The Access Control Proposal addresses organizational structure and resource management by outlining specific measures to standardize and modernize IDI's IT infrastructure and processes across all locations. By establishing uniform hardware and software platforms and enhancing IT capabilities, IDI aims to streamline operations and reduce inefficiencies caused by disparate systems. The proposal includes hiring additional IT and development personnel to support the implementation of these upgrades, such as application developers in Warsaw. These efforts directly influence resource management by improving the efficiency and responsiveness of the IT department across regions. Additionally, rigorous policy enforcement, such as the Acceptable Use Policy (AUP), aims to align user behavior with organizational objectives, thereby reinforcing structure and promoting effective resource utilization .

The Access Control Proposal identifies several weaknesses in IDI's current systems that necessitate change. A major concern is the outdated IT infrastructure, including hardware and software, which increases vulnerability to security breaches. Specific issues vary by location: in Billings, this includes antiquated software such as Logisuite 4.2.2 with an expired license and incompatible office automation tools. The Warsaw office faces insufficient computing power, outdated PBX systems, and lacks proper separation of duties, risking nepotism and embezzlement. Overall, the infrastructure is patchy, lacks standardized management, and runs on obsolete configurations, compromising confidentiality, integrity, and availability—key areas the proposal aims to strengthen with proposed upgrades and standardized protocols .

Standardizing office automation hardware and software is a priority in the Access Control Proposal because it addresses several critical issues, including inefficiency, security risks, and management challenges posed by disparate systems. Non-standardized systems allow for inconsistent data management practices, making it difficult to secure, integrate, and maintain IT protocols and policies. By standardizing hardware and software, IDI can streamline processes, enhance communication, and ensure uniform application of security measures across all locations. This approach reduces operational costs, improves compatibility between systems, and facilitates smoother upgrades and maintenance activities. Standardization ultimately supports long-term organizational goals by providing a scalable and secure IT infrastructure .

The implementation of the Acceptable Use Policy (AUP) is expected to significantly bolster security and operational procedures at IDI by standardizing the expected behavior for all users interacting with the organization's IT systems. The AUP will guide the appropriate use of company resources, setting boundaries to prevent misuse or unauthorized access, which is particularly critical given the diverse and aging IT systems across different locations. By enforcing policy compliance, IDI aims to reduce security breaches caused by employees using unsupported personal devices and non-standard configurations, as noted in current practices. The AUP provides a framework that helps IT departments monitor and address violations more effectively, promoting a safer and more efficient operational environment .

The Access Control Proposal outlines several core objectives aimed at addressing challenges within IDI's infrastructure. The first objective focuses on assessing the aging infrastructure and implementing a multi-year approach to standardize hardware and software across sites, ensuring uniformity and efficiency. Another key objective is ensuring the core infrastructure can withstand 10-15% growth annually for seven years, thereby supporting future expansions. Solutions are proposed for location-specific issues, like upgrading outdated software and integrating telecommunications systems. Other objectives include conducting a comprehensive assessment of strengths and weaknesses in current systems, addressing remote and website secure access needs, preparing detailed network configurations, and final testing to confirm the functionality of installed systems. These strategies collectively aim to modernize IDI's IT infrastructure, enhance security, improve operational efficiency, and support organizational growth projections .

In Billings, Montana, several unique challenges highlight the necessity for targeted solutions. The key issues include the use of Logisuite 4.2.2, which hasn't been upgraded in nearly 10 years, leading to over 350 modifications with an expired license. This poses significant cost and time barriers for renewal. There is also a RouteSim program that lacks integration with Oracle financials, inhibiting real-time data utilization. The non-standardized office automation processes and outdated telecommunication systems further complicate operations. The original WAN setup from the early 2000s is insufficient during peak periods, causing revenue loss due to customer dissatisfaction. To address these, the proposal suggests consolidating servers, upgrading software to recent versions, replacing Oracle financials, implementing a VOIP telecommunication system, and increasing WAN bandwidth .

The proposal for the Warsaw, Poland office focuses on several crucial updates. These include replacing the IBM Infinity hardened server with a new proxy server, hiring a new in-house application developer, and converting the outdated Siemens Saturn series PBX with desktop phones to a VOIP system. Enforcing the current Acceptable Use Policy (AUP) is also part of the plan. These changes are intended to tackle issues such as insufficient computing power, outdated server and telecommunication systems, and lack of policy enforcement. Enhancing telecommunication efficiencies and IT capabilities are vital for supporting IDI's strategic growth plans into the Middle East and Asia, ensuring the Warsaw office can meet future demands while minimizing risks like nepotism and security breaches .

IDI's approach to access control is heavily influenced by the existing risks and vulnerabilities within its IT infrastructure. The organization faces challenges such as a 'hodgepodge' of different technologies running across sites, outdated hardware and software, and a lack of uniform IT security and access management practices. Given these vulnerabilities, the need to ensure confidentiality, integrity, and availability of data is critical. As different IT systems and applications operate on various configurations, the inconsistency increases exposure to security threats. The outdated infrastructure and lack of patches further exacerbate these threats. Consequently, IDI's access control proposal includes plans for a comprehensive upgrade to unify IT systems and apply robust access management protocols to minimize risks, standardizing the infrastructure across all locations .

Transitioning to a VOIP system in both Billings and Warsaw offices promises several benefits. VOIP (Voice Over Internet Protocol) provides greater flexibility and scalability compared to traditional telephone systems. It allows for easier integration with existing computer systems, offering enhanced features such as video calls and conferencing, call forwarding, and voicemail-to-email functionality. In terms of cost, VOIP can reduce telecommunication expenses by utilizing existing internet infrastructure, eliminating the need for separate voice and data lines. This upgrade addresses the limitations of outdated PBX systems in both offices, aiming to improve communication efficiency, support growth, and enable a unified communication platform that can better serve customers and internal operations .

The Access Control Proposal plans to ensure the network can handle continual growth by designing the core infrastructure with the capacity to withstand a 10-15% annual growth rate over the next seven years. It includes implementing a three-to-four year phased technology refresh cycle to keep systems updated and capable of meeting new demands. This involves upgrading hardware and software platforms, such as consolidating servers and implementing newer versions of Windows servers, to provide a robust foundation for expansion. Additionally, enhancing the WAN to a T1 MPLS increases bandwidth capacity, supporting higher data volumes and peak period demands. These measures are designed to maintain system performance and security despite growth-related challenges .