Case study 2-2 Essay Example for Free

Case study 2-2 Essay Case Project 2-2 I would determine whether an investigation is required for this type of situation. I would make am initial assessment about the case that I will be investigating. Meanwhile, determining the type a design of approach for this particular case. I would then estimate the time of each step, when the check was issued and as the amount. I would ask Jonathan to interview the other individual who has access to the company’s accounting program. I would review the company computer as well as the accounting program and see if there are any significant documents; which would including the company checkbook and ledger, as well as contact the bank for the most current bank statement. Any type of information pertaining or related to that particular check, which was issued during that time. However, if cleared, then further investigation has to be done. I would examine that employee’s email for anything suspicious as well as surveillance cameras within that office. I would also study the suspects work habits as well. I would ask Jonathan to locate and itemized any details of the subcontractor’s job amounting to $10,750 and the facts of the check for the amount $12,750. I would try to find the facts of the $2,000 difference, if available by comparing bank statements, and the accounting program. I will inform him to be very watchful of any relevant information that may eventually be evidence in this type of criminal case, which could be employee theft or embezzlement. If this other person beside Jonathan is involved in this crime and not being an  accounting error, has taken place, I would recommend Jonathan to allow me to further my investigation with this company.

Essay --

Throughout poetry, drama, and fiction, there exist themes and symbols that give readers a dose of reality and human experience. People read literature and end up learning new facts about themselves that they never knew before. This usually happens when the reader is reading literature that they can relate to. An example of this is coming of age stories. When adolescents read these stories, they realize that they share the feelings of the characters and have even had similar experiences. In these stories, the main character is trying to figure out who they are in the eyes of other people. But what they do not know is that they must discover their own identity before other people decide who they are. Two stories that make use of this theme are Araby by James Joyce and A & P by John Updike. Both of these stories feature characters that are coming to terms with their fantasies and realities, and this relates to readers because it deals with the idea of people wanting what they cannot have. In A & P, the narrator, Sammy, observes three young girls, dressed only in bathing suits, who enter the supermarket in which he works. Sammy notices these girls immediately and takes note of every detail of their being. He especially pays attention to the leader of the girls, whom he calls â€Å"Queenie† (Updike 33). Queenie and her friends enter the supermarket believing they are â€Å"decent† (Updike 35). Every customer in the store watches them, and they enjoy the attention they are receiving. The act of entering the store in only bathing suits shows that the girls are both confident and innocent. They do not know that they are dressed inappropriately, and they are clearly comfortable enough with themselves to walk in wearing bikinis. ... ... Queenie was innocent of the fact that she was dressed inappropriately. She entered the store in a bikini because she was confident of herself, not because she was rebelling against the rules of the store. Sammy’s thoughts of Queenie were merely an illusion. The narrator from Araby is different. He does not have a specific vision for his life, but rather a desire for change. His life in Dublin lacks in excitement, and compensates for this by obsessing over Mangan’s sister. He desires fulfillment and satisfaction from change even though he is uncertain of what change will bring. He thinks change will bring adventure and exhilaration, but he learns at the bazaar that it is nothing more than accents and vases. Both of these stories can relate to readers because they both deal with the idea of wanting what we cannot have. Fantasy is very different from reality.

