The Marine Biological Association

The Marine Biological Association (MBA) is a collectively owned, independent organization and charity established in 1884. The MBA provides research and education on the diversity of marine life and habitats to promote understanding of their importance and help sustain them for future generations. The MBA is a typical institution: it has an object or goal; it undertakes activities to achieve these goals; its work is funded through membership subscriptions, grants, donations, and bequests. The MBA operates as one of the few remaining organizations in modern society which can still operate as an independent charitable trust using only voluntary contributions (Muller-Karger et al., 2018). This assignment describes the mitigation options for issues relating to the continuity and recovery of the Marine Biological Association. As an independent charity, the MBA mainly depends on voluntary contributions from its members and others. Therefore, it cannot be exposed to the same risks as other institutions because it relies upon its resources.

Critical Infrastructure Relevant To All Items

I would provide centralized solutions whereby the MBA would rely upon its resources and decentralized solutions through cloud computing. Currently, the MBA runs on a Windows-based installation, but this is not robust for high volumes of data and is not future-proof. The current system has limited capacity and will soon exceed it. All data, including user data, must be backed up regularly by a purpose-built, highly secure server hosted in-house or possibly in a third-party commercial organization (Patel, 2019). Application data would then be backed up to the centralized server, which could mirror the user’s device via virtualization or cloud solution. Notably, the main goal of the application data backup would be to provide a security system to ensure that the data can only be accessed by current members or authorized staff.

Additionally, I would provide a recovery plan whereby access to all of their data is maintained and recoverable from either their local premises or possibly from third-party commercial organizations. I would also backup other facilities, such as its website, which will become increasingly important in ensuring public support for its future work. The recovery plan would include a detailed description of the strategy and how it would be undertaken and launched. The critical part of the recovery plan would be to ensure that the data is backed up and stored before trying to access it, which would hopefully contain all of their critical data. The recovery plan would follow a backup strategy whereby this data is backed up and stored regularly (Patel, 2019). The backup strategy would be to back up this data daily and store it within the system to prevent accidental loss. Ideally, this would also include ensuring that all data is backed up off-site outside the main building or on a separate disk with firewalls in place.

Moreover, I would have a strategy whereby the data is backed up from various locations and stored within the MBA system. I would also have a disaster recovery backup plan whereby if the system fails, all of the data can still be recovered. The final key element of this plan would be to ensure that regular backups are taken and stored with a reliable third party such as a data center to continue work should they encounter any problems. The key system of the MBA, which has been in place for several years, is its website (Patel, 2019). Notably, the MBA relies heavily on this website to provide its members and other interested parties with information and support.

There are two ways that the MBA could back up their website; firstly, they could host it themselves using their systems. Secondly, they could outsource this to a third-party organization that would host it for them and makes it more resilient. Consequently, I would create a backup system whereby a backup server automatically loads if the site fails to load, one of the recommended ways of recovering from a disaster or crash. I would also provide a backup plan whereby I would back up all of the data from the website and store it on the MBA’s servers or possibly on a third-party server (Patel, 2019). I would recommend that the MBA follow the policy described above, where possible, to back up their critical data. Therefore, they would have a better chance of recovering from future problems or accidents.

The MBA relies upon its members to continue with its work, and I would recommend that they promote the continuation of membership and ensure that their members are kept up-to-date with news and developments. In addition, I would also recommend that a contingency plan be put in place where if the final member dies or leaves, then the MBA continues to exist and can continue to provide services to its students and other individuals (Patel, 2019). Therefore, MBA provides regular training in IT so that if staff leave, they can pass on their skills to other MBA staff.

