Technology and Change
Running Head: IT PROJECT PROPOSAL
IT PROJECT PROPOSAL 20
Professional Reflection Essay Submission
Jamie Vaughan
Southern New Hampshire University
28 May 2018
Problem Statement
The cloud is a huge growth area in the information technology sector today. A lot of organizations are embracing the solution to simplify their operations, gain enormous economies of scale and even reduce their cost of operations. It is expected that in a few years most if not all of the information technologies will be run from the cloud. An organization wishing to adopt the solution will need to be aware of the requirements for ensuring they have the best solution they can get for their business.
Significance of Problem
Significance of the problem is there are too many cloud-based products out there, that is lacking high security features. Sure, they have security features, but there is still Hijacking, Data Breaching, Data Loss and Unauthorized Logins. The problem is the firewalls are not protecting the data that is coming into or leaving the network. Companies are still using servers because of the security features, also people do not want to change to something they are unfamiliar with. There needs to be a team setup that their whole purpose is to create security risks, have them breached to fix the problem. This will allow for a stronger security system. It is like a bank, they often hire people to break into their banks, so that they can find the security risks and fix them.
Implementation and Testing Plausibility
The challenges will be to do testing that other companies have failed to do or implement the changes to make the network security better.
· Planning
The first part of the planning will be to research what security measures have been done thus far with companies. Right now, there are five basic rules that IT use for security for web-based products: Review your ransom response plan, check the power supply, map data for better security and compliance, update server protection, and push IT security training wider and deeper (ESET). The planning needs to start with the vulnerabilities that occur daily, which is the phishing, malware, wrong software version that is a security risk and firewalls not protecting the data. The plan needs to raise all security awareness for all users, especially when the storage and other applications are cloud-based. Latency will occur once using cloud-based products, with everyone being on the network at the same time, need to ensure that there is plenty of bandwidth to cover all the users.
· Resources
One of the resources needed for cloud-based is the anti-virus program that will be needed to ensure the security of the user’s devices. There are several products out there that help protect but one of the most secure is McAfee. It will not allow a user to do any kind of work without doing ID check, which can be with a token or an encrypted password. The reliability is very important when it comes to keep out vulnerabilities. Another resource that is needed is the type of firewall that will be needed to protect the network from incoming and outgoing traffic. There will be two different firewalls that will be used Next-Gen Firewall and Application-level Gateways, these will protect the data and the user’s.
Proposal Description
Using cloud-based products versus using servers and purchasing software with licenses. It has been said that using servers and purchasing software with licenses is more secure and more reliable. That is not always the case, servers go down all the time and back is hard to get without a lot of data transferring. Servers are very expensive; the products must be updated often which cost the company a lot of money. The purchasing of software can be very expensive especially when you are getting the licenses for every user. The company needs to spend money on hiring specific employees to be able to manage servers and the data that it holds to manage it daily. Using cloud-based will allow the company to be able to spend money on a monthly yearly basis without breaking the bank. One positive note for using cloud-based products is that is you need more space you just call the cloud company you are using telling them you need more space and they flip the switch giving you more space.
The cost of buying a server or managing it can cost as low as $75k and continues to grow the more the company grows. When using a cloud-based server it can cost as little as .5 cents per hour, making it $12 a day, $4380 per year. This is an easier to come up with yearly then to come out of pocket $75k.
Overview of Solution
The first part of the cloud adoption plan is the assessment process. During this stage will be an evaluation of the business value, benefits, and feasibility of implementing the cloud solution. Understanding this early enough will ensure that the solution deployed is perfectly aligned with the organization and that the necessary objectives of the business are covered. There are also cloud vendors that provide cloud partnerships which can be leveraged to provide add-on services like improved after-sale technical support, discounts and so forth (Gholami, Daneshgar, Low, & Beydoun, 2016). The stage should ensure that the pros and cons have been definitively evaluated.
Preparing a cloud strategy is the next step in the adoption process. The strategy needs to be customized to the needs of the organization. The existing solution will then be leveraged with platform as a service (PaaS), infrastructure as a service (IaaS) and software as a service (SaaS) solutions that will be adopted. The appropriate architecture is also decided upon at this stage. The applications that will be used in the cloud are decided at this point in time with the best options being stand-alone solutions that will ensure any potential disruption is limited to that single application. Other factors to consider include their capacity for productivity, agility, and efficiency. At this point, the organization must decide on whether to adopt a public, private or hybrid cloud solution. The service level agreement (SLA) entered with the cloud vendor will provide guarantees from them on the quality of service as well as the terms of policy and governance (Rountree, & Castrillo, 2013).
The implementation stage of the process will include such tasks as the standards to be adopted i.e. OpenStack adaptability and portability standards. There will also be the methodologies for migration of applications that will be adopted at this stage. The architectures selected will be used to develop these strategies including scripts and use cases. The appropriate servers are also taken into account (Gholami, et al, 2016)
Optimization is a stage that will lead to more streamlined business processes and licensing regimes that should lead to efficiency and increased value to the organization. With organizational efficiency, the company will be better positioned to offer better services to their customers. Other optimization strategies include evaluations conducted after deployment to determine and rectify problem areas and conducting skills assessments (Rountree, & Castrillo, 2013).
Methodology and Tools for Developing the Solution
As a first time development, there are the possibilities that there might arise various issues. If a major issue occurs during the process, it has the potential of disrupting the operations of the company in a major way. To avoid such a situation, the team will be choosing stand-alone applications and adopting the agile development framework.
The agile development framework is a project management methodology that divides tasks among different development groups. Each of them implements their requirements independent of the others. Characteristics of agile projects include empowered team leaders, clearly defined roles in teams, sparse documentation and the emphasis on testing a product before releasing it. It is a project option that should work in the development of the cloud solution and it can be done while the existing solution is still in place (Kerzner, 2013). This will avoid potential disruptions that could affect the normal operations.
Requirements and Gap Analysis of the Solution
There will be expectations of the cloud solution that will need to be met to consider it a success. Functional requirements will be those that ensure that certain technical milestones are met by the cloud solution. There will be three main levels of the cloud with the rise of each level representing the need for less technical expertise necessary to implement it. The lowest level will be the most complex and will include the compute and manage resources. The compute resources include the memory, the CPU and the disk which are required to power the applications that will be deployed. It needs to be capable of handling the load that will place on it. The manage resources include software provisioning and virtual machine management which are needed to provide server platforms and monitor the resource requirements of the application. The next levels are the development and deployment environments that are used for the development and deployment of applications. The applications themselves occupy the highest level where they can be easily accessed by users (Rountree, & Castrillo, 2013).
The performance requirements will include the capacity to serve users by ensuring the resources are always available to them. There will be the mobile users who will access the cloud resources through different WLANs, LANs and internet connections. They will be accessing the cloud through different devices like smartphones, tablets, laptops and desktop PCs. The cloud needs to be capable of meeting their requirements. Security requirements will be the cloud's capability of ensuring the confidentiality, integrity, and availability of the data that will be passing through it (Hathaway, 2014).
The gap in the current solution is that it can deliver applications to users outside the immediate network in a reliable manner. When it happens it usually slow and incomplete. The cloud will be capable of serving remote users anywhere they are so long as they have access to a reliable internet connection and an enabled device. Same way, the current solution does not have the requisite security solutions that can prevent attacks from the internet. With the cloud providing a greater exposure on the internet, it will also provide the necessary solutions to protect against viruses, ransomware, and distributed denial of service (DDoS) attacks and many more threats (Hathaway, 2014).
Compliance Requirements
There are many compliance requirements that need to be adhered to when adopting a cloud solution. These include Payment Card Industry Data Security Standard (PCI DSS) for financial transactions, the Federal Security Information Management Act (FISMA) and the FTC Act from the federal government as well many more from both the federal and state governments. These are necessary compliance requirements given the sensitivity of data being handled that could belong to third parties like customers (Rountree, & Castrillo, 2013). The cloud user and the cloud vendor have a part to play in adhering to these requirements and most choose to collaborate in ensuring that the various requirements have been adhered to.
Problem Statement
The main problem was the poor security and other functional requirements that were being witnessed with a lot of information technology products in the market. The project aims to implement a cloud solution that takes into accounts most of the shortcomings that were identified in other products. The cloud solution will need to be not only proficient on a technical level but also capable of fulfilling the business requirements set out for it. The cloud solution is also expected to expand the reach of the network as the current one is restricted by being limited in that scope. The complete solution should ensure that the full benefits of using the technology are realized. (Rountree, & Castrillo, 2013).
