CST 630 project 2 Incidnet Report.docx - INCIDENT REPORT 1...

This preview shows page 1 - 4 out of 11 pages.

INCIDENT REPORT Incident Report James Tow UMUC 1
INCIDENT REPORT Executive Summary As an organization we recently rolled out a bring your own device program requiring use to come up with a policy on use and figure out how to ensure our network and data remain secure. Wireless and Bring Your Own Device (BYOD) Plan In today’s work environment, it is common for business to allow for employees to bring their own devices to work. This allows for a friendlier work environment, allows the employees to be more mobile, and could potentially allow for cost saving by not having to supply a computer to all employees. The benefits of a BYOD environment also come with added security risks. These devices will now have access to information that is sensitive and could be detrimental to the organization if there is any data loss. Some of the risk associated with BYOD are accessing sites that are unauthorized, system patching not up to date, someone bring in malicious code, or unapproved applications. While this is not a full list of risk it is some of the reasons for a BYOD program to work you must also have policies in place to lower the risks of incident. The first thing that must be decided in a BYOD policy is what devices will be allowed on the network. All Android, Chrome OS, Windows, Apple iOS, and macOS from 2016 and newer will be allowed on the network. Over time this date will need to be moved to ensure the security of the network. This is because as devices and OS’s age the producer will support them with patches less. When they are no longer supported it could lead to security holes and damage to the network. The devices allowed on the network will be controlled through an access control policy. We will use Airwatch by VMware to manage the devices authorized on the 2
INCIDENT REPORT system. The device will have to be registered through Airwatch and then vetted before it will be allowed on the network. Profiles will be built for each device to be allowed on the network. They will be build base on what type of platform they are. The device will be assigned a username and pin number to be able to gain access to the network each day. Any device that has been jailbroken will not be allowed on the network, they are a security risk and could be compromised. The owner of each device will be responsible for ensuring that patches and updates are done for all devices they connect to the network. The system will push the patches and updates as they are detected. This will ensure compliance with regulations and protect us from unwanted security holes. Any device that goes of the network for longer than a month will be removed and will have to reregister and be scanned again to regain access. Since the implementation of the BYOD program we have had several incidents of people connecting unauthorized devices to the network. These rogue connections are a danger to the network. A rogue access point can leave the corporate network open to several types of attacks like Denial of service, sniffing to identify further vulnerabilities, or man-in-the middle. Ways to

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture