Professional Documents
Culture Documents
Capstone Proposal Task 2 V2
Capstone Proposal Task 2 V2
Capstone Proposal Task 2 V2
Table of Contents
Proposal Overview......................................................................................................................................3
Problem Summary..................................................................................................................................3
IT Solution...............................................................................................................................................4
Implementation Plan................................................................................................................................4
Project Rationale.........................................................................................................................................7
Methodology.............................................................................................................................................10
Outcome....................................................................................................................................................14
References.................................................................................................................................................16
Appendix A:..............................................................................................................................................17
BUILD & SECURE DATA CENTER 3
Proposal Overview
The problem FakeBiz is currently experiencing is that since inception it had never had a
need for a physical data center. Data centers are extremely complex and can provide many
challenges for a company. FKM Enterprises has been awarded a contract to design, build and
secure the new data center for FakeBiz. FKM Enterprises with work with FakeBiz and SoftMicro
to migrate the existing infrastructure to the new datacenter while also creating and implementing
security measures.
Problem Summary
FakeBiz which began as a reseller of communications services has now grown to regional
service provider and is now looking to compete with larger companies in the same business
space. With the growth and their aspirations to take on bigger providers they are confronted with
a problem. The problem being that their current environment is running slow because they have
virtualized the systems and their network with a third-party cloud provider named SoftMicro.
FakeBiz has system and network administrators as well as engineers on staff but they are having
a difficult time managing theory systems because they have implemented an Infrastructure-As-
A-Service (IAAS) model that cannot meet their needs. As another issue, SoftMicro’s datacenter
was physically compromised last month and confidential data was breached. The incident
happened when 2 people impersonating maintenance employees entered the data center to repair
a condensing unit issue. Luckily FakeBiz’s customer data was not affected by the breach. This
latest event prompted FakeBiz to look at other option that would ensure physical security of the
company’s data. SoftMicro has agreed to ship the hardware FakeBiz has purchased as part of the
IT Solution
FKM Enterprises has proposed to migrate the existing infrastructure that is currently
being hosted by SoftMicro. FKM Enterprises will survey the area designated by FakeBiz to be
the new data center. After the survey we will draw up the floorplan. We will coordinate the
transportation of the racks and server hardware to the new facility. We will then reassemble the
racks and server hardware in the designated locations and connect them to the corporate network.
During the coordination with SoftMicro we will install the security measures to ensure there will
be no unauthorized access breaches. FKM enterprises will accomplish this with the help of its
empl0yees and assistance from the FakeBiz IT department once the space is ready for
installation. The proposed security solution would secure doors with magnetic locks with badge
reader access. We will also install security cameras, security desk, emergency exit signs, any and
all standards require by local code ordinances and the risk management framework.
Implementation Plan
The project will begin shortly after the site survey is completed and the designs are
approved by FakeBiz stakeholders. A basic floor plan was provided to us by FakeBiz to use
while performing the survey. Although not currently listed on the floor plan the new data center
space already has the necessary ventilation to support a data center including a raised floor with
electric and cable management systems for the data cabling. The new space also has an
operational FM200 fire suppressant system. Once the plans are approved, we will begin
installing the security appliances such as the bad readers, magnetic door locks and surveillance
cameras. In tandem we will be coordinating the transportation of the racks and server hardware
with SoftMicro and working with FakeBiz’s business internet team to install a new 10GB optical
carrier circuit (OC-192) to support the new traffic that FakeBiz is projected to have. We will
BUILD & SECURE DATA CENTER 5
monitor the progress of the installation of each server and security appliance to ensure that we
1. Having a data center adds another level complexity in your environment. Having control
of the data center is very important. Control over not only the cooling, but the
infrastructure and the security. I reviewed “5 steps to secure your data center”. It is an
article on how to secure your data center properly. The first step in the article states to
“get physical”, they are stating that the physical access needs to be closely guarded. The
article states that data center managers might begin with more difficult tasks such as
securing access to the servers or network resources. Corbin Miller IT, security manager at
NASA’s jet propulsion laboratory, prefers to start by locking down the physical security
of the data center. (Yasin,2009) During the planning phase many people overlook the
physical security and focus more on patching, network and system access or other non-
physical security tasks. FakeBiz has set priority the physical security of the data center
2. Amazon Web Services (AWS) manages one of the worlds largest data centers and is good
practice for FakeBiz to follow large IT industry leaders are implementing in their own
data centers. As an example, AWS only allows authorized personnel into the physical data
centers. All employees that wish to gain access to the data center must first request access
with a valid business justification. The justification required are for operational support
purposes and include change requests to upgrade, replace, maintenance or other critical
tasks. The requests when granted follow the principle of least privilege and the requestor
must specify what location, rack and bay in the rack will be affected by the work and also
BUILD & SECURE DATA CENTER 6
a timeframe needed to perform the work. (Butler, C., & Rollnick, S. 2003) Having these
policies in place are to ensure that no change or unauthorized access breaches happen.
Once the request is approved by the authorized personnel the requestor will gain access to
the requested location and is then restricted to the area for the requested time. This entire
process that is followed by AWS will also be part of FakeBiz”s standard data center
operating procedure.
3. Another article I reviewed specifically about migrating from your cloud infrastructure to
your on premise infrastructure because of security concerns stated that 80 percent of the
400 IT decision-makers who participated in IDC’s 2018 Cloud and AI Adoption Survey
said their organization has migrated applications or data that were primarily on the public
cloud back environment to on premise. On the same survey, respondents said they would
plan to move 50 percent of their public cloud application to either a private cloud or non-
cloud environment in the next 2 years. (Haranas, M. 2018, August 13) FakeBiz has the
same concern as the respondents of the survey. Because of the security concerns it has
against SoftMicro they will bring their infrastructure back on premise where they can
4. The last article reviewed is about when it is best to keep operation on-premise. The writer
of the article states that if you have any systems that need high security, requires legacy
hardware or is critical to the business it is best to keep these systems on premise. Another
uneconomical. This article relates to the same reasons FakeBiz has decided to build their
own data center to secure their systems and data. (Edwards, J. 2019, April 15)
BUILD & SECURE DATA CENTER 7
Project Rationale
Now that you have viewed our proposed solution and the implementation plan, we will
look at why FKM Enterprises is the best choice for your project. There is real risk involved if
your data center is not secured correctly. You could fall victim to theft as did the CI host data
center in 2007. The theft amounted to sensitive data loss and hundreds of thousands of dollars in
hardware were stolen. The CI host data center had multiple successful break-ins. (Goodin, D.
(2007) Many businesses fall victim to this type of crime every year and cause revenue loss,
business continuity issues and loss of credibility. We also have to think about how long it would
take to recover the lost data and stolen hardware. With the solution FKM Enterprises proposed
Let’s take a look at another major concern of FakeBiz. 2017 witnessed some data slip-ups
by the world’s top cloud providers according to the list releases by Cybersecurity Insiders.
Accenture – World’s first Cyber Resilience startup UpGuard discovered that 4 AWS S3 buckets
were not secured properly and exposed 137GB of data and some was siphoned off and sold on
the dark web. Verizon- Nice Systems, a third-party vendor misconfigured an AWS S3 bucket
which exposed the names, addresses, account numbers and pin numbers of millions of
customers. Booz Allen Hamilton – Hired UpGuard to carry out a security assessment of internal
and external computer systems. The assessment discovered 60,000 files were on public access on
an AWS S3 bucket owned by an intelligence and defense contractor of Booz Allen. The cache is
said to have exposed 28gb of senior engineer credentials and password of US Government
systems and many files with no encryption containing password of contractors with top secret
clearance. Republic National Committee – A security flaw in an AWS S3 bucket exposed 198
million voter’s personal information. Election System & Software – This system stores the
BUILD & SECURE DATA CENTER 8
information of all registered voters in Chicago. An engineer accidentally configured the AWS S3
bucket for public access exposing all 1.8 million voter’s personal information including their
social security number. (Goud, N. 2017) These breaches are just a few of the multitude of
breaches that have happened in the past several years. The proposal set forth by FKM Enterprises
will reduce the risk not only by physically securing your data center but by bringing your
infrastructure to your facility. Having your data on premise would add a secondary layer of
security as a hacker would need to break into your public network to gain access to the private
network and then would have to find where on your private network the servers with the
On appendix A you will find the barebone floor plan provided by FakeBiz. With this floor
plan we can begin to place and install the proposed security measures. The area allocated for the
data center is within a building that is currently patrolled by guards on a 24/7 basis. The
approved area currently has HVAC installed to support the new data center hardware and keep
the location in the optimal temperature and humidity rage of 70 degrees and 45% humidity
(“Recommended Data Center Temperature & Humidity”,2017) It is imperative for the life and
functionality of the hardware being installed in the data center are kept in a climate controlled
area with the prescribed temperature and humidity. The doors in the proposed area have
magnetic locks in place but do not have security controls. The data center space has no security
personnel in place. The data center has 2 redundant power sources available to maintain the
operation of the center if commercial power were to fail. There is a raised floor from the hallway
through to the communications closet. The raised floor is also prepped to install future hardware
racks. This is a plus as we will not have to prepare the floor to support the extra weight of the
racks with the installed hardware. Below the raised floor we found electrical wiring to each area
that is prepped for rack installations. We also noticed that the power was evenly distributed
between 8 distribution points that led back to a four 40KVA online ups units that were attached to
commercial power and to a generator bypass. During inspection we found that the subfloor also
had the required conduit to run the redundant data cabling needed for the hardware being
installed. Each rack location had 2 conduits so we can run cabling from 2 different segments of
the network which would provide redundancy and better availability of the systems.
BUILD & SECURE DATA CENTER 10
Methodology
For the project we envisioned using the SDLC methodology since it works very well for
1. Planning- In this stage we took the floor plan provided by FakeBiz and we analyzed
the current state and envisioned the future state of the space.
