Professional Documents
Culture Documents
Securit
y
Improv
ement
Initiati
ve
2015
Project Report
Prepared for:
Prepared by:
Aminah BarnesCannon
Professor of English, Washington State
University
Joe Reese, Christina Kwong, Myron Jenkins, and Jeff Girmus
Engl. 402 - Team 4
Page | 1
Date:
To:
From:
Subject:
Due to the recent security breach in August 2015 and with permission from the
Office of the President, Engl. 402 - Team 4 has begun an initiative to improve
security of our Information Technology (IT). This project, known as the Security
Improvement Initiative of 2015, aims to help minimize the risk of breach of our
personal data contained in WSU IT systems. This project delivers a new website for
WSU students and faculty that is accessed directly from myWSU and BlackBoard
websites. This site provides security tips and information related to help everyone
protect information here at WSU. The site contains additional security tools aimed
to help our users maintain security, while safeguarding their personal information.
The project collaboration began envisioning phase on October 26, 2015, developing
security concepts for the site. On Monday November 2, the execution of the project
was fully underway and began developing content and the website. As of
November 8, the website was completed and usability studies have commenced
and completed on November 15.
This letter of transmittal letter provides a project report of the work completed and
its accompanying results. The report contains full details on the project
background, design and development results, conclusions, and recommendations.
In addition, this report contains screenshots of website product itself and all
pertinent security enhancing content for your review.
We appreciate the trust you have shown in allowing us to perform this project on
the behalf of Washington State University and we look forward to your feedback on
any of the activities we performed. If you have any questions or concerns please
contact Team 4, at joseph.d.reese@wsu.edu or at 503-313-7774.
Page | 2
Executive Summary.................................................................................................... 3
Introduction................................................................................................................ 3
Research Methods...................................................................................................... 3
Project Approach..................................................................................................... 3
Project Task Details.................................................................................................. 4
Task 1 - Gather Security Information....................................................................4
Task 2 Build Test Website...................................................................................4
Task 3 Populate Site Content.............................................................................4
Task 4 Test Usability........................................................................................... 5
Task 5 Conduct Site Analysis............................................................................. 5
Task 6 Research Methods................................................................................... 5
Task 7 - Results..................................................................................................... 5
Task 8 - Conclusions............................................................................................. 5
Task 9 Executive Summary and Introduction.....................................................5
Design Concerns..................................................................................................... 5
Project Resources and Tools.................................................................................... 5
Results........................................................................................................................ 6
Home Page.............................................................................................................. 6
Password Tips.......................................................................................................... 6
Changing Password................................................................................................. 6
Service Advice......................................................................................................... 7
Contact Page........................................................................................................... 7
Conclusions................................................................................................................ 7
Recommendations...................................................................................................... 7
Appendix A............................................................................................................... 8
Page | 3
Executive Summary
The Security Improvement Initiative of 2015 project report gives detailed
information regarding product and project execution for the Security Improvement
Initiative of 2015. Due to the recent security breach in August 2015 and with
permission from the Office of the President, Engl. 402 - Team 4 completed an
initiative to improve security of our Information Technology (IT). This project, known
as the Security Improvement Initiative of 2015, aims to help minimize the risk of
breach of our personal data contained in WSU IT systems. This project delivers a
new website for WSU students and faculty that is accessed directly from myWSU
and BlackBoard websites. The project began on October 26 and completed all
planned work on November 15. Deliverables for this project include:
Introduction
The Security Improvement Initiative of 2015 will create a prototype product (e.g.
website) targeted to increase security regarding access to WSU IT systems. Its
goals include protecting our most vital and personal information, promote proactive
user account monitoring, improve user knowledge around security best practices,
and minimize information breach on an individuals private data. Long-term goals
include integration (site linking) with MyWSU and BlackBoard that allow simple and
easy navigation to this educational security information. In addition, this prototype
demonstrates ease of security warnings and notification to both students and
faculty. Overall, this site will help drive increased awareness regarding security best
practices, imparting this knowledge to users to enact it against WSU IT systems.
