BYOD Risk Assessment Task 1: Critical Components 2 2 Cyber Security Name of University Author
Added on 2022-10-18
15 Pages2429 Words149 Views
Running head: CYBER SECURITY
Cyber Security
Name of Student
Name of University
Author Note
Cyber Security
Name of Student
Name of University
Author Note
1
CYBER SECURITY
Table of Contents
Task 1: BYOD Risk Assessment.........................................................................................2
1.1. Organization Information System: Critical Components.........................................2
1.2. Threats of BYOD Policy..........................................................................................2
1.3. Potential Vulnerabilities of Asset.............................................................................3
1.4. Qualitative Risk assessment of the Information System..........................................4
Task 2: Certificate based Authentication System................................................................5
2.1. Working Process: Pros and Cons..............................................................................5
2.2. Comparison between certificate and Password based authentication.......................6
2.2.1. Features for combating threats from BYOD policy..........................................6
Task 3: Anti-Phishing Guideline.........................................................................................8
3.1. Identification of the electronic Phishing messages...................................................8
3.2. Example of Phishing.................................................................................................9
3.3. Phishing Handling Instructions...............................................................................11
References..........................................................................................................................13
CYBER SECURITY
Table of Contents
Task 1: BYOD Risk Assessment.........................................................................................2
1.1. Organization Information System: Critical Components.........................................2
1.2. Threats of BYOD Policy..........................................................................................2
1.3. Potential Vulnerabilities of Asset.............................................................................3
1.4. Qualitative Risk assessment of the Information System..........................................4
Task 2: Certificate based Authentication System................................................................5
2.1. Working Process: Pros and Cons..............................................................................5
2.2. Comparison between certificate and Password based authentication.......................6
2.2.1. Features for combating threats from BYOD policy..........................................6
Task 3: Anti-Phishing Guideline.........................................................................................8
3.1. Identification of the electronic Phishing messages...................................................8
3.2. Example of Phishing.................................................................................................9
3.3. Phishing Handling Instructions...............................................................................11
References..........................................................................................................................13
2
CYBER SECURITY
Task 1: BYOD Risk Assessment
1.1. Organization Information System: Critical Components
This section of the report aims in evaluation of the key processes of the information
system of an organization that is the key information assets of the organization. The information
assets of Southern Cross University are listed as below-
1. Personal data of the staffs and students of the University is one of the information
assets of the organization (Shumate & Ketel, 2014)
2. The annual financial data of the organization is another is another key asset of the
Southern Cross University
3. The information about the human resources.
4. The existing proprietary software system of the organization
5. The information related to total number of admissions per year and the client details
The above data indicates the most valuable assets of the Southern Cross University
(SCU). These information are vital for normal operation of the business and therefore, these
information may be subjected to risk of data theft.
1.2. Threats of BYOD Policy
The BYOD policy that is implemented in the SCU provides the staffs of the organization,
the facility of working with their own devices. However, there are certain threats linked with the
proposed BYOD policy which are listed as follows-
CYBER SECURITY
Task 1: BYOD Risk Assessment
1.1. Organization Information System: Critical Components
This section of the report aims in evaluation of the key processes of the information
system of an organization that is the key information assets of the organization. The information
assets of Southern Cross University are listed as below-
1. Personal data of the staffs and students of the University is one of the information
assets of the organization (Shumate & Ketel, 2014)
2. The annual financial data of the organization is another is another key asset of the
Southern Cross University
3. The information about the human resources.
4. The existing proprietary software system of the organization
5. The information related to total number of admissions per year and the client details
The above data indicates the most valuable assets of the Southern Cross University
(SCU). These information are vital for normal operation of the business and therefore, these
information may be subjected to risk of data theft.
1.2. Threats of BYOD Policy
The BYOD policy that is implemented in the SCU provides the staffs of the organization,
the facility of working with their own devices. However, there are certain threats linked with the
proposed BYOD policy which are listed as follows-
3
CYBER SECURITY
1. The personal devices used by the staffs of the organization might get stolen thus
risking the confidential information of the University.
2. There is generally no password protection in the personal devises and thus the devices
can easily get compromised in an event of theft or hacking (Olalere et al., 2015).
3. The device might make use of public internet without encryption of the data related to
University thus, increasing the chances of data hack.
4. Even after the employee leaves the organization, there are high chances of the data
being stored in the device thus, risking the confidentiality of the data.
1.3. Potential Vulnerabilities of Asset
The potential vulnerability of each information asset in consideration to the identified
threats are indicated as follows-
1. The personal information of students and personal information of the staffs of the
University might be at the risk of data threat as there is no password protection to the personal
device of a user.
2. The annual financial data of the organization is at risk of data theft as the personal
devices might connect to the public internet (French, Guo & Shim, 2014).
3. The information of the human resources might be at risk if an employee leaves the
organization.
4. The details of the software might be at risk if the device gets stolen.
CYBER SECURITY
1. The personal devices used by the staffs of the organization might get stolen thus
risking the confidential information of the University.
2. There is generally no password protection in the personal devises and thus the devices
can easily get compromised in an event of theft or hacking (Olalere et al., 2015).
3. The device might make use of public internet without encryption of the data related to
University thus, increasing the chances of data hack.
4. Even after the employee leaves the organization, there are high chances of the data
being stored in the device thus, risking the confidentiality of the data.
1.3. Potential Vulnerabilities of Asset
The potential vulnerability of each information asset in consideration to the identified
threats are indicated as follows-
1. The personal information of students and personal information of the staffs of the
University might be at the risk of data threat as there is no password protection to the personal
device of a user.
2. The annual financial data of the organization is at risk of data theft as the personal
devices might connect to the public internet (French, Guo & Shim, 2014).
3. The information of the human resources might be at risk if an employee leaves the
organization.
4. The details of the software might be at risk if the device gets stolen.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Risk Assessment of Southern Cross Universitylg...
|13
|2466
|317
Cyber Security: BYOD Risk Assessment, Certificate-based Authentication, and Anti-phishing Guidelinelg...
|9
|2240
|285
Cyber-Security in Southern Cross Universitylg...
|11
|2074
|181
Cyber Security: Risks and Solutions for South Cross Universitylg...
|12
|2052
|467
BYOD Policy Threats and Security Strategies for Cybersecuritylg...
|11
|2820
|426
BYOD Policy Design for Southern Cross Universitylg...
|8
|1829
|264