2. Design- In this step we took our vision and designed the space to include our security
also looked at ways to minimize the down time users and customers would be
3. Implementation- This stage is where we will begin to install the security measures
such as the badge readers, cameras. In this stage we will work with FakeBiz &
SoftMicro on the logistics for the transportation and installation of the racks and
servers.
4. Testing- During this stage we will begin to test and validate the security solutions
have been installed properly and validate the functionality of them. Likewise, we will
be testing the hardware that was migrated from SoftMicro and ensure it is operational
and has been integrated with your local network and can be accessed internally and
externally.
delivered the finished products to FakeBiz. You company would need to maintain the
systems that have been installed on an ongoing basis while also reviewing the current
The proposed project plan with achieve the required deliverables set forth by Fakebiz.
The goal of the project will be to build a functional and physically secure datacenter. To support
the successful completion of the goal there will be several objections. The first objecting will be
to provide FakeBiz a datacenter design with the required security elements to ensure the facility
is protected against unauthorized breaches. We will also be including a floor plan that would be
used to show placement of the migrated hardware and the locations that can be used for future
expansion of the datacenter. The second objective will be to provide FakeBiz with a standard
operation procedure (SOP) manual to assist FakeBiz with the continual support and operations of
the datacenter and its systems. With the manual they will be able to maintain and operate the
datacenter and standardize the operations. It will also assist with headcount planning as it will list
the roles and responsibilities of all the roles needed to maintain the datacenter efficiently. The
last objective will deliver the physical data center including the migrated hardware from
SoftMicro. This objecting will also deliver the installation of all structured cabling required to
interconnect all the arriving systems to the current network via the provided switches and a new
10GB internet connection to support the projected new traffic. During the installation of all the
cabling We would require the cabling vendor to tag, label and validate each run. A report would
be required for each run and the report would include the range capable of the cable including
the category ethernet and the throughput of the cable. We will also be working with SoftMicro to
coordinate the transportation of the racks and servers. We will also work with SoftMicro to view
usage pattern reporting to schedule the migration during off hours or low utilization times to
Duration
Milestone or deliverable Projected start date Anticipated end date
(hours or days)
Overall Datacenter
3 days 12/02/19 12/04/19
Security Design
Floor plan with rack
4 days 12/04/19 12/09/19
location and systems
Datacenter management 4 days 12/09/19 12/12/19
plan
Hardware, Cabling and 21 days 12/09/19 12/30/19
Outcome
The project will be focus three main outcomes: To migrate the existing hardware from
SoftMicro to the new FakeBiz datacenter and to secure the datacenter to prevent unauthorized
access. To measure the success of the migration we will monitor the progress of the progress of
would have to continually hack checkpoint meeting to review where we are in the process and to
ensure there are no blockers or issues that may be preventing progress. Since this phase of the
project is 21 days, we would need to ensure that we work with the FakeBiz business internet
team and the wiring vendor to ensure the complete their tasks in 7 days. During the installation
of the cabling we will coordinate the migration with SoftMicro for the transportation of the racks
and servers to begin on day 8 of the phase. This would allow 14 days to complete the migration
to the new facility. To measure the success of the migration phase we would ensure that 50% of
the hardware be completed by day 12. This tells us that we can migrate the remaining 50% of
hardware in 5 days which would leave 6 days to test, validate and correct any issues.
The second measurement would entail the security of the facility. This would be measure
by ensuring that we have all the surveillance, access control, and security personnel are in place
by the 8Th day of the of the hardware installation day. This deliverable is needed this early
because by the 8Th day we will have SoftMicro delivering the first shipment of racks and servers
that will be installed in the new datacenter. The completion of the security phase would be the
deciding factor if we would be able to begin the installation for the hardware from SoftMicro on
time. The success of this phase will be measured by the fact that the installation phase started on
time.
BUILD & SECURE DATA CENTER 15
The third and final measurement is stakeholder acceptance. Ensuring that the customer is
happy with the deliverables and the outcome of the entire process taken for the project to be
completed. As FakeBiz continues to grow and enter new markets the size of the data center will
References
Butler, C., & Rollnick, S. (2003). Compliance. Retrieved November 20, 2019, from
https://aws.amazon.com/compliance/data-center/controls/.
Haranas, M. (2018, August 13). Businesses Moving From Public Cloud Due To Security, Says
IDC Survey. Retrieved November 20, 2019, from https://www.crn.com/businesses-moving-from-
public-cloud-due-to-security-says-idc-survey?itc=refresh.
Goud, N. (2017, October 24). Top 5 Cloud Security related Data Breaches! Retrieved November
20, 2019, from https://www.cybersecurity-insiders.com/top-5-cloud-security-related-data-
breaches/.
Goodin, D. (2007, November 3). Masked thieves storm into Chicago colocation (again!).
Retrieved November 20, 2019, from
https://www.theregister.co.uk/2007/11/02/chicaco_datacenter_breaches/.
Edwards, J. (2019, April 15). When It's Right to Keep Operations in On-Premises Data Centers.
Retrieved November 21, 2019, from https://biztechmagazine.com/article/2016/12/when-its-right-
keep-operations-premises-data-centers.
BUILD & SECURE DATA CENTER 17
Appendix A