Incident Response 1.docx - Incident Response Tolani...

This preview shows page 1 - 4 out of 20 pages.

Incident Response Tolani Agunloye University of Maryland Global College CST 630 9042 Advanced Cyber Exploitation and Mitigation Methodologies February 9, 2021 Professor Steven Fulton
Wireless and Bring Your Own Device (BYOD) Policy The organization has successfully launched what is known as a Bring Your Own Device (BYOD) Policy with the exponential advancement of mobile computing technology and the adaptation of this technology. BYOD policies enable an organization to optimize the accessibility of an employee to improve efficiency by enabling the company's network to be accessed remotely (forcepoint,2020). It’s not unusual for businesses to embrace a more user-friendly work environment in this current period of business. Permitting staff to carry out their duties using personal computers and mobile devices. This saves money for the business and allows the individual the right to use a device for work or personal use. While this offers some very welcome advantages, it also brings potential security threats. Personally operated equipment may now have access to confidential and organizational data, which raises the possibility of data loss. There are many problems that can arise that place the organization at risk, such as devices that are not adequately configured, exposure to unsafe websites, unauthorized apps, etc. We need to have controls in place to reduce our risk of accidents in order to mitigate our security risks and increase the efficacy of our BYOD program (2013, Horwath). We must establish a benchmark in which devices will be accepted on the business network before the system can be protected. sIt will be simpler to push patch updates to the systems by supporting PC, Android, and Apple devices from 2018 to the present. A lot of the time, older systems will not accept newer updates or have latest patches issued. Access is assessed on the basis of user profile data that is imported into the active directory, based on the access control policy. The active directory will be connected to MobileIron, our device management app. The first and only way the device can gain access is to be approved by the
security policy of the software. After which access to organization assets will be authorized and will be compliant with security practices (NIST, 2012.). Custom device profiles will be generated, by device type. A person is likely to carry multiple different kinds of devices to work. For every machine, an unique security section will be obtained. There will be a major security disparity and possibility for new network vulnerabilities if a default security policy is created. To help with connectivity and access, many device types and are configured into MobileIron. The MDM will automatically detect the device type, if it does not, we will be notified to an unknown device. (NIST, 2012.) All devices that have been jailbroken or rooted are not accepted on the network, and are considered to be vulnerable by security. A few other security vulnerabilities including malware, hacks, viruses are exposed to while protected machines are not. Implementing a screen lock is

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture