peer review and reflection:
contribution as part of team member in assignment which highlight the risk
assessment. The assignment illustrate the network planning, design
configuration and its risk assessment and maintenance. Hence it further provide
understanding to the technical devices which would be implemented in the
network of specified building provided in the assignment brief. As part of the
assignment, I was accountable to provide the brief understanding to the RISK
assessment to the network. It consist of various factors which could affect the
infrastructure as part of the security risk disputes, physical appearance,
bandwidth distribution and allocation of most relevant person for
responsibility to assets usage.
was a great opportunity for me to understand the core concept of risk
involvement to the network deployment which I took as a challenge to prove the
responsibility with major key points appointed as a risk factor.
has also allow me to communicate with other colleagues on the same
understanding of the project. The task was part of the major contribution to
the report which was taken into account. Group meetings was always helpful for
me as it was vital to approve every device considering the risk factor evolve
the project went very well, no doubt it help me to understand the learning
factors from colleagues which not only boost the basic learning knowledge but
it also provide an opportunity to debate on a particular factor, which lead to
the project successful. Moreover the team was not involve in such particular
ethical issues, but we have manage to tackle learning and educational
difficulties throughout the period of this assignment. My contribution to this project was not only
focus on risk assessment part, as I was keen to learn the business planning and
network solution proposed. These particular network solution has been research
on personal phase to understand business employability factors to resolve
Assessment and its contribution to project:
order to obtain a classified authentic access to the technical project based on
ethical and security risk issues, it is necessary to analyse the factors
involved in it on each stage of deployment process and follow the planning,
design and analyses procedure, as it avoid interruption and provide a record
even for future enhancement of project.
consideration to the risk factors, we as a team are aware of both health and
wealth concerns involve to the company and university of Bedfordshire, and the
safety of radio waves via antenna and wireless network devices. These are the
main assessment has been taken by us and the industry itself, although there
are no scientific facts which suggest regarding the proposed wireless devices
pose any kind of risk to general user and public.
research conducted scientifically, which record the measurement of radio waves
used by wireless devices, WLANs and mentioned network deployment strategies by
various industry and government department. 1These survey has been conducted
in highly sensitive areas where wireless devices are commonly used such as
public library, schools, offices and administrative part of the hospitals. It
shows the low risk and threat involvement by WLAN.
Health Risk factors
there are few health risk associate with Wi-Fi:
According to the research conducted by the earthcalm.com
scientific body 2. These are most common symptoms appear in the log report by
public, through microwave radiation explosion from WLAN technologies and cell
of sleeping pattern
term memory loss and severe memory problem
and its complexity
headaches and migraine
range of diseases in correlation to risk involvement on radio signals.
types of cancer
with chronic health healing
Health risks on the
chosen network and devices:
to the research conducted by the WHO (World health organisation), there has
been no convincing evidence found effected by the wireless signals. It further elaborate that these radio
frequency signals from wireless devices have an adverse effect to human organs.
strategy on network risk assessment:
is a process to analyse the damage, loss and harm associate to a particular
device, network or a human. Further it categorise the variation of risk and the
damage it could effect to an institute. This will enable them to enhance its
Individual performance. The assessment has been carried out in a prioritise
function. Evaluating the control measure by identify the probability of threats
a system can encounter.
are main key risk evaluation considering University of Bedfordshire scenario:
Implementation of AAA
protocols in a form RADIUS server:
Authorization and Accounting) AAA
required to implement in the network, this server program would be based on the
Remote Authentication Dial-In User Service (RADIUS). This cover the whole
network infrastructure which also known as the RADIUS of the network. It will
be placed in the server room of the main head office location. It will able to
control the request from the user to access the system its resources and source
of the system. The server will operate by interacting with the network access
and the gateway server. 4
network (VPN) installation:
private network allow an administrator to implement a secure private network
inside a public network, which will allow an access to an organisation
resources and gain privilege on the internet. In this case, considering the
network deployed by our team, the VPN has been designed which are further
extendable within the network scenario. Although these can be enhanced
considering the future requirement by the time. To create a separate
communication in a company VPN tunnels are required, this will prohibitive to
public access, there are further room to deploy an extended network in case any
third party access. This VPN deployment cover the whole access of the network
area, its devices and range comes under it. In this whole network
infrastructure any device would request to gain access will be manage privately
in the system.
Deployment of Zero
trust network scheme:
zero trust network has its own efficient switching design and its mobility. It
has an ability to measure and inspect traffic from various sources at the same
time. It has an extensive support associate with it which allow admin to
control the user and its access to the network resources. 5 Reviewing to the concept of the
network deployed by the University of Bedfordshire in this assignment, it is much
suitable and compatible in order to secure a system to avoid vulnerability to
the system which will gradually deploy to the system. However because of its
risk involvement in its arrangement it is quite complicated to the system,
which is mostly consider as its drawback.
Record keeping of
and registry of asset control, history of IT infrastructure and its deployment
throughout the business years. This is one of the major fact which allow a
company to maintain a history of its technical department and its devices, this
will influence towards the better position to further deployment in case the
migration of systems. No doubt it will enhance the infrastructure, providing
risk assessment documentation to the deploying body.
Stolen and loss of
data and devices:
and loss of data and devices in consideration to the risk assessment, physical
security and location will provide physical security to the infrastructure
which is important to keep security compliance updated, registration of assets
via local directory maintain its history and up-to-date to upcoming renewals of
/ prohibited under the limitation of the terms and policy of the IT department
and organization itself would be manage using specific software’s which
maintain IT infrastructure , providing support,
some of the available applications are these e.g Landesk, BES administration, Active Directory and so on.
is vital to follow the below strategy:
resolve internal challenges among IT department and management:
order to avoid the problem appear in the internal challenges faces by the
company, our team has taken into consideration to provide a manual for the
operation of the network and devices to remove the hazard involve in it.
has consider to update the terms and condition of IT department to process it
to the HR department of the University. It will allow the team and users to
operate its strategy according to its methodology deployed. The team also keen
to provide the documentation to the Management team in order to resolve
internal issues relate to the association of IT department and its recruitment
company is under registration to provide training to non- technical staff, it
will enable users to use the data and devices without holding a degree in IT.
One of the internal issue would be considerable to resolve recruitment, where a
team will organise a technical training centre inside its IT department this
will enable local students and graduate to gain technical knowledge to ignite
their career from home, this will clarify IT issues and department will occupy
according to its policy.
security Risk analysis and its countermeasures:
any circumstances and event with the potential impact on asset via destruction,
disclosure, modification of data intentionally or unintentionally by
unauthorized access is called threat to information technology. Hence the
present wireless network would carefully consider under security threats to
measure vulnerability and its impact on the network.
to the technical analyst experts, technical threats and vulnerabilities are
major cause of business loss which need to address and consider as a vital
operational service to the company in University of Bedfordshire.
Classified Threats and
its impact on business:
has been analyse by our team, which could affect the business and it further
threats based which can be intended and unintended
based threats can be caused by whether conditions: flood, fire and lightening.
based threats consider as independent factors: long term power failure,
pollution and interference of third factor.
vulnerabilities in the network
of threats can be caused by basic/un-effective firewall system, lack of
authentic network design will end up failure to approve, week end point devices
and VPN encryption would cause hacking issues, which lead to legal approaches
(DoS) attack. Public access and visibility of network server could result to
physical stealing and loss of data.
of network and threats:
can be prevented by following the propose countermeasures:
Mitigate environmental and natural
threats and natural disaster can be prevented using countermeasure for example:
remove unauthentic wires from electrical
equipment which save from power failure, install air conditioning service in
server room which will balance humidity inside the room. Regular maintenance of
hardware devices which help them to reduce the minor impact on physical device
such as decontamination and dust. Reinstallation and server configuration
deployment failover upon natural disaster or faulty server.
Human based threats and its
Updated User policy: In order to migrate and deployment
of new network devices it is vital to enhance and update department terms and
conditions in order to define a secure transmission of sensitive data
Follow the AAA (Authentication, authorization and
Enable DoS protection
service: the data
and communication chapter further explain the security risk involve in the
protection of network, by enabling attack prevention services e.g firewall
prone to attacks e.g DoS attack. This will have a huge impact on availability
of business and its security which need to consider by department.
Disable the SSID
broadcast: it will
enable users to provide credentials which will restrict the network from
access. However it is important to provide a guest virtual network which will
allow only limited approach to untrusted users. Access point having major key
function should relocate to critical wireless access point location e.g
WHO | Electromagnetic fields and public health. 2006. WHO |
Electromagnetic fields and public health. ONLINE Available
Accessed 14 February 2014.
ICNIRP PUBLICATION.(1998).ICNIRP GUIDELINES FOR LIMITING EXPOSURE TO
TIME-VARYING ELECTRIC, MAGNETIC AND ELECTROMAGNETIC FIELDS (UP TO 300
GHZ).Available: http://www.icnirp.org/documents/emfgdl.pdf.Accessed 08th dec
Christopher Metz. (1999). AAA Protocols: Authentication, Authorization, and
Accounting for the Internet. IEEE Internet Computing. 3 (6), p75-79
Kindervag, J. (2011). The Zero Trust Model of Information Security. Available: http://www.slideshare.net/Tripwire/the-zero-trust-model-of-information-security.
Accessed 08th dec 2017.