Aircraft Solutions Essay

SecurityAircraft Solutions Security and Policy Assessment Table of Contents Executive Summary1 Company Overview1 Security Vulnerabilities1 Decentralized Anti Virus1 Access Control List Policy3 Recommended Solutions6 Bitdefender6 AlgoSec Security Management Suite7 Impact on Business Processes7 Budget8 Summary8 References9 Executive Summary As Aircraft Solutions takes the next step in its growth, it is imperative that its IT infrastructure keep pace as to not counteract gains made by the company during this expansion. This is especially important given it designs and fabricates components for both commercial and defense related industry. Given the increase in staff as well as outside vendors accessing the network, a more centralized approach to antivirus protection has to be adopted. It is equally important that certain elements within the network that have been done manually, such as Access Control List policy, be automated to avoid consuming the IT department in an ever escalating bar of employee hours. Company Overview Aircraft Solutions operates within California in two separate physical locations in San Diego and Santa Ana. Working within both commercial and defense industries, their products are used globally. Aircraft Solutions is overtly technical in nature utilizing Business Process Management (BPM) for end to end processes that interacts with customers, vendors, and suppliers. BPM also fills a critical role of internal communications for IT to ensure customer needs are being fulfilled precisely as they have been ordered. Security Vulnerabilities Decentralized Anti Virus In reviewing the software utilized by Aircraft Solutions, it is stated that security is handled by anti-virus software that is independently operated for all workstations and servers. This seems to be a continuation of the host centric theme as evidenced by host based IDS. Whereas host based IDS can be seen as a more viable alternative to network based IDS, the same cannot be said for anti-virus software in this scenario. Given that the company operates two individual physical locations that run the gamut from design to production, it can be assumed that their employee pool is not small despite actual numbers not being mentioned. With these numbers, it is quite unlikely that all employees are maintaining their due diligence in ensuring that they are properly updating their anti-virus applications and operating them in such a manner that they are being used efficiently. The primary weakness of this policy is that the end user is responsible for its upkeep. It is reasonable to assume that someone working in a loading dock may not have the same level of computer aptitude as an engineer and would be more likely to cause a break in security by allowing a virus into their computer and threaten the network (Department of Homeland Security, 2012). As security is only as strong as the weakest link, this opens the proverbial floodgates of illicit access to the company network. This is problematic in that official statistics gathered in 2012 estimated that the United States ranks third in the world with 50. 1% of all unique users detecting threats from a virus (Kaspersky Security Bulletin, 2012). The most common virus credited with 75. 01% of all online attacks with 712,999,644 instances are malicious URLs (Kaspersky Security Bulletin, 2012) that can infect a computer without the user even realizing what has occurred. Not even anti-virus software will keep a user completely safe as it is reported that 32% of all users have been infected with a virus despite such protection measures (Zorz, 2010). Once infected, viruses can either cause extreme lag with the network, slowly gather information to be used against the company or sold to anyone willing to purchase it, or even cause damage to physical components used in the business (Weinberger, 2012). There are many other nefarious effects of an infected computer within a network that can cripple productivity and cut into the revenue generating capacity of the company. When you take into consideration that a slower network will cause a decrease in company production and will not reduce the cost of daily operations in terms of equipment, utilities or workforce then you must look at the financial ramifications of such an event. The creation and dissemination of viruses has become big business that will grow exponentially as it has moved from the stereotypical basements of hackers into the realm of organized crime and legitimized aspects of armed services for many nations the world around (Fisher, 2012). It is reported that worldwide, viruses have stolen approximately $1. 6 trillion (CMP Media Inc. , 2013) from the global economy. Access Control List Rule policy Security policy at Aircraft Solutions dictates that all firewall and router access control rules pertaining to packet flow be evaluated on a bi yearly basis. Network infrastructure documentation for the company lists one firewall and two routers that are currently in operation that fall within these parameters. Within the San Diego headquarters, all of these devices act as a bulwark against any unwanted intrusion from the Internet at large. Documentation also details there are contractors and suppliers along with customers to contend with regarding external access to the network through these devices. Looking at the internal physical topology it is seen that there is a single router providing packet control for all traffic between the Defense Division in Santa Anna and the rest of the company consisting of Human Resources, Accounting, Direct Computer Numerical Control, Sales and Marketing, IT, and information from the database. Conversely, this same router would also have to act the single point of control between all internal departments at San Diego as it is the only piece of equipment that possesses layer three functionality before passing the firewall. Given these relationships this demonstrates these three devices, particularly the router connecting Santa Anna and San Diego, require extremely detailed and expansive routing rules to effectively run the business. Departmental access list rules could for the most part remain static and not require a great deal of attention once implemented as IP schemas would be established ahead of time for each department. Issues begin to arise when you take into account that over the course of two years, multiple projects will most likely be spun up, numerous â€Å"unique circumstances†, and growth of the network will create a myriad of antiquated access control rules that will represent gaping holes in security that can allow unauthorized access to sensitive company materials and intellectual property. This would also lead to a lack of documentation of access control rules so that there would be no manner in which to simply reference which rules were in place and for what reason. Each annual security review will then sideline the IT department as it analyzes the access control list rules and begins to path them out to their respective devices. At this point, ownership of the device would have to be established, the purpose of that device, and then verifying if access was still warranted. Disagreements at this juncture would result in managerial oversight as department heads would then have to present their cases for and against access. Obviously, this would draw management, especially that of IT, into contracted deliberation that would distract from day to day