Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Research Report 2

Follow the attach instructions to complete this work.

Research Report #2: Emerging Issues Risk Analysis and Report

CAUTION:

There are a number of websites which are offering “professionally written” versions of this assignment. Please do not make the mistake of trying to use such papers as sources for your research. They do not meet the requirement for authoritativeness (see 
https://libguides.umgc.edu/credibility ).  

Scenario 

The Entertainment Team (ET — part of Resort Operations at Padgett-Beale, Inc.) is excited about a new event management platform and is ready to go to contract with the vendor. This platform is a cloud-based service that provides end-to-end management for events (conferences, concerts, festivals). The head of Marketing & Media (M&M) is on board and strongly supports the use of this system. M&M believes that the data collection and analysis capabilities of the system will prove extremely valuable for its efforts. Resort Operations (RO) also believes that the technology could be leveraged to provide additional capabilities for managing participation in hotel sponsored “kids programs” and related children-only events. 

Tatiana Stepanishcheva / iStock / Getty Images Plus

For an additional fee, the event management platform’s vendor will provide customized Radio Frequency Identification (RFID) bands to be worn by attendees.  

The RFID bands and RFID readers use near-field communications to identify the wearer and complete the desired transactions (e.g. record a booth visit, make a purchase, vote for a favorite activity or performer, etc.).

The RFID bands have unique identifiers embedded in the band that allow tracking of attendees (admittance, where they go within the venue, what they “like,” how long they stay in a given location, etc.).  

The RFID bands can also be connected to an attendee’s credit card or debit card account and then used by the attendee to make purchases for food, beverages, and souvenirs.  

For children, the RFID bands can be paired with a parent’s band, loaded with allergy information, and have a parent specified spending limit or spending preauthorization tied to the parent’s credit card account. 

The head of Corporate IT has tentatively given approval for this outsourcing because it leverages cloud-computing capabilities. IT’s approval is very important to supporters of this the acquisition because of the company’s ban on “Shadow IT.” (Only Corporate IT is allowed to issue contracts for information technology related purchases, acquisitions, and outsourcing contracts.) Corporate IT also supports a cloud-based platform since this reduces the amount of infrastructure which IT must support and manage directly. 

The project has come to a screeching halt, however, due to an objection by the Chief Financial Officer. The CFO has asked that the IT Governance Board investigate this project and obtain more information about the benefits and risks of using RFID bands linked to an external system which processes transactions and authorizations of mobile / cashless payments for goods and services. The CFO is concerned that the company’s PCI Compliance status may be adversely affected. 

The Chief Privacy Officer has also expressed an objection about this project. The CPO is concerned about the privacy implications of tracking both movement of individuals and the tracking of their purchasing behaviors.

The IT Governance Board agreed that the concerns expressed by two of its members (the CFO and CPO) have merit. The board has requested an unbiased analysis of the proposed use cases and the security and privacy issues which could be reasonably expected to arise.  

The IT Governance Board has also agreed to a request from the Chief of Staff that the management interns be allowed to participate in this analysis as their final project. Per the agreement, their involvement will be limited to providing background research into the defined use cases for cashless purchases. These use cases are:

1. Purchases for craft materials and snacks by children (under the age of 13) attending a hotel sponsored “kids club” program.   

2. Purchases by Individuals attending a music festival or other event where IDs must be checked to establish proof of age (legal requirement for local alcoholic beverage consumption).

3. Purchases by attendees at trade shows (attendees are “adults”). 

Your Task

Pick one of the three use cases listed above. Then, follow the directions below to complete the required research and write your final report.  

Research

1. Read / Review the readings in the LEO Classroom.

2. Read this 
introduction to RFID technologies

3. Research one or more of the Use Cases

· Children: 
8 Benefits of Using RFID Wristbands for Resorts & Attractions (see section 4: Family Freedom) and Tappit launches new RFID wristband safety functionality 

· Managing Adult Attendees at Music Festivals (includes RFID bands linked to twitter, Facebook, and credit/debit card): 
RFID wristbands vs NFC apps: What’s Winning the Contactless Battle?  

· Tracking Adults at Trade Shows: 
RFID wristbands – the good, the bad and the ugly  

4.
Choose one of the Use Cases then find and review at least two additional resources on your own that provides information about privacy and security related laws that could limit or impose additional responsibilities upon Padgett-Beale’s collection, storage, transmission, and use of data about guests. (Note: laws may differ with respect to collecting data from or about children.) You should also investigate laws, regulations, or standards which impact the use of the RFID bands for mobile purchases.

5. Using all of your readings, identify and research at least 7 security and privacy issues which the IT Governance Board needs to consider and address as it considers the implications of your chosen use case upon the adoption or rejection of the proposed IT project (Event Management Platform & RFID bands). 

6. Then, identify 7 best practices that you can recommend to Padgett-Beale’s leadership team to reduce and/or manage risks associated with the security and privacy of data associated with the event management platform.

Write

Write a five to seven (5-7) page report using your research. At a minimum, your report must include the following: 

1. An introduction or overview of event management systems and the potential security and privacy concerns which could arise when implementing this technology.  This introduction should be suitable for an executive audience. Provide a brief explanation as to why three major operating units believe the company needs this capability. 

2. An analysis section in which you address the following: 

a. Identify and describe your chosen Use Case

b. Identify and describe 7 or more types of personal / private information or data that will be collected, stored, processed, and transmitted in conjunction with the use case.   

c. Identify and describe 5 or more compliance issues related to the use of the RFID bands to make and track mobile purchases.

d. Analyze and discuss 7 or more privacy and security issues related to the use case. 

e. Identify and discuss 3 or more relevant laws, regulations, or standards which could impact the planned implementation of the event management system with RFID wrist bands.

