Code Galore Caselet.vaibhav

Vaibhav D Puslekar

Code Galore Case let

1) What are the most important business issues and goals for Code Galore? Sales becomes slower than it has been anticipated due to a mix of the financial recession and the high cost and complexity of the code gal ore’s software. Some of the goals:  To increase the sales.  To achieve profit for investors.  For reducing the software complexity. 2) What are the factors affecting the problem related to this case?  Present economic recession.  Difference in Knowledge about security measures Within code galore and sky haven.  Competition from other Business function automation software in the market. 3) What are the managerial, organizational, and technological issues and resources related to this case?  1.Because of knowledge issues between sky haven and code galore managing information security becoming difficult.  2.CFO of Code galore focusing more on financial issues than on creating a vision for developing more business.  3.Bots are being used instead of security Engineers Information security issues as sky Haven does not require password to access the servers.  4.Employees are resigning because code gal ore’s financial issues.

4) What role do different decision makers play in the overall planning, implementing and managing of the information technology/security applications?

    

CSO CTO Systems analyst Programmer Sales Manager

5) What are some of the emerging IT security technologies that should be considered in solving the problem related to the case? They need to focus on some of the policies given below:  As the source code of the Code galore is on the server that has a threat of getting unauthorized access, they can try installing some good anti-virus software, or try to sanitize the code that they have and change the storage and backup if it comes within the expenses.  They need to make sure that right people get the access to the sensitive information as now sky heaven is being merged with code galore.  Also as the Sky Haven software is being merged, they have to make sure that, the software has no security threats and is protected.  There should be awareness and proper training among the employees in order to make sure that they follow good security practices, and in future they take precautions accordingly.

6) In what major ways and areas can information security help the business in reaching its goals? There will be numerous results of the model's usage that made an arrangement of security's and the business association's objectives for the endeavor. On a standard premise, security evaluates new innovation and makes particular suggestions to the business executives about security upgrades during sales. The risk assessment proves beneficial to identify the technology protocol appropriate for the specific campaign.

7)Which of the confidentiality, integrity and availability (CIA) triad is most critical to Code Gal ore's business goals, and why? The most important goal is to recover all the losses and to reach the company to a profit level in terms of success and finance. As mentioned they want to setup the WAN very quick in order to make sure they do not have to waste a lot of time in setting up communication between the employees of the companies. Also to make sure their code is secure, they need to be sure whom they will be giving the access. 8) Change leads to risk, and some significant changes have occurred. Which of these changes lead to the greatest risk? One of the biggest risk is to carefully decide who gets access to the sensitive information and will the Sky haven employees have access to Code Gal ore’s sensitive information.

9) Imagine that three of the greatest risk events presented themselves in worst-case scenarios. What would be some of these worst-case scenarios?

The worst case scenario is if there comes a security attack in the sky Haven software after the merging. Second worst case if the wrong person gets the access, there is a threat of leaking of sensitive information outside or to the competitors. 10) How can the CSO in this scenario most effectively communicate newly and previously identified risk events that have grown because of the changes to senior management? According to me There is a need of examining that what kind of risks have been taken in the past time and also to document everything. Also there is a need to document all awareness and precautions that they have to take based on the past scenarios and the risks that they want to prevent in future. I think CSO should discuss this issues with the higher authorities and employees in the meetings and later come up with a best possible solution which will help the company recover financially.