| IT Infrastructure Support Monitoring and Cyber Security |
Introduction
The objective of this assignment is to develop learners’ problem-solving skills, analytical skills and writing skills on IT infrastructure support, monitoring and cyber security. The tasks in this assignment require learners to do research (for materials) and learn the concepts of IT infrastructure operations, management, and cybersecurity. This assignment also requires individuals to be aware of how to monitor and report incidence response and planning for the implementation.
TASK
This assignment requires learners to write a report to be addressed to the key stakeholders on their findings for the ABC BANK banking system and the case study is attached in Annex A.
Based on the case study provided in Annex A:
i.Discuss the IT infrastructure that needs to be monitored with the bank’s service outage and potential risks, also consider:
- customer’s demand;
- System downtime;
- MAS guidelines
- MAS Technology Risk Management
- MAS Notice 664A TRM
ii. Describe the required information to be gathered from the relevant sources and stakeholders to understand the root cause of the issue.
iii. Perform root cause analysis for the issue.
iv. Use relevant tools and resources required to perform root cause analysis.
v. Discuss the recommendations – immediate corrective actions that need to be performed.
vii. Describe the proactive maintenance and support tasks that need to be performed for preventing future service and system outage.
VIII. Explain what should be the mitigating controls e.g. workarounds, fixes, and patches.
Write a report to be addressed to the key stakeholders that may include the following, not more than
Introduction to the report
Incidence Response and Planning for the implementation
Conclusion to the report
Reference (In-text citation & end text citation)
Case Study
ABC BANK is one of the largest financial services groups in Asia with operations in South-East Asean markets. Headquartered in Singapore, ABC BANK is a well-capitalized bank with “AA-” and “Aa1” credit ratings that are among the highest in the Asia-Pacific region.
As a bank that specializes in Asia, ABC BANK leverages its deep understanding of the region, local culture and insights to serve and build lasting relationships with its clients. ABC BANK provides the full range of services that incorporate, SME, consumer, and wholesale banking activities across Asia and the Middle East.
ABC BANK signed a 10-year outsourcing deal with ProFlex Solutions Pte Ltd valued at S$1.2 billion in November 2002. That deal included the transfer to ProFlex Solutions Pte Ltd of 300 ABC BANK IT staff based in Singapore and Hong Kong. The scope of the agreement was broad, with ProFlex Solutions Pte Ltd agreeing to “provide an integrated 24/7 customer help desk support, manage many of ABC BANK’ current applications, and provide systems management disciplines across the bank,” according to a press release announcing the deal.
As part of the agreement, ProFlex Solutions Pte Ltd also built new IT facilities in Hong Kong and Singapore, which used “the very latest computer technologies to further improve the processing power, security and back up capability of ABC BANK’ IT operations,” the statement said. ABC BANK retained direct control over many key IT functions, including IT strategy and architecture, IT security and “strategic projects,” it said.
ABC BANK and ProFlex Solutions Pte Ltd announced on 04 August 2019 that the portion of the investigation into the ABC BANK systems outage on 5 July 2019 related to determining the cause of the incident has been concluded. ABC BANK and ProFlex Solutions Pte Ltd jointly provided a detailed account of events which preceded the outage.
Chronology of Events preceding the outage
ProFlex Solutions Pte Ltd determined that a repeated failure to apply the correct procedure when addressing instability in the communications link of the storage subsystem resulted in the service outage on 5 July 2019.
ProFlex Solutions Pte Ltd’s immediate priority was to ensure that customer data was not in any way compromised while services were being restored as quickly as possible. ABC BANK’ services were restored the same morning with full and complete data integrity.
Prior to the outage, the following events took place:
• 3 July 2019, 11.06am: ProFlex Solutions Pte Ltd software monitoring tools sent an alert message to ProFlex Solutions Pte Ltd’s Asia Pacific support centre located outside of Singapore. It indicated there was instability in a communications link in the storage system which was connected to a mainframe. At this point, the storage system was functioning. A ProFlex Solutions Pte Ltd field engineer was despatched to the ABC BANK data centre and was given approval by ABC BANK to repair the machine.