3. A recommendations section in which you identify and discuss 8 or more best practices for security and privacy that should be implemented before the technology is put into use by the company. Include at least 2 recommendations in each of the following categories: people, processes, policies, and technologies.  

Take Action

   Review the difference between a process and a policy. 

4. A closing section (summary) in which you summarize the issues related to your chosen use case and the event management platform overall. Include a summary of your recommendations to the IT Governance Board.

Submit for Grading 

Submit your research paper in MS Word format (.docx or .doc file) using the Research Report #2 Assignment in your assignment folder. (Attach your file to the assignment entry.)

Additional Information 

1. To save you time, a set of appropriate resources / reference materials has been included as part of this assignment. You must incorporate at least 5 of these resources into your final deliverable. You must also include 2 resources that you found on your own.

2. Your research report should use standard terms and definitions for cybersecurity.   

3. Your research report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. UMGC recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. 

Take Note

APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use.

  4. You are expected to credit your sources using in-text citations and reference list entries.  

image1.jpeg

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

The Equifax Data Breach

Briefly explain what the Equifax data breach was, why it happened, and why it was important. You should mention that Equifax failed to protect personal data, discuss the ethical and security issues involved, and explain what companies can learn from the incident. Please see attached documents. 

Reflection on Big Data and AI

please see attached DAT 260 Module Five Journal Guidelines and Rubric Overview In this journal assignment, you will reflect on key concepts covered in this module. This assignment directly supports your work in Project Two, which is due in Module Seven. Directions In a well-crafted journal entry, address the following:

Disaster Recovery

  Questions: Research the network and server outage problems experienced during a previous man-made or natural disaster and answer the following questions: What parts of the infrastructure was impacted? How were the networks recovered? How redundancy could have mitigated the impact of the disaster?

Network Design and Plan Purpose

Please review attachment Mod 4 Project: Network Design and Plan Purpose In this module, we will introduce a course design project that will be completed in four parts during the course. This project provides you an opportunity to solve a comprehensive problem in firewall and virtual private network (VPN) implementation

Memecoins & Stablecoins Development

Please take a look at the attachment. Lab #3: Blockchain-Based Ecosystems: Memecoins & Stablecoins Development, Attack Simulation, and Auditing Lastname: ______________ First name:____________Date_______ TA_Prove_ Yes/No 1. Overview This lab guides students through designing, implementing, deploying, testing, and auditing a simple memecoin (ERC‑20) and a minimal ecosystem around it (liquidity pool,

Blockchain Presentation

presentation about a blockchain Term Project CIS 5730- Blockchain Application Project Guideline Part ii–Presentation Along with the project you will present what you did to the class in a short presentation. If you want, you can demonstrate the project, or just present an overview of what you did. Presentations should

Network Threats

  Questions: Below is a list of common network attacks: Distributed Denial of Service (DDoS) DNS poisoning ARP poisoning Domain hijacking MAC flooding MAC cloning Man-in-the-Middle Explain two of these network attacks and discuss methods/techniques for protecting the network against them.

Best Practices for Role-Based Privilege Management in Databases

  Research the best practices for managing and securing role-based privileges in databases and address the following questions in your discussion post:  What are the key challenges in managing role-based privileges, and how do they impact database security? Can you provide a real-world scenario where poor role-based privilege management led

Computer Science Cloud Computing assignment

Please see attachment for details 4 [ Note: To complete this template, replace the bracketed text with your own content. Remove this note before you submit your paper.] Cloud Computing Evaluation Paper 1 Cloud Computing [Differentiate between cloud computing models and their uses. What are the different types of deployment

Computer Science- Python Python Programming Assignment

Computer Science Python Programming Lab assignment help. Design a Python program that calculates a credit card customer’s minimum payment based on their balance. Please use If Else and elif statements in your code. You must add comments in your code. Please round the minimum payment to two decimal places using

Blockchain Application

I need help with my coursework project. Let me know if you need any help from me.  Lab 2: Blockchain-Based Academic Credentials Lab Lastname: ______________ Firstname:________________ 1. Overview AETHELRED UNIVERSITY Registrar’s Office wants to start issuing a digital transcripts and diploma for graduating students. You are called to build the

LOREM, IPSUM

The ability to develop a risk register is a skill needed by all cybersecurity leaders when assessing cybersecurity risks. A risk register provides a detailed listing of known risks as well as quantitative or qualitative assessments of those risks, resulting in the prioritization of action.

Virtual LANs

  Questions: A VLAN allows different devices to be connected virtually to each other as if they were in a LAN sharing a single broadcast domain. 1. Why a network engineer would want to deploy VLANs? 2. How do VLANs improve network security?

compliance and rules to follow in cybersecurity.

Follow the attached instructions to complete this work. Note: Make sure to follows rubric or aligns with Rubric. Unit 8 Assignment Directions: Case Study Review the following hypothetical case study. Consider the big-picture ideas and the specific concerns. Make use of the key terms and concepts from the readings in

Discussion on data ( computer science)

Follow the attached direction to complete this work Unit 7 Discussion   Overview Consider this scenario: PQR Corporation provides facial recognition technology to customers. Its products include customer access to consumer electronics as well as mass surveillance capabilities through networked camera systems. While operating legally, PQR has maintained a low

Computer Science – Machine Learning Python Programming Assignment

Assignment Help. Please don’t forget to add comments in the code Page 1 of 3 NorQuest College – CMPT 1011: Lab Assignment 5 CMPT 1011: Introduction to Computing Lab Assignment 2: Variables, mathematical operations and data types Value This coding challenge is worth 3% of your final grade. Background In