Application of Knowledge on Stakeholder Needs
The stakeholders involved in the project will have an important part to play in the success of the final solution. Everyone that is invested with project are considered a stakeholder, that will invest their time and energy to build and make the project stronger and more reliable. Their views and suggestions will be of importance to the eventual outcome and they will be incorporated where necessary. One of the main needs of the owners was the provision of adequate security functions. With the importance of data that they held, it was necessary that the security tools that were put in place were capable of providing the requisite protection against common and are threats as well. The owner was insistent on an early warning system that alerted them to an ongoing attack on the system. Such a tool would provide an opportunity to directly steer the response to an attack and ensure that the damage is contained as much as possible. Also as part of this, a backup system was provided that was in tune with the owner's requirement. It involved using different data centers located far away from each other as to not be affected by the same potential disaster. The cloud was configured to provide multiple failover options that ensured business continuity even in the case of a potential disaster. (Rountree, & Castrillo, 2013).
The cloud solution needed to be capable of serving users who were spread far each other. Where the old solution mostly served the users located at a single office premise, the cloud solution needed to expand its reach. With expanding the reach of the cloud, they need to make the security stronger and more reliable. The security needs to start with an antivirus program that will protect all the users and multiple firewalls to protect the network. Among the solution was making the service accessible to a wide variety of internet connections including WANs, LANs, wireless, mobile and more. The solution was also designed to access of a variety of devices including smartphone, tablets and the expected laptops and desktop PCs. The purpose of this was to make the cloud solution available to a bigger variety of users. (Rountree, & Castrillo, 2013).
Overview of the Design
The design process included the requirements stage which covered the needs of the three level to be developed in the cloud solution. These are the lowest level which included the ‘Compute' and the ‘Manage' resources. Here would be the CPU, disk, memory as well as virtual machines management and software provisioning. With the components of the CPU and virtual machines, it will be able to compute the necessary data. The next level would be the environments responsible for the development and deployment of applications with the final level being the applications. Agile development framework will be applied in the process to ensure high quality and accountability of the process. As far as the development process has reached, the model has been functioning largely as it was intended to, with the main issues being in determining the eventual scale of the system. It is an aspect that should be tested once all the components are completed and integration is done. (Rountree, & Castrillo, 2013).
The main challenges of the process were largely the need to keep testing the security resilience of the components. The success of each iteration in the process requires that adequate security testing is done of the components. It has been a stage that has taken a lot of time as the various tests are conducted. However, the upside of it is that it should significantly lessen the need for testing in future. Another challenge was the changing requirements by the owner which while not extensive, still meant that some of the iterations might have had to be redone so as to capture these requirements. It meant that the project timelines needed to be adjusted accordingly and the absorption of the resultant cost overruns (Kerzner, 2013).
Project Implementation
The project implementation plan will largely involve the migration of data and application to the cloud platform and the configuration of security settings. With the data involved being of a sensitive nature, it will be important that the plan consider options that will ensure the data is safeguarded throughout the entire process. The owner requested if it would be possible to conduct a live migration to minimize the disruption to operations. The process of live migration involves moving a virtual machine from one physical host to another one without causing any downtime for the end users. In this case, it will be moved to a cloud platform. It is a process that should take a few hours to be completed (Rountree, & Castrillo, 2013). Once complete, the owners will be provided with their new credentials to use when accessing the cloud.
The next step will be the configuration of security for the new platform. The cloud will have a number of actions taken to ensure its safety. These will include an intrusion detection system. The intrusion detection will responsible for screening all traffic that will be passing in and out of the platform and ensuring that they are all legitimate. The intrusion detection system once it discovers a potential threat, it will take the appropriate actions. The plan is to also include intrusion prevention in the solution that will be selected to avoid requiring the administrator to cater to every threat. A hybrid intrusion detection system will be used, capable of identifying threats from a constantly updated database of threats as well as identifying any anomalies in the operations of the cloud platform. Another security action will be the setting up of user profiles (Rountree, & Castrillo, 2013). Each user will be required to have a unique username and password that they will use to access the cloud and its resources.
Project Testing
Testing will be necessary to ensure that the implementation process was successfully done. Even with state of the art cloud architecture with high-quality hardware in the data centers, it is still important to conduct testing. Failures can affect any system and be prepared for potential failures can help in minimizing the level of damage caused. Resilience testing is a form of testing that measures how a system can ensure multiple failures at a go. To avoid major disruptions should things go wrong, it is done in a controlled environment. The resilience testing will test for how the system will respond to various simulated failures that are inflicted upon it (Hyslip, 2015). The results of the resilience tests will then be used to build the necessary protections and make improvements where necessary.
Another form of testing will be penetration testing. This form of testing is usually by an external contractor who has essentially being authorized to hack into the system. The hacking will be done to identify weak areas and vulnerabilities in the system that can be exploited by cybercriminals. The external contractor will be an ethical hacker who will provide the owners with a report of all the vulnerabilities they encountered and recommend how best to rectify them. (Hyslip, 2015).
Report Summary
The implementation process will need to be done in a structured manner that takes into account all the potential pitfalls. Live migration was found to be the best method for implementing the migration of data and applications to the cloud. To ensure a smooth transition, experts will be brought in to oversee the process. Also considered in the implementation stage is the options in place for backup of the data. It will be done by hosting in different data centers spread around in different geographic locations.
The testing is not expected to catch all vulnerabilities or foresee every potential risk. It is however expected to provide adequate information to support a robust mitigation strategy. Regular testing will be necessary in future to cater for emerging threats.
Stakeholder
A buy-in agreement is a key component for stakeholder, with this idea it is to keep open communication with all levels of stakeholders within the organization. With the company growing communication plan needs to build around the affected parties and customers. The proposed plans are the engagement feedback that will improve the stakeholder’s involvement. The engagement process is aware the best business ideas are coming from outside the organization.
The proposal needs to be a solid plan so that the stakeholder’s will confidence in buying into the idea. You need to believe in the product, present it with passion, if the stakeholder’s see the presentation as weak or that you are unsure of yourself, they will walk away without any concern. The project will not sell itself, but the confidence needs to come from the presenter.
The stakeholder’s need to feel they are part of the project, this will allow them to make the decisions to join the project. Having the stakeholders be in the decision-making process will make them think they are contributing to the project and the success of how the project will turnout.
There are several cloud-based product that are currently available, while the stakeholders can research everything on-line, the project needs to make on-line look a kids toy.
Recommendation for future enhancement
The speed of acquiring and sending data back to the cloud should be considered. In as much as security is a significant concern, the speed of acquiring the data may be affected by network traffic. Data needs storage space, and the more you provide adequate storage, with the better since speed can easily be affected by low storage. The issue of speed can also be tackled by adopting a decentralized system and building the best infrastructure which can enable more users to utilize the resources available online without being affected by speed.
Online resources offered by cloud computing includes data and application platforms. These resources are offered through the internet by the service provider. There are many considerations to make in the implementation process. The future of this project depends on all the elements are incorporated and executed. One of the major concerns is the security of the data once it is stored in the cloud. So far the project has been based ideally on testing and coming up with appropriate security measures such as designing a sophisticated antivirus program.
There is a need to have a backup system where in case the cloud is not in its best state; the users will still be able to access their data. This is important, especially when handling vital data which may contain confidential information. At no point in time should there be a situation where data is lost even when the system is hacked. ‘
A three-layer security system should be adopted, and the first layer may require user credential while the second and the third layer may require a kind of interaction between the system and the user. Face recognition software should be installed to enhance the security. The user may be required to update their location from time to time so that any attempted login from another location identified and necessary action be taken to ensure that the user data is protected.
A proper infrastructure regarding hardware resources has a bearing on the security and efficiency of hardware resources. The future of cloud computing depends on the type of computer systems which will have been invented. High speed and smart computers plus the user o satellite for storage and communication systems may speed the process and improve the security of data. These cloud computing resources are shared online hence there is a need to have a system which can transmitted relay real-time online resources to all the users.
The systems should be able to notify the administrator in case their security breach. An advanced security breach notification system is required so that in case there is an attempt to steal data or to infiltrate the system; proper action will be taken in time. It is also important to implement the best installation and configuration measures to avoid issues which as arise as a result of poor installation and configuration process.
Challenges and Lessons Learned
Building the project has been challenging for me, I thought I would explain the vulnerabilities with cloud-based products and the security risks involved. The problem is that there really isn't a huge security risk, at least as much as I thought there would be. I thought I would make a web application to represent the other companies and the company I wanted to show, that would tell the consumer why they want to choose our company. Trying to demonstrate the type of applications that would be used and the type of programs that the company would need has been very challenging. I want people to understand that all companies has vulnerabilities but some are more than others.
Looking at the Stakeholders will be the challenging part of the project, this is because I have to figure out the best way to sale the project to them and for them to want to tell other customers about our business. The stakeholders have a huge part in if this project will be successful or not. I want to ensure that best project can be presented to the stakeholder and ensure the reliability.
I think there are security risks, but proving it is a different story. Companies that are creating cloud-based products have gotten better at hiding the security concerns and focusing on the product itself. The reason companies are using more and more cloud-based products is because of the cost, they figure they can skimp on the security to be able to more customers, that will make the money to beef up the security elsewhere. I have researched several different companies to find that most of them have the same specs and off the same amount of security. Creating a database or building a web application isn't going to show the security concerns but will help build a stronger project. You would have to work with the designer or the developer to see how the product is made to see the security flaws, that would be the hard of part of making this project talk about security concerns.
Modification Strategies and Actionable Steps
Being able to have a good plan starts with being able to build a strategy for the planning process, to avoid any unplanned or unexpected security vulnerabilities. The best solution for this is to compile a list of questions and have them answered by a group of experts, they can work on the concerns or issues to develop a solution. The process needs to be validated by using either AWS, Azure or other cloud platforms, making a roadmap with ensure the cloud management. Use Multi-Cloud to map different aspects with one of the platforms used for cloud-based products. The cost is one of the largest factors that need to address, this will give a TrueSight for the entire project. Security is going to remain a concern for any platform, as things tend to move forward the security risks will not change but may increase as time goes on.
Potential Issues
There are several potential risks, when it comes to using cloud-based products or cloud computing. One of the potential issues are the ability to grant administration access to those that may not know what they are doing or someone that can gain PII and sell to a high market. Want to ensure that the personnel working in the administration part of cloud-based products have been properly screen and have them sign any documents to ensure that the information they see in front remains confidential.
Breaching data sources is huge potential risk that all cloud-based products need to be concerned with, this is a huge security violation that all customers need to be weary of no matter how confident they are with the company. Setting up firewalls will protect the breaching from occurring, setting up database with encryption is a must done to prevent the reading of documents that are in the database without specific permission.
Change is always occurring with updates of cloud-based products, there may be changes that occur that the customer isn’t ready for or just don’t have a need for the change. The changes that occur might force the company to buy more of the product or must invest more money into the product, the company may not be ready for such changes. Cloud-based companies to prevent over cost or surprise cost on their product, this will ensure that customers are happy and will continue doing business with the client.
Reflection
It is my immense and delightful that I inspired opportunity to compose this reflection toward the finish of my Capstone Final Project as the finish of entire encounters of the course and the entire Masters. Beginning from the earliest starting point of the course I felt that this course is truly feel sorry for simple as it has very little stuff to do only a solitary last venture on which we simply need to work for entire 10 weeks. No contextual investigations no such additional accommodation we simply expected to concentrate on this last venture. Yet, with the traverse of weeks and weeks I understood that I wasn't right it really required full endeavors as the entire venture is involve 800 checks and is the concentrate of my entire MS. From the earliest starting point till end when I am composing this exposition this venture asked me additional common commitments endeavors and diligent work. Today I can state that this venture was totally extraordinary with rest of those which I had in my rests of the program. Those undertakings were never requested such commitments and additional endeavors as it requested. Today while composition this article I have enough sentiment that I am completing my lords today. I spent right around 2 to 3 hours for a month and a half on regular schedule and more than 7 to 8 hours in the last couple of week just on research and making each one of those stuffs plausible for my venture which I removed from various research papers and contextual investigations. Subsequent to experiencing just about 13 researcher's full research papers more than 16 white papers distributions, 26 websites and 4 manuals including Microsoft, CISCO, Intel and Dell, putting in a really long time on those exploration attempting to social affair adequate and suitable data identified with the venture and aggregation, gathering part of information controlled into a legitimate frame to make it in an appropriate data and experienced on various client manual of programming dialects and system gadgets it is possible that they are perfect with my utilized OS toward the end with completely commitment and focus got this refined item and I am pity certain that it is up to review of my teacher which he is requesting. I attempted of my best to cover every last corner and satisfy all the required hubs without missing even a solitary point. While composing this paper I found various data which I never knew and perhaps I would never acquainted with that data however today in view of such research for specific this venture I got several additional data identified with Data Security and how really it manages in. My appearance is a rearranged type of my entire endeavors while examining and composing the paper. Fundamentally my own inclination is towards Information and Data security and I need to be an Information Security Specialist, which spurred me towards this side of venture. In the event that I take a look over the issue of IT I think information rupturing and hacking is the most widely recognized risk on IT division which really happens each following couple of months if read the details. So this issue emerged in my psyche while conceptualizing for the venture so I went to determination to outline a framework which takes a shot at the blend of two remarkable personalities which each human has an extraordinary one. My proposed framework can be executed on the door of a datacenter, web server or the NOC where it will ask to the client to come before the retina scanner and put his/her correct hand on the biometric scanner to have a picture of the fingers and hand these both pictures will be changed over into a dark scale picture and will be changed over into a parallel number of both and after that will include those numbers the premise of Binary including and will get a last one of a kind digit of both the elements which will be check in the database either the individual who needs to be sign in or enter is a real client or an interloper or an unapproved individual needs to be get in. This is a prototypic approach of what I think about the entire item and how it can be one of a kind and need of current circumstance, and how it could be an undertaking arrangement of the business angle. May be it required some additional work to do yet I am certain that would be acknowledged when it will be executed physically.
