logo

BYOD Policy Threats and Security Strategies for Cybersecurity

Assess the risk from the BYOD policy to the university's information system and develop a security program to address the contemporary and emerging risks from cyber threats.

11 Pages2820 Words426 Views
   

Added on  2023-06-03

About This Document

This report analyzes the critical information assets of the university and discusses the threats caused by BYOD policy. It will also explore certificate-based authentication and provide spam handling instructions for the university.

BYOD Policy Threats and Security Strategies for Cybersecurity

Assess the risk from the BYOD policy to the university's information system and develop a security program to address the contemporary and emerging risks from cyber threats.

   Added on 2023-06-03

ShareRelated Documents
CYBERSECURITY 1
CYBERSECURITY: BYOD POLICY THREATS AND SECURITY STRATEGIES
By (Name)
(Unit)
(Professor’s Name)
(University)
(City where the university is located)
(Date)
BYOD Policy Threats and Security Strategies for Cybersecurity_1
CYBERSECURITY 2
Table of Contents
Introduction.................................................................................................................................................3
BYOD Risk Assessment................................................................................................................................3
BYOD Policy: Threats and Vulnerabilities.................................................................................................4
Risk Assessment......................................................................................................................................4
Certificate-Based Authentication.................................................................................................................5
Anti-spam Guideline....................................................................................................................................8
Three Examples of Spams........................................................................................................................8
Conclusion.................................................................................................................................................10
References.................................................................................................................................................11
BYOD Policy Threats and Security Strategies for Cybersecurity_2
CYBERSECURITY 3
Introduction
In the current world of technological evolution, people and institutions rely on the
information systems to communicate and share information as well as store vital institution’s
data. Information system involves a network of assets which co-ordinate together to store,
transform, retrieve and disseminate information of a learning institution, a corporation or a
business. Information systems have essential contributions to the educational sector. To
harness the benefits of individuals using their own electronic devices the Southern Cross
University have adopted the policy of Bring Your Device (BYOD) to classes at Performance
Education.
The use of these electronic devices to access, process and create the information and
data of the university generates issues concerning information security breaches. The
institution needs to implement strategies to prevent security breaches to the information and
data. The university should undertake the information security strategies to guarantee that it
still controls and manages the data accessed using BYOD device and also ensure that few
reasonably possible restrictions are imposed on the university information resources accessed
utilizing the BYOD policy.
This report analyzes the critical information assets of the university and discusses the
threats caused by BYOD policy. It will also explore certificate-based authentication and compare
with another authentication technique and also provide spam handling instructions for the
university.
TASK 1
BYOD Risk Assessment
In developing, information security strategy, the first essential procedure is to identify
and comprehend the critical assets that require protection. The critical information assets in an
organization are the assets that impact integrity, confidentiality, availability and support the
institution’s mission and vision and it strategic objectives (Boranbayev, Mazhitov & Kakhanov
2015).
The critical information assets of Southern Cross University are namely
Educational and research: examinations, intellectual development, research projects
and information about students
Human resources: personal data of staff and reports.
Legal: contracts and internal documentation, employees confidential information of
staff
BYOD Policy Threats and Security Strategies for Cybersecurity_3
CYBERSECURITY 4
Finance and Economics: financial information and procurement documentation
Information Technology: Databases, logins, and passwords, IT management information
and IT developments copyright
BYOD Policy: Threats and Vulnerabilities
The adopted BYOD policy in classes at Performance education will arise various threats
to the identified critical information assets of the university. Organizations have no complete or
little control of the electronic devices in which their employees are utilizing and also have no
control of the security conditions when employees are assessing its information systems (Dang-
Pham & Pittayachawan 2015). The threats which may be brought by the BYOD policy are
malware, phishing, social engineering, malicious mobile applications and Denial of service.
Phishing is a well-constructed email that evades the network security strategies and obtains
information systems data (Chang et al. 2014).
Malware is a rapidly growing information systems problem due to a high number of
downloads and applications (Patten & Harris 2013). Malware may be utilized to steal the
confidential information of employees and students and deviate financial transactions by using
the security vulnerabilities such as insecure wireless networks and weak firewalls brought
about by the mobile devices which cannot be controlled by the information technology
department (Cuevas et al. 2015). Phishing utilizes vulnerabilities such as personal cloud services
and social networks in an unacknowledged staff or student collaboration environment to obtain
financial gain and steal personal information. In social engineering, spam emails and spam on
social networks utilize the vulnerabilities of human emotions to spread malware and
inappropriately obtain confidential staff and students’ data. Denial of service threats results
from vulnerabilities due to improper network planning resulting from the adoption of mobile
electronic devices results in attacks on databases and log repositories. Vulnerabilities such as
mobile device misconfiguration occur when employees install unauthorized and non-corporate
applications which then provide opportunities for stealing institution information such as legal
documents.
Risk Assessment
Information system risk assessment is implemented to give an a prioritized assessment
and evaluation of the probability and impact of information security occurrences and
presenting the potential threat to the information from each scenario as well as the existing
protective measures (Shedden et al. 2016). In deciding whether to implement a quantitative
and qualitative risk assessment, the advantages and disadvantages of the two frameworks are
analyzed. Quantitative style advantage is that it takes into consideration the risks and locates
section that requires urgent action (Tixteco et al. 2017). Its disadvantage is that it makes cost-
benefit analysis difficult because it does not provide specific, quantifiable magnitude of impacts
BYOD Policy Threats and Security Strategies for Cybersecurity_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Risk Assessment of Southern Cross University
|13
|2466
|317

BYOD Risk Assessment Task 1: Critical Components 2 2 Cyber Security Name of University Author
|15
|2429
|149

Why is cybersecurity important for the education sector?
|14
|3669
|11

Solutions of Cybersecurity Assignment
|9
|2005
|320

Cybersecurity Threats and Anti-Spam 3 CONCLUSIONS 4 INTRODUCTION Cybersecurity Threats and Anti-Spam 3 CONCLUSION 3 REFERENCES 4 INTRODUCTION Cybersecurity Threats and Anti-Spam 3 CONCLUSION 3 REFEREN
|7
|1670
|122

BYOD Policy Design for Southern Cross University
|8
|1829
|264