cst630dcowieproject2.docx - 1 Running head Incident...

This preview shows page 1 - 4 out of 17 pages.

1Running head: Incident ResponseIncident Response
2Incident ResponseExecutive SummaryToday cybersecurity threats are a huge concern for companies worldwide. It is important for the company's security team to know and understand the potential threats, which are both insider and outsider threats. The introduction the bring your own device (BYOD) program into the company allows the company’s employees more convenience and productivity but as technology advances for so does the risk of attacks. Those BYOD devices include tablets, computers iPhone, Android, Blackberry, and Windows phones. It has become just as important tosecure the laptop, tablet, phones and etc. as it is to secure the information systems used by the company. To have a better understanding of the risk form BYOD and how it should be secured, a wireless and BYOD security plan must be developed. This plan will discuss the vulnerabilities of the devices and access points; As well as the possible attacks associated with it. The most important aspect of this plan is how to secure it and what encryption and other techniques would be best for the company. Wireless protocols will also be discussed to find which is the best for the company as well as remote configuration.
3Incident ResponseWireless and Bring Your Own Device (BYOD) Security PlanThe company has instituted the Bring Your Own Device (BYOD) policy, which allows employees to bring their personal computer or mobile devices to work. This policy allows companies to reduce cost and provide employees the opportunity to use the device for both private and business use. Although this policy is good for companies financially it comes with security risks. "Worker-owned devices can now carry sensitive and confidential organizational data. Data access and ownership issues can create the risk of data loss. Additionally, use of personal computers for business can bring about security complications." [CITATION UMU17 \l 1033 ] To mitigate these risks, employees must understand the security threated related to their personal devices and “Organizations need to invest in security solutions such as registering personal devices, implementing encryption standards for data protection, and using endpoint protection technology to guard personal devices against attacks.” [CITATION UMU17 \l 1033 ]Devices included in the BYOD policy are tablets, computers iPhone, Android, Blackberry, and Windows phones. The company has defined acceptable uses for the authorized device listed. During working hours the devices are connected to the company's network which will have restricted access to certain websites and capabilities, such as social media sites. The company’s network has wireless access also known as authorized access points, that are granted permissions to be on the network by an administrator. These access points are given a strong encryption such as WPS2. “Authorized access points should have MAC addresses that are recognized by the organization's Address Resolution Protocol (ARP) tables.” [CITATION UMU17 \l 1033 ] Rogue access points are set up by malicious attacks and insider threat, these

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture