to maintain and improve the organization’s security infrastructure. All customer data is kept in a highly secured database. The company upholds the privacy of its customers and does not share the information gathered in the company’s websites or from interacting with customers to third parties.
Future Customers
The training administered to the employees will ensure that it meets the future security needs of the organization. The training will be administered remotely to ensure that all employees can access the training quickly regardless of their location. The training will be centered on the future needs to ensure that all employees will be updated regarding how to keep the organization’s information secure. The organization also strives to continually improve the security culture in the organization. One of the critical considerations for implementing CTO and non-CTO resources involves the cybersecurity infrastructure. All the company’s employees should understand that security is part of FAACI’s story and culture. Future customers can also choose the kind of information that should be gathered to the company through the websites. Future customers have the option of sharing limited information with the company for improved security.
References
Dasgupta, D., Roy, A., & Nag, A. (2017). Multi-factor authentication. In Advances in User Authentication (pp. 185-233). Springer, Cham. https://doi.org/10.1007/978-3-319-58808-7_5
Gajanova, L., Nadanyiova, M., & Moravcikova, D. (2019). The use of demographic and psychographic segmentation to creating marketing strategy of brand loyalty. Scientific annals of economics and business , 66 (1), 65-84. https://content.sciendo.com/downloadpdf/journals/saeb/66/1/article-p65.xml
Katzer, M. (2018). Microsoft Secure Score. In Securing Office 365 (pp. 97-156). Apress, Berkeley, CA.
Martin, K. D., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the Academy of Marketing Science , 45 (2), 135-155.
Tariq, M. I., Tayyaba, S., Ashraf, M. W., Rasheed, H., & Khan, F. (2016). Analysis of NIST SP 800-53 rev. 3 controls effectiveness for cloud computing. computing , 3 (4). https://www.academia.edu/25433940/Analysis_of_NIST_SP_800-53_Rev.3_Controls_Effectiveness_for_Cloud_Computing