Key Systems

Various vital systems will allow MBA to operate, which is the key to its operation. The systems are as follows;

1. The IT infrastructure. This will include its network and network security. One of the critical systems that will allow it to operate is the email system, and I would recommend that they use a host of online services to provide their essential services (Tabrizchi & Kuchaki Rafsanjani, 2020). Thus, the webserver must be enabled with a state-of-the-art Web-based email system. I would also recommend that the website is hosted on an up-to-date and secure server, with virus protection software installed and data encryption on all encrypted data stored on their system or server. The whole site should be monitored for intrusions or hacking attempts, alerting immediately to thwart potential attackers. Remarkably, it would be advisable to have an up-to-date backup repository to ensure that the critical data is backed up regularly.

2. The IT security system will include security for its entire network, irrespective of the operating platform or software used. I would recommend investigating and implementing a range of access control mechanisms that define who can access what information and resources and how they can access them (Tabrizchi & Kuchaki Rafsanjani, 2020). Such security access includes the Role-Based Access Control (RBAC), which identifies a user’s priorities and grants the necessary authorization. In addition, an additional security layer should be added for authentication, such as the multifactorial authentication procedures. I would also recommend that the MBA restrict physical access to its most sensitive equipment; it should be located in a secure area, and doors should only be opened by authorized staff.

3. The security software and hardware will include various options such as firewalls, intrusion detection systems, virus utilities, and password protection. I recommend that the MBA use IT security software like Symantec’s Norton suite. Furthermore, I would recommend that the system uses access control lists, network monitoring tools, and various intrusion detection systems (Tabrizchi & Kuchaki Rafsanjani, 2020). Additionally, I would also recommend that there is a real-time backup of all essential files, which are stored on a secure server. Therefore, the MBA should also consider using security utilities to run regular scans and check the system for potential risks or data loss.

4. The MBA would also have its security to ensure that data and information are secured from any potential threats. I would recommend that they have a separate system within their network that they can use to store secure data and back-ups, which are not accessible by all staff (Tabrizchi & Kuchaki Rafsanjani, 2020). Notably, this should be done on a very secure system with limited network access and should also employ intrusion detection systems to ensure that sensitive data is not inadvertently released.

5. The MBA’s restoration process would include the entire restoration process and would be used to get the business running again as soon as possible. I recommend that they research and implement a disaster recovery plan whereby all critical files are backed up daily; this data is stored on a secure and remote server (Tabrizchi & Kuchaki Rafsanjani, 2020). Lastly, I would also recommend that their entire system be regularly backed up; they should restore this onto a test server before transferring it to their central system.

6. The site content and structure will include several important links, but many other links are not evident to the general public and are only known to those within the organization. I would recommend that it has a complex hierarchy of tightly-controlled hierarchical data. Additionally, I would recommend that it be search engine friendly as people need to find specific information quickly when they need it (Tabrizchi & Kuchaki Rafsanjani, 2020). Therefore, the site should have a logical and easy structure to follow.

In conclusion, MBA’s business survival is dependent on its ability to provide vital services to its members, which includes training and support. Furthermore, it would be essential for MBA to ensure that insurance is in place so that if any disaster or damage occurs, they can cover the entire cost of repair or replacement. Therefore, I would recommend having a contingency plan that includes insurance to minimize the disruption due to any disaster. Particularly, MBA must have a sound IT infrastructure to respond promptly and efficiently during an emergency. It is recommended to back up data and store it in the MBA system and a third-party organization. The MBA is also recommended to promote the continuation of membership and ensure that its members are kept up-to-date with news and developments.

References

Muller-Karger, F. E., Miloslavich, P., Bax, N. J., Simmons, S., Costello, M. J., Sousa Pinto, I., … & Geller, G. (2018). Advancing marine biological observations and data requirements of the complementary essential ocean variables (EOVs) and essential biodiversity variables (EBVs) frameworks. Frontiers in Marine Science, 211.

Patel, V. (2019). A framework for secure and decentralized sharing of medical imaging data via blockchain consensus. Health informatics journal, 25(4), 1398-1411.

Tabrizchi, H., & Kuchaki Rafsanjani, M. (2020). A survey on security challenges in cloud computing: issues, threats, and solutions. The journal of supercomputing, 76(12), 9493-9532.