Kudler Fine Foods is a company with three locations each overseen by a store manager. The resources in the company include laptops, scanner/printer/fax machine and are authorized to be used according to the following rules:
Desktops and laptops are authorized to be used by the store manager, President of the company Kathy Kudler, and the president’s administrative assistant.
Printers/scanner/fax machines can be used by all the employees wherever they are located plus the president and the president’s, administrative assistant
The director of store operations is authorized to use any equipment in any location
The following group objects implementing group policies can be implemented
Group Policies are essential in the current business age in order for organizations to increase revenues and minimize the complexities of managing a huge IT infrastructure. An inspection of the operating system reveals that there are threats such as administrative errors, disk failures, natural disasters and the impact of unauthorized changes to data. These threats impact the operation of the company in a negative way. In order to bypass these threats it should be realized that Group Policies need to be implemented. A plan of action is as follows:
PLAN OF ACTION
Creating a uniform user experience
Since users are not confined to a single computer in the workstation, the use of multiple computers should be managed. This can be done in form of restricting access levels and privileges. Different computers should be customized to perform different functions and their access levels restricted to specific personnel.
Security is an important aspect in the company. As such, authentication protocols and authorizations techniques involved in Active Directory should be documented to track log ins and access to particular files and folders. This form of auditing will ensure that every action is has a level of responsibility accorded to it and in case of a security compromise, relevant personnel are held responsible. This applies mostly to unauthorized user access and data alteration as well as disk failures and administrative errors.
Attaining organizational wide use of policies
Organizational wide use of policies is essential to achieve a unified standard and theme for all computer resources and related devices. Computers should be customized to bear a single wallpaper, screen savers and interactive log on messages. Attaining uniformity not only protects the resources from abuse but also maximizes employee productivity. It also eliminates some administrative threats that come with the use of company resources for personal gains.
AREAS OF INVESTIGATIONS
In order to execute the plan effectively the following utilities might be investigated:
The two types of GPOs are investigated. Those linked with the Active Directory Infrastructure and those locally configured on the directory tree itself. Within the directory, GPO s are linked to the following levels
- Organizational Units
An investigation of the current policies in place such as disk allocation for each department and the management will provide more insight onto the design of the relevant Group Policy Objects and better management of the organization to reduce risks. The problem of disk error might be stemming from uncontrolled disk allotted to certain quarters in the company. If the business dictates that the disk quota should be 100MB for workstations and if this requirement is not implemented, overloading of the disks will ultimately results in disk errors.
Access rights of the various employees and the management need to be considered. If employees are accorded excess rights to company documents and information in excess of what their cadres permit, probability of abuse and alteration of the organizational data is high and as a result, integrity, confidentiality and availability of information cannot be guaranteed.
Contingency plans to gather for natural calamities need to be taken into consideration. For instance, in case of natural calamities such as floods and fire, are the company data and information safe? Is there a data replication and backup mechanism to gather for any eventualities? Are the backup mechanisms in place safe or are they located in the same location as the organization? These are the questions that if investigated will lead to a design of a functional back and restore mechanism in the organization.
Other than these, the need definitions, rights and responsibilities of every employee, manager, and director is required. An investigation into their terms and conditions of work will aid in the design of a plan of action that will safeguard the company against internal malicious users.
Carvalho, Leandro. Windows Server 2012 Hyper-V Cookbook. Packt Publishing Ltd, 2012.
Darren Mar-Elia, Derek Melber, William R. Stanek, The Microsoft Group Policy Team. Microsoft® Windows® Group Policy Guide. O'Reilly Media, Inc, 2009.
Moskowitz, Jeremy. Group Policy: Fundamentals, Security, and the Managed Desktop. John Wiley & Sons, 2012.