Cyber Security: BYOD Risk Assessment, Certificate-Based Authentication, and Anti-Phishing Guideline
Added on 2022-10-19
12 Pages2542 Words257 Views
Running head: CYBER SECURITY
CYBER SECURITY
Name of the Student:
Name of the University:
Author Note:
CYBER SECURITY
Name of the Student:
Name of the University:
Author Note:
CYBER SECURITY1
Table of Contents
Introduction................................................................................................................................3
BOYD Risk Assessment............................................................................................................3
BYOD Risk assessment Introduction.....................................................................................3
Objective/Purpose of BYOD Risk assessment......................................................................4
Scope of the Risk Assessment................................................................................................4
Risk Register..........................................................................................................................4
Risk Assessment Matrix.........................................................................................................6
Certificate-Based Authentication...............................................................................................6
Introduction............................................................................................................................6
Working principle of Password-based authentication scheme...............................................7
Certificate-based authentication scheme................................................................................7
Working principle of Certificate-based authentication scheme.............................................7
Comparison of the username-password and certificate–based Authentication......................8
Anti-phishing Guideline.............................................................................................................8
Definition and characteristics of Phishing.............................................................................8
Representative Examples of Phishing....................................................................................9
Instructions for Phishing Handling (users)............................................................................9
Instructions for Phishing Handling (IT admin)......................................................................9
Conclusion................................................................................................................................10
References................................................................................................................................11
Table of Contents
Introduction................................................................................................................................3
BOYD Risk Assessment............................................................................................................3
BYOD Risk assessment Introduction.....................................................................................3
Objective/Purpose of BYOD Risk assessment......................................................................4
Scope of the Risk Assessment................................................................................................4
Risk Register..........................................................................................................................4
Risk Assessment Matrix.........................................................................................................6
Certificate-Based Authentication...............................................................................................6
Introduction............................................................................................................................6
Working principle of Password-based authentication scheme...............................................7
Certificate-based authentication scheme................................................................................7
Working principle of Certificate-based authentication scheme.............................................7
Comparison of the username-password and certificate–based Authentication......................8
Anti-phishing Guideline.............................................................................................................8
Definition and characteristics of Phishing.............................................................................8
Representative Examples of Phishing....................................................................................9
Instructions for Phishing Handling (users)............................................................................9
Instructions for Phishing Handling (IT admin)......................................................................9
Conclusion................................................................................................................................10
References................................................................................................................................11
CYBER SECURITY2
Introduction
As appointed by the Southern Cross University to be the consultant for the cyber
security, the report specifically aims at the working of the consultant towards the security
program in relation to the emerging risks that have been posed by the cyber security threats to
the organization. This report particularly makes a brief analysis of the transition from the
password based authentication system to that of Bring Your Own Device (BYOD) that has
led to the rise of some serious concerns. Assessment of the risk that has been posed by the
BYOD policy has been done down this discussion (Song and Kong, 2017). Following that,
the transition from the password authentication system to that of the certificate authentication
system has been discussed in brief. Reasons have been stated in favor of the usage of the new
certificate based authentication. In addition to this, Phishing has been identified as the most
posing threat to the data of the organization; hence, a proper guideline of how to mitigate the
threat along with the consequences that are caused by the threat has been discussed in a brief
manner as well (McGeehan et al., 2017).
BOYD Risk Assessment
BYOD Risk assessment Introduction
Bring Your Own Device (BYOD) particularly allows every employees to makes
utilization of their own smartphones as well as the carrying out of the business related
activities through their mobile phones, and in turn make profit of the respective organization
that they have been working in. BYOD carries the primary aim to improve the productivity as
well as the speed related to the work so that the employees can carry out their activities from
anywhere, at any given point of time. However, BYOD puts forward the big security related
risks such as the leak of information such as the likes of confidential data belonging to the
company as well as the personal information of the customers to the organization (Lee et al.,
Introduction
As appointed by the Southern Cross University to be the consultant for the cyber
security, the report specifically aims at the working of the consultant towards the security
program in relation to the emerging risks that have been posed by the cyber security threats to
the organization. This report particularly makes a brief analysis of the transition from the
password based authentication system to that of Bring Your Own Device (BYOD) that has
led to the rise of some serious concerns. Assessment of the risk that has been posed by the
BYOD policy has been done down this discussion (Song and Kong, 2017). Following that,
the transition from the password authentication system to that of the certificate authentication
system has been discussed in brief. Reasons have been stated in favor of the usage of the new
certificate based authentication. In addition to this, Phishing has been identified as the most
posing threat to the data of the organization; hence, a proper guideline of how to mitigate the
threat along with the consequences that are caused by the threat has been discussed in a brief
manner as well (McGeehan et al., 2017).
