1

Billingsley-Boscovitch Business Supplies, Inc. (B3SI) MISSION STATEMENT Billingsley-Boscovitch Business Supplies, Inc. (B3SI) strives to provides its customers with the high quality business and technology supplies, equipment, furnishing and advice need to enable our customers to maximize their business operations. Values Statement It is our intent to provide the highest degrees of dedication, quality and integrity, reflected in our services and our products. We are committed to building life-long partnerships with our customers and our employees. We strive to provide our products and services with a dedication to the highest degree of integrity and quality, with customer satisfaction and the development of long-term professional relationships with our customers. We value our employees that build pride and strive to creating a strong positive working environment and company spirit. B3SI is a local office supply store established in 1979 after its co-founders William Billingsley and Alexander Boscovitch met in college. Upon graduation, each earning their business degrees with honors, the duo decided to establish a local store which would sell office supplies to many of the north Atlantis companies, building a strong customer based with a high degree of customer support and satisfaction. Today, even in the face of corporate office supply giants, their dedication to serving their customers has allowed the company to grow to 5 regional stores, with a corporate headquarters serving as the central shipping and receiving hub, and a fleet of 20 delivery trucks. Recently (in 2015) both Mr. Billingsley, Senior and Mr. Boscovitch retired from the business leaving William Billingsley II (a.k.a. Junior) in charge of the business. Junior has an MBA and a BSBA in Entrepreneurship, with a minor in IT from the Atlantis University of Technology. Junior’s first order of business was to update the almost obsolete IT infrastructure and telephony systems in all stores and the corporate headquarters. His next task is to improve the information security of the corporate headquarters. Executive Staff The current CEO, William Billingsley, Jr. oversees all operations at corporate headquarters and all 5 regional stores. The managers of the regional stores actually report to the COO, who reports to the CEO. The current CFO, Rachel Xieng, oversees all financial operations at corporate headquarters and all 5 regional stores. The Senior Accountant reports directly to the CFO.

2

The Current COO, Grace Williams, oversees all corporate and branch operations, including sales, procurements and distribution. The managers of all 5 stores report to the COO, as does the Managers of Purchasing, Sales, Distribution, HR and IT. Corporate Organization Chart

Corporate Headquarters Physical Plant B3SI Corporate Headquarters Floor Plan

William Billingsley, Jr. CEO

Rachel Xieng CFO

Grace Williams COO

Marie LeFleur Senior Exec Asst.

Melinda Hixon Mgr, HR

Thomas Harden

Mgr, Sales

Constance Beignet

Sales Rep

Wendy Binder HR Admin Asst.

Cecilia Thompson Manager IT

Vincent Disalvo IT Tech – Networks

Barry Zubler Sales Admin Asst.

Penny Dodd IT Tech – Systems

Margarito Fletcher

Distribution Rep

Pantoja Martina Mgr, PurchasingLOCAL BRANCH

MANAGER Vicki Webb

Mgr, Distribution

Suzie Xiao Purchasing Rep

Okekula M’buta Purchasing Rep

Tina Mann Distribution Rep

Debbie Sims Sales Rep

Donna Massey Accountant-GL

Samuel Prout Senior Accountant

Su Lee

Accountant-AP

Jesse Eckerd Accountant

x1253

Jeffrey Kruse Accountant-AR

Angela Fowler

Dist. Admin Asst

3

Office Occupant 100 Foyer 101 Reception 102 Workroom 103 Executive Assistant 104 CEO 105 COO 106 Conference Room 107 CFO 108 Purchasing Rep 109 Purchasing Rep 110 Manager, Purchasing 111 Purchasing Admin Assistant 112 HR Admin Assistant 113 Manager, HR 114 Sales Rep 115 Sales Rep 116 Manager, Sales 117 Sales Admin Assistant 118 Distribution Rep 119 Distribution Rep 120 Manager, Distribution 121 Distribution Admin Asst 122 Accountant – General Ledger 123 Accountant – Accounts Receivable 124 Senior Accountant 125 Accountant – Accounts Payable 126 Manager, IT 127 Data Center/Server Room 128 IT Tech – Systems & Servers 129 IT Tech – Networking

* Data Center specifications provided separately

4

B3SI Data Center/Server Room (Room 127) Two full-height (42U), floor-standing racks inside the center currently each hold a 3000VA UPS and 6-8 rackmount servers (described below), plus switches for the 1GbE Cat6-backbone network and several shelves of routers, wireless controllers, spare drives and so on. The room is independently climate controlled and on its own 9000VA UPS that also powers half a dozen office systems and switches around the floor in case of a power outage. Current server applications installed and running as infrastructure: Unless otherwise specified, all servers are Dell PowerEdge R6xx Rack-mounted servers. Rack 1:

1. Windows 2016 Server A – Active Directory Service and AD SQL DB 2. Windows 2016 Server B – Primary Domain Name Service and DNS SQL DB 3. Windows 2016 Server C – Exchange 2013 email server and Email DB 4. Windows 2016 Server D – Traverse Accounting Software and Accounting SQL DB 5. Windows 2016 Server E – Traverse Distribution Software and Distribution SQL DB 6. Windows 2016 Server F – Traverse ERP Software and ERP SQL DB 7. Dell Storage NX 3xxx 1 – Network Attached Storage (NAS) #1 – Runs Windows 2016 R2 –

multi-terabyte data backup capability for Rack 1 servers’ databases. In CC|IRM this is referred to as “External Storage” – under Infrastructure. For our purposes, the NAS contains both encrypted “native” and “converted” data. So an administrator could read the data/databases from that NAS’ servers, without having to use special software or “restoring” the data, once they successfully log into the NAS, as each system is copying its data in near real time to the NAS. Every night, before the NAS backs up its data to the other NAS, it uses a program to create a true backup. Then copies this backup to the other NAS. You can also assume the NAS has sufficient drive space to host 7 days of “local” data, replacing the oldest data with new data daily. To simplify the project, each NAS contains a copy of its servers’ data/databases, and a copy of the other NAS’ data backup. So in CC/IRM NAS 1 contains Server A-F data/databases and “NAS2 Data” NOT Server G-K data/databases. NAS 2 thus contains Server G-K data/databases and “NAS1 Data” NOT Server A-F data/databases.

Rack 2:

1. Windows 2016 Server G – Office 365 Server and Office DB (contains Office 365 files and images) – web-based office productivity software used on employee systems.

2. Windows 2016 Server H – Internet Information Server #1 for Intranet support – stores own web and document data. Used for internal forums, wiki’s and policy document management.

3. Windows 2016 Server I – Optimum HRIS and HRIS DB 4. Windows 2016 Server K – Internet Information Server #2 used with Forefront TMG and

IIS-FTMGDB – used to provide web filtering and proxy services – has own Intranet DB. 5. Windows 2016 Server K – SupportIT and SIT DB – used by IT department to manage

systems configuration, updates, and helpdesk tickets. 6. Dell Storage NX 3xxx 2 – Network Attached Storage (NAS) #2 – Runs Windows 2012 R2 –

multi-terabyte data backup capability used as an onsite daily backup for all Rack 2

5

servers’ databases. In CC|IRM this is referred to as “External Storage” – under Infrastructure. See previous comment about NAS2 Data content.

All Servers (including both NAS) are backed up weekly to a Cloud-based backup service. In CC|IRM this is referred to as “Software-as-a-Service”.

Again: All data and databases from Rack 1 copied daily to NAS#1 (External Storage). All data and databases from Rack 2 copied daily to NAS#2 (External Storage). NAS#1 data (which contains all Rack 1 data and databases) is backed up to NAS#2 nightly. NAS#2 data (which contains all Rack 2 data and databases) is backed up to NAS#1 nightly. All applications and data (including the contents of both NAS) backed up weekly to online backup service (SaaS).

6

Applications Traverse Accounting Software provides the following applications:

• General Ledger (TAS-GL) • Accounts Payable (TAS-AP) • Accounts Receivable (TAS-AR) • Payroll (Employee Distributions) (TAS-Pay) • Banking (TAS-Bank) • Fixed Assets (TAS-FA)

Traverse Distribution Software provides the following applications:

• Inventory (TDA-Inv) • Bill of Materials/Kitting (TDA-BoM) • Purchase Order (TDA-PO) • Sales Order (TDA-SO) • Warehouse Management (TDA-WM) • Requirements Planning (TDA-RP)

Traverse ERP Software provides the following applications:

• Web Portals (Ecommerce site) (TERP-Web) • Customer Relationship Management (TERP-CRM)

Optimum HRIS provides the following applications

• Payroll Management (exports to Traverse for Payroll processing) (Opt-PM) • Human Resources (Opt-HR) • Time & Attendance (exports to Traverse for Payroll processing) (Opt-Time)

Each NAS contains the following applications:

• Backup and Recovery Software (BARS) • Inygma AES 256 Encryption Software for Access Control (Inyg-AES)

as well as copies of all of the data from the servers in its rack, and the other NAS’ data.

Note: all applications are not necessarily placed on the same server. They can be stored on different servers and simply configured to access each other as needed. Assume every application, except those on the NAS, has its own database.

B3SI does not have a deployed wireless network, only an internal wired Ethernet network.

Current B3SI does not have any formal information security policies, plans or staff.