If close my entire experience of examining MS-IT truly it was an exceptional one. I would never envision that I can have a ton of fun and can get enough introduction while having my asters. It was absolutely an alternate ordeal of me having concentrate here in US as I am a universal understudy. It was immaculate end as it could be of my lords and I conviction so this entire residency of just about 2 years amid my reviews I can always remember for my whole life. At last I might want to thanks all my regarded teachers and all the concerned staff including my guide (Cristina Ana Poore) and all the rest staff and ISS office they generally helped me hotel every one of my challenges. They never felt me as I am outsider here in US and dependably took me certain in all my own issues.
Appendix
Appendix A: Problem Statement
Cloud, this is the practice of using the internet as a storage section for information instead of using a local server.
Firewalls: network security system that protects, by monitoring and controlling incoming and ongoing network traffic based on the known security rules.
Appendix B: Resources
Antivirus: Software designed to protect, remove and detect malware and computer viruses like Trojan, adware among others.
Appendix C: Compliance Requirement
The payment card industry data security standard (PCI DSS) has twelve requirements that every organization handling branded credit cards is needed to adhere. The requirements are grouped into six sections termed as control objectives. The first group of requirements needs the company to build and maintain a secure network and systems. The second group requires protecting cardholder data. The third is that it needs to maintain a vulnerability management program. The fourth requires implementing strong access control measures. The requirement to regularly monitor and test networks is the fifth group. The last group requires the company to maintain an information security policy.
Apart from Visa and MasterCard merchants having a mandatory requirement, other stores or cardholders do not have mandatory entities.
Another compliance requirement is based on the Federal Security Information Management Act (FISMA). The task of the agency to assign various security agencies to ensure that the data in the federal government is secure according to Gikas, (2010); various companies carry out security reviews of keeping risks at bar. The FISMA compliances that an organization is needed to meet include the requirement to categorize information to be protected, to come up with the minimum baseline controls, to sort controls using a risk assessment procedure, to document the controls in a security plan, appropriately implement the security controls and assess its effectiveness, authorize the information system to be processed and lastly to monitor the security controls on regular basis.
FTC is one of the compliance requirements for the data companies. The federal commission act ensures that there is no unfair trading. The function of the act investigates and sues companies that practice fraudulent in the business. Therefore the companies are required to put in place various strategies that ensure fair trade between other companies and business (Martínez-Pérez, De La Torre-Díez, & López-Coronado, 2015).
References
Gikas, C. (2010). A General Comparison of FISMA, HIPAA, ISO 27000 and PCI-DSS Standards. Information Security Journal: A Global Perspective, 19(3), 132-141.
Gholami, M. F., Daneshgar, F., Low, G., & Beydoun, G. (2016). Cloud migration process—a survey, evaluation framework, and open challenges. Journal of Systems and Software, 120, 31-69.
Hathaway, M. (Ed.). (2014). Best Practices in Computer Network Defense: Incident Detection and Response (Vol. 35). IOS Press.
Hyslip, T. S. (2015). BIT WARS: Cyber Crime, Hacking & Information Warfare. Dr. Thomas S. Hyslip.
Kerzner, H. R. (2013). Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons.
Martínez-Pérez, B., De La Torre-Díez, I., & López-Coronado, M. (2015). Privacy and security in mobile health apps: a review and recommendations. Journal of medical systems, 39(1), 181.
Rountree, D., & Castrillo, I. (2013). The basics of cloud computing: Understanding the fundamentals of cloud computing in theory and practice. Burlington: Elsevier Science.