- 3 July 2019, 7.50pm: The cable in question was replaced. The ProFlex Solutions Pte Ltd field engineer did not use the machine’s maintenance interface but used the instructions given by the support centre. Although this was done using an incorrect step, the error message ceased. The storage system was still functioning.
- 4 July 2019, 2.55pm: The error message reappeared. This time, it indicated instability in the cable and associated electronic cards. The ProFlex Solutions Pte Ltd field engineer was despatched for the second time to the data centre. He diagnosed and escalated the issue to the regional ProFlex Solutions Pte Ltd support centre.
- 4 July 2019, 5.16pm: Based on instructions from the regional ProFlex Solutions Pte Ltd support centre, the cable was removed for inspection and reseated, using the same incorrect step. The error message ceased. The storage system continued functioning.
- 4 July 2019, 6.14pm: The error message reappeared. Over the next five hours and 22 minutes, the regional ProFlex Solutions Pte Ltd support centre analysed the log from the machine and recommended to the field engineer that he unplug the cable and check for a bent pin. The storage system continued functioning.
- 4 July 2019, 11.38pm: The ProFlex Solutions Pte Ltd field engineer did not find a bent pin and reseated the cable. The error message persisted. The storage system was still functioning and able to communicate with the mainframe. The regional ProFlex Solutions Pte Ltd support centre and the ProFlex Solutions Pte Ltd field engineer continued diagnosing the issue, including reseating the cable for a second time.
- Subsequently, ABC BANK was contacted and authorised a cable change at 2.50am, a quiet period, which is standard operating procedure. While waiting to replace the cable, the ProFlex Solutions Pte Ltd field engineer decided to inspect the cable again to ensure that it was not defective and that it was installed properly. He then unplugged the cable for inspection using the previous incorrect procedure recommended by the regional ProFlex Solutions Pte Ltd support centre.
- • 5 July 2019, 2.58am: The cable was replaced using the same procedures. This caused errors that threatened data integrity. As a result, the storage system ceased communicating in order to protect the data.
At this point, ABC BANK banking services were disrupted.
If the correct procedures had been used, the storage system would have automatically suspended the communications link and the machine would have instructed the engineer to replace the cable and both cards together and maintain redundancy of the system.
As data integrity is considered a higher priority than availability, the storage system is designed to automatically cease communicating under these conditions. In doing so, the system preserved full data integrity.
In spite of the machine’s high availability and redundancy, these incorrect procedures caused the outage.
Recovery actions following the outage
immediately after the outage had occurred, ProFlex Solutions Pte Ltd informed ABC BANK and an onsite technical command function comprising ABC BANK and ProFlex Solutions Pte Ltd.’s staff was activated by 3.40am.
The immediate priority was to ensure that customer data was not in any way compromised while restoring services as quickly as possible.
This process required time to ensure that data integrity was maintained. This included careful efforts to reconcile data in the cache and disk within the storage subsystem.
A restart of the systems was initiated at 5.20 am. Banking services were restored progressively from 10 am to 12.30 pm on 5 July 2019.
ProFlex Solutions Pte Ltd restored the system with full data integrity.
Regional General Manager, ProFlex Solutions Pte Ltd ASEAN Ms. Smita Tan once again apologized to ABC BANK and its customers for the inconvenience caused by this incident. She said that the corrective and preventive actions which they took were of the highest priority for ProFlex Solutions Pte Ltd. They have also taken steps to review installations of the same storage system at other financial institutions in Singapore for whom they also currently provide maintenance services
Answer ALL the questions
1.Identify any five features of a well-defined VPN.
2.Explain what a data mining model is.
3.Identify any three types of data mining model.
4.The diagram below illustrates interaction between two cloud service consumers
(A and B) and two virtual servers (A and B) hosted on a cloud.
The limited information is provided in the Figure 2b.
Identify five types of cyber-attacks and provide a brief explanation justifying the threat of each proposed attack that could potentially be carried out if any of the programs outside of the cloud were malicious.
5.Explain what IDS (Intrusion Detection System) is and why it is important to a banking environment.
6.Identify four main categories of networks used in the finance sector.
1.In your own words, explain why IT security is important to the Financial sector.
2. Based on what you learned, what would be the considerations you would look into when setting up a VPN.
