Read the following case scenario:
The 9-Iron Country Club, commonly referred to as 9, is located in the suburbs of St. George City (a fictional city). It offers the amenities of a 9-hole golf course, a swimming pool, the clubhouse, and other recreational facilities to more than 1,200 members. 9 employs around 75 staff who cater to private functions such as weddings, meetings, and banquets.
9 is a seasonal club that closes its outdoor operations between November and February. These four months are critical to plan new venues and coordinate member activities for the upcoming season. The management operations and the catering tasks of 9 are normally executed through the local network. Therefore, the management and staff face many problems, especially during the winter. An incident occurred when Rob Domore, 9’s food and beverage director and head chef, had to drive to the club in bad weather conditions. Rob stated, “We put in a lot of effort to provide impeccable services to members and maintain a competitive position. I think about how much more efficient we could be if we could work from home in the off-season. If we had remote access, all senior management and executive staff could be reaching out to members, helping them plan upcoming events and preparing for next season without coming into the office.”
Mr. Domore also wanted to provide more flexibility in his daily schedule. He stated, “In the season, I can’t get all my office work done when we are in full swing because much of my time is spent in the kitchen and with the members. So, I desperately wanted the freedom to catch up at home, rather than stay additional hours on premises.”
Using the information provided in the case scenario, you are to design a potential remote access solution for 9. You also must prepare a report describing the remote access solution. The report should include the following considerations:
Needs and desires of customers and club members—available services, time availability, and network design
Risk management or assessment—protection of confidential and personally identifiable information (PII)
Data classification and security requirements—what measures will be implemented to protect the three states of data