business. A lack of an overall firewall policy, a bi yearly evaluation of access control list rules, and the previously mentioned issue of non centralized anti-virus software creates a very dangerous environment for data security. A port that is opened for user access is a window into the company’s network that can ultimately be exploited. The more ports that are left open, the greater the opportunity for intrusion. This same lack of a detailed firewall policy also entails that these multiple holes in security can vary in scope since there is not a set control in place to reign in the extent of the security exception being asked (Hogg, 2011). These open ports make the company susceptible to port scanning as outside entities search for network soft spots that can be exploited to gain entry. These scans occur with such constant frequency that they are referred to as Internet background radiation (Notenboom, 2008). Given these factors it is a foregone conclusion that there will inevitably be a breach of the network as a result. Such an event would result in loss of intellectual property, decrease of production, and repeated incidents would create a devastating loss of trust in the eyes of customers. An ancillary security risk is derived from the time and energy spent by IT during each manual review of all access control listings in the firewall and routers. It is feasible that each rule will take an average of an hour to complete if all goes smoothly with tracing the routed path from beginning to end, complying with internal ticket work, verifying the device, and accepting a reason for the route to be in existence. More time would be expended by both engineering staff and then management if there was a dispute as to if a rule should be left in place or not. In terms of just the basic work to go through all the established rules that will accumulate over the course of 2 years, a conservative estimate of 25 requests for new rules per week (based on personal experience within a mid-sized company) would yield a total of 2600 new lines to be analyzed. Assuming approximately a third of these rules could be associated together as projects are increased or decreased, that leaves roughly 866 lines that translates into as many employee hours that will be occupied for this task over the course of 108 days. A team of five in the IT department would require just over 21 full working days to effectively handle this task at a cost of $2,898. 75 to have entry level Network Engineers (Salary. com, 2013) dedicated to the task . If a quarter of these rules are disputed, then the company will pay out another $9,964. 70 (Salary. com, 2013) of lost productivity as the IT manager has to contend with other managers to mediate the need for the rules. It is likely that this endeavor would constitute a major departmental project at the end of the 2 years instead of being worked on throughout the duration. During this time, other work will be assigned to secondary status and put projects and perhaps updates that could be critical in risk of being done on time as all energy and focus resides on the access evaluation. Recommended Solutions Bitdefender To effectively control antivirus from a central source that will push updates to all network devices, demand all equipment connecting has antivirus and allow for mobile devices to be used without issue, Bitdefender small business pack would be the ideal choice. Given that this application suite will provide service to all Windows OS’s from XP to Windows 8 along with Macintosh and Linux support [ (Squidoo. com, 2012) ], it is perfect for allowing outside vendors who may not conform strictly to the Windows platform adopted by Aircraft Solutions. Support for the product is offered by email, and phone coupled with configuration assistance free of charge. As it was not definitely declared how many employees are with Aircraft Solutions, there is a pricing scale of $449. 95 per year for 20 computers and 20 mobile devices [ (Bitdefender, 2012) ]. AlgoSec Security Management Suite In terms of Access Control List management on the firewalls, industry reviews would recommend a single piece of software, Algosec Security Management Suite. With this application, all a user is required to do is simply enter in the IP of the device wanting entry to the network as well as the IP of the device is wishes to access. Algosec will then compute the path from source to destination, provide a listing of all firewalls in the path, and then list out what changes would need to be made to firewall configuration. With a click of a button, it would even implement these changes thereby freeing an inordinate amount of time on the part of IT staff and management [ (AlgoSec, 2012) ]. Cost of the application is approximately $10,000 [ (AlgoSec, 2013) ] which also include support of the product and updates. Impact on Business Processes Implementation pains felt as both Bitdefender and AlgoSec are introduced will be minimal at best. In each instance, less work will be required of employees as they are no longer responsible for their own antivirus and the process by which firewall flows are drafted and put into configuration will be dramatically increased. The point of contention that might make itself known will be at the onset of these applications being installed as they will require some new policy changes. At first, there will most likely be an uptick in questions asked of IT as employees want to know what is required of them with Bitdefender antivirus. It will also require new policy on the part of IT in terms of management of the application as well as procedures for pushing updates into the network. AlgoSec will be almost entirely without incident as it will create a process by which a request is put in for access and instead of being delayed as the path is verified, it can move directly into managerial oversight for approval. Budget Product| Features| Cost| Bitdefender| Centralized AV updatesScalable user supportInternal firewallIntuitive GUIApplication supportInstallation assistance| $449. 95 per year per set of 20 computers/20 mobile devices| AlgoSec| Firewall path operation automationFirewall configuration change automationNegates access control rule auditsProduct support and updates| $10,000 (approximate quote)| Summary Without changes made to IT policy, requests upon the IT department for access to the network and the bi yearly audit of existing rules will eventually grind all departmental progress to a complete stop for months at a time. Automation in this arena as well as a universal standard for antivirus are dire in maintaining a secure network with the necessary resources to make changes as needed. In the face of company growth, if automation is not embraced, then it will become necessary to increase the IT staff by at least 50% within the next 2 years to simply maintain the status quo. Assuming an employee pool of 100, an investment in Bitdefender and Algosec at this time will cost $12,249. 75, with reoccurring annual fees of $2,249. 75. Such an amount if a far cry from an extensive uptick in staff. The end result will be a far more efficient IT department that will be able to accomplish more sustentative work with existing staff at hand. References AlgoSec. (2012, january). AlgoSec Security Management Suite. Retrieved February 18, 2013, from Algosec. com: http://www. algosec. com/en/products/products_overview AlgoSec. (2013, January). How to Buy. Retrieved February 18, 2013, from algosec.

Contraception Is An Entity That Many People Take For Granted

Contraception is an entity that many people take for granted. In the past, women did not have any access to contraceptives because they did not exist at the time. As time passed, the thought of contraceptives began to bloom, but the idea was thought to be â€Å"obscene.† This was in a time where women had very few rights, and one of the rights they were forbidden to have was the right to have access to contraceptives and be active in the planning of their families and fertility. Whether in a relationship or not, women who were sexually active faced the risk of becoming pregnant on several occasions. It was not uncommon to see families consisting of 6, 7, 8, and even higher numbers of children. Women would desire to have children, but not always†¦show more content†¦The most significant events that began the revolution to making contraception more accessible began with the influence and hard work of a woman named Margaret Sanger in the early 1900’s. Margaret San ger and her sisters started what was known as the first birth control clinic in 1916. This was significant because it fueled the upbringing of what we have today known as Planned Parenthood. Margaret Sanger was a nurse that personally experienced and witnessed the effect that a lack of contraceptives can have on women and mothers everywhere. It was her hard work and research on birth control â€Å"safety and effectiveness† that helped to cut down the terrible experiences with birth that several women had to face. Her work helped to decrease the number of miscarriages and abortions, as well as made it so women can have better control on how many children they gave birth to, which ultimately helped families everywhere financially. Margaret Sanger, over time, helped the view on birth control change from being â€Å"obscene† to being a necessary thing. Her movement began the establishments of Planned Parenthoods everywhere. Today, there are about 700 Planned Parenthood health clinics scattered across the states. This is a significant increase compared to the one birth control clinic in Brooklyn, New York that Margaret Sanger started. With this amount of Planned Parenthood clinics, it makes it easier for women everywhere to have access to contraceptives. Planned Parenthood