EM Cybersecurity Center
Locked WITH us
MemoTo: Moja Negash Project Manager
From: Endashaw Melaku
CC: Bemnet Negash
Dear Moja Negash.
Customers login into the application and place orders. The orders are then stored in the database.
When the customer makes payment for their orders, the order data is sent to a warehouse closest the
customer. When the products ordered are delivered to the customer, a delivery report is sent to the
ordering system and it updates the order status.
STREET ADDRESS, CITY, STATE ZIP CODET: TELEPHONE W: WEBSITE
Data Analytics1. Data Storage: The e-commerce application will generate a vast amount of data that needs to be
stored in a reliable and scalable manner. We will use Amazon S3 storage to store transaction
logs, user data, and product data.
2. Data Creation: Data analytics relies on collecting data from various sources, such as user
behavior, sales, and marketing campaigns. The e-commerce application can collect this data
through web analytics tools such as Google Analytics, or by integrating with various APIs and
services such as social media platforms, email marketing tools, and payment gateways.
3. Data Modification: Once the data has been collected, it may need to be modified or enriched to
enable effective analysis. This can include data cleaning, data transformation, and data
enrichment, which will be performed using AWS Glue, which can extract, transform, and load
data from various sources.
4. Data Deletion: The application will generate a significant amount of data, which can quickly
accumulate and take up storage space. To optimize data storage and ensure regulatory
compliance, data will need to be deleted periodically. This will be accomplished using various
data deletion tools provided by AWS, such as Amazon S3 Lifecycle policies, which can delete old
data automatically after a specified period.
Data Management1. Security and Access Control: The e-commerce application will use AWS Identity and Access
Management (IAM) to control access to resources and enforce policies for data security.
2. Backup and Disaster Recovery Plan: The e-commerce application must have a backup and
disaster recovery plan to ensure that data is protected against unexpected. We will use Amazon
S3 versioning, which can automatically create and retain multiple versions of data, and AWS
Disaster Recovery, which provides replication of data across regions for disaster recovery.
Cybersecurity1. Malware Concerns: We will use security features provided by AWS, such as network firewalls and
antivirus software, to protect against malware attacks.
2. Physical and Logical Access: AWS provides several security measures, such as biometric
authentication and security cameras, to control physical access to data centers. Logical access
can be controlled using IAM roles and policies.
3. Forensic Investigation: In case of security breach we will use AWS CloudTrail and AWS Config to
audit and investigate security-related events.
IT Project Manager1. Project Control: The IT project manager must ensure that the project is completed on time,
within budget, and meets the project's objectives. This involves monitoring project progress,
identifying and mitigating risks, and managing stakeholder expectations.
2. PM Methodologies: The development of this application will use agile project management
3. Scope Control: Scope control is critical for ensuring that the project stays on track and within
budget. The IT project manager must ensure that the project scope is clearly defined and
controlled throughout the project's lifecycle.
4. End-User Input: End-user input is crucial for ensuring that the e-commerce application meets the
end-users' needs. The IT project manager should involve end-users in the project planning and
development process to gather feedback and incorporate it into the project.
5. Training: The IT project manager must ensure that end-users and other stakeholders are
adequately trained on how to use the e-commerce application. This involves developing training
materials, conducting training sessions, and providing ongoing support.
1. Network topology: Token passing topology will be used to logically control access to the
2. Network Infrastructure Build-out and Expansion: The IT team must ensure that the network
infrastructure is built out to support the e-commerce application's traffic requirements. As the
application grows, the network infrastructure must be expanded to accommodate additional
traffic and users.
3. Required Equipment and Physical Media Acquisition and Control: The IT team must acquire the
necessary network equipment, such as routers, switches, and firewalls, and physical media, such
as network cables, to support the e-commerce application. They must also ensure that the
equipment and physical media are properly controlled to prevent unauthorized access.
4. Network Security: Network security is critical for protecting the e-commerce application and its
data from cyber threats. The IT team must implement appropriate security measures, such as
firewalls, intrusion detection and prevention systems, and virtual private networks, to secure the
Software Developers1. Applications Needed: The software developers must work with the business stakeholders to
identify the software applications needed for the e-commerce application. This may include
developing custom applications or integrating third-party applications.
2. Input from End-users: End-user input is critical for ensuring that the software applications meet
the end-users' needs. The software developers should involve end-users in the design process to
gather feedback and incorporate it into the application design.
3. Design Process: The software developers must follow a design process that includes
requirements gathering, design, implementation, testing, and deployment. The design process
should be iterative, with feedback from end-users and stakeholders incorporated into each
4. Steps of the SDLC for App Development: The software developers should follow the software
development life cycle (SDLC) to ensure that the application is developed in a structured and
systematic way. The SDLC typically includes the following steps:
Planning: In this phase, the software developers work with stakeholders to identify the project's
objectives, scope, and requirements.
Analysis: In this phase, the software developers analyze the requirements and identify the
software applications needed to meet those requirements.
Design: In this phase, the software developers design the application architecture, database
schema, and user interface.
Implementation: In this phase, the software developers write the code and develop the
Testing: In this phase, the software developers test the application to ensure that it meets the
requirements and functions correctly.
Deployment: In this phase, the software developers deploy the application to the production