Research Methods
Project Approach
The Security Improvement Initiative of 2015 project was structured into two main
phases Product Development and Project Report and Analysis. The phases were
subdivided into multiple tasks and assigned individual resources on the project
team. Work progress was tracked via BlackBoard Tasks and visible to all of the
project members.
Project plan overview (see below):
Page | 4
Page | 5
Task 7 - Results
Results task combines all the analysis and findings together in an orderly fashion,
along with being a prerequisite task for Conclusions. The purpose of this task is to
understand how the website impacts the users experience for improving security.
Task 8 - Conclusions
Conclusions task reviews and accesses the information gathered to date to evaluate
it regarding this project. Evaluations of the website will indicate the degree of
success achieved by this program and its desired reach of improving security to
WSU IT Systems. .
Design Concerns
We selected a website as our product aimed to help improve security, but
collectively have minimal design experience across our team. We opted to select a
minimal webpage design, to keep things simple and the site functionality easy to
use. While we believe project goals were achieved, additional time to thoroughly
test the site is needed to quantify the findings. Additionally, Washington State
University wireless internet has blocked weebly due to the security breaches. In
order for our website to be used effectively we would need WSU to unblock weebly
so students and faculty could use our website on campus.
Page | 6
Results
Together, Team 4 was able to create a viable and working prototype website that
provides rich information regarding WSU account management and password best
practices. Students and Faculty will access the site information via a web browser
at http://wsusecurity.weebly.com/contact.html.
PCs and other devices with a web browser can navigate to the site to obtain
information. The security web site supports multiple platforms ranging from PCs,
tablets, and mobile devices, while also working across all major platforms such as
Apple, Google, and Microsoft. Initially, we developed the site in English, but adding
additional languages (localized) over time as audience requirements shift is easy to
do based on the modular design of the site. In addition, we suggest hosting this site
through existing WSU websites will allow all of our students and faculty access to
the information.
The prototype website will increase security awareness, helping to protect our most
vital and personal information by promoting proactive account management and
safe credential handling. MyWSU and BlackBoard benefit with increased security,
while students and staff do not have to worry about stolen personal information. In
addition, this product demonstrates how easy getting relevant security information
can be.
Overall, our product helps drive increased awareness regarding security best
practices, imparting this knowledge to users to enact it with WSU IT systems. This
should increase levels of security for individuals as well as for WSU.
The below subsections introduce the site and specific functionality introduces our
product along with individual benefits and purposes.
Home Page
Functionality includes (see Figure 2 & 3):
Recent news and highlights content region, aimed to inform users of high
priority items.
All site navigation is easily accessed from the top of the page menu ribbon
Password Tips
Functionality includes (see Figure 5 & 6):
Changing Password
Functionality includes (see Figure 4):
Resetting WSU ID
Alternate means of resetting your password
Detailed Instructions on password reset tool
Page | 7
Service Advice
Functionality includes (see Figure 7):
Forum where users can see latest site news or ask questions regarding
security related topics through a web forum
Contact Page
Functionality includes (see Figure 8):
Conclusions
Based on the site, the project delivers usefulness to students and faculty in helping
to raise security awareness. The prototype site is easy to navigate and locate high
profile information related to security, while also providing excellent context for
students and faculty. The look and the layout are professional, adding to the
credibility of the site. Its relevance and usability suggest validity to our audience.
Based on these findings, we can infer the project delivered a prototype that WSU
can leverage to improve security education and awareness.
Recommendations
Continued success of this product will depend on a number of factors. Ultimately, to
be successful we need to integrate this prototype site into myWSU and Blackboard
websites. Secondly, we need to encourage student and faculty participation by
visiting the site to drive increased awareness around security. Without meeting
these specific objectives, the product will go unknown to our audience and not
achieve our goals of improving security here at WSU for IT systems. Essentially, in
full cooperation with the Office of President, Team 4 and WSU IT jointly must
develop a plan of full integration to the aforementioned websites that includes a
project schedule, clear stakeholders, steering committee oversight, and small
resource budget to move this project forward.
Page | 8
Appendix A
Page | 9
P a g e | 10
P a g e | 11