In: Computer Science
Floor Candy is a small firm that manufactures high-quality rugs and carpets. Using special software, the company can translate a customer sketch into an attractive custom design. Three years ago, the IT staff developed a Web-based order system. The system has performed well, and most maintenance has involved correcting minor errors. Now the company would like to add more features, including menu-driven design tools, and a more customer-friendly interface.
Tasks
1. What types of maintenance has the IT staff performed? What types of maintenance will they perform if new features are added?
2. If new features are added, what methodology should the IT staff use to add the functions and enhancements?
3. What IT security measures should the firm adopt? Prepare a security checklist, and be sure to consider all six security levels.
4. Even though the new system is only three years old, the marketplace changes constantly. In three more years, should Floor Candy consider replacing the new system? What factors and information should guide that decision?
enhancements. Using this approach, all noncritical changes will be held until they can be
implemented at the same time in the package called a maintenance release.
following is a checklist that a company might use to assess security and prepare for future
security threats and problems:
Physical Security
- Survey the security of the computer room at various times and days of the week, and
attempt to enter the computer room security perimeter.
- Assure that each entrance is equipped with a suitable security device.
- Determine whether all access doors have internal hinges and electromagnetic locks
equipped with a battery backup system.
- Test biometric security devices, if any.
- Test video cameras and motion sensors, if any.
- Check each server and desktop computer case to determine whether it has a locking
device.
- Try to identify any server or computer case that would permit the installation of a
keystroke logging device.
- Determine whether tamper-evident cases are, or could be, used.
- Find out whether monitor screensavers are being used on any server or workstation
that is left unattended. See if BIOS-level passwords, boot-level passwords, or power-
on passwords are in use.
- Examine notebook computers to assure that each has been marked or engraved with
the company name and address, or a tamper-proof asset ID tag.
4) If the features and up[dations are not good in implementing in that software definitely without any doubt it will be replaced by the other software so there must be very carefull keen observation regarding the devoleping and consistency in maintainance of the software.