BOYD Risk Assessment
BYOD Risk assessment Introduction
Bring Your Own Device (BYOD) particularly allows every employees to makes
utilization of their own smartphones as well as the carrying out of the business related
activities through their mobile phones, and in turn make profit of the respective organization
that they have been working in. BYOD carries the primary aim to improve the productivity as
well as the speed related to the work so that the employees can carry out their activities from
anywhere, at any given point of time. However, BYOD puts forward the big security related
risks such as the leak of information such as the likes of confidential data belonging to the
company as well as the personal information of the customers to the organization (Lee et al.,
CYBER SECURITY3
2017). For example, whenever an employee is working on the phone, it consists of a huge
amount of company as well as private data. Hence, the phone getting lost may lead to the
leakage of the data that is contained within the phone.
Objective/Purpose of BYOD Risk assessment
Primary motive for the assessment of the risks belonging to the concerns that have
been upcoming in relation to the BYOD has been necessarily approached to assess the risks
as well as put forward the basic measures aimed towards the mitigation of the same.
Scope of the Risk Assessment
Utilizing such measures related to the analysis of the risk, the mitigation techniques
shall be implemented upon the number of concerns that have been visible under the
installation of the BYOD method for the carrying out of the business procedures.
Primarily, the leakage of data that can occur whenever the mobile phone of the
employee gets stolen shall be mitigated having the most primary importance in relation to the
mitigation of the issues related to the BYOD (Hong et al., 2016). In addition to this, some
other existing security concerns have been mitigated along with the primary concerns.
Risk Register
Risk
ID
Risk
Description
Likelihood
(1-5)
Impact
(1-5)
Risk-rating
Factor (1-25)
1 Unauthorized access to the BYOD database 4 5 20
2 The private data belonging to every
individual employee getting mixed up
within the BYOD terminal.
5 5 25
3 Leakage of the confidential information
belonging to the company and in turn, the
3 5 15
2017). For example, whenever an employee is working on the phone, it consists of a huge
amount of company as well as private data. Hence, the phone getting lost may lead to the
leakage of the data that is contained within the phone.
Objective/Purpose of BYOD Risk assessment
Primary motive for the assessment of the risks belonging to the concerns that have
been upcoming in relation to the BYOD has been necessarily approached to assess the risks
as well as put forward the basic measures aimed towards the mitigation of the same.
Scope of the Risk Assessment
Utilizing such measures related to the analysis of the risk, the mitigation techniques
shall be implemented upon the number of concerns that have been visible under the
installation of the BYOD method for the carrying out of the business procedures.
Primarily, the leakage of data that can occur whenever the mobile phone of the
employee gets stolen shall be mitigated having the most primary importance in relation to the
mitigation of the issues related to the BYOD (Hong et al., 2016). In addition to this, some
other existing security concerns have been mitigated along with the primary concerns.
Risk Register
Risk
ID
Risk
Description
Likelihood
(1-5)
Impact
(1-5)
Risk-rating
Factor (1-25)
1 Unauthorized access to the BYOD database 4 5 20
2 The private data belonging to every
individual employee getting mixed up
within the BYOD terminal.
5 5 25
3 Leakage of the confidential information
belonging to the company and in turn, the
3 5 15
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Professional Paper Elements -lg...
|10
|2570
|15
Cyber-Security in Southern Cross Universitylg...
|11
|2074
|181
Cyber Security: Risks and Solutions for South Cross Universitylg...
|12
|2052
|467
Cyber Security: BYOD Risk Assessment, Certificate-based Authentication, and Anti-phishing Guidelinelg...
|9
|2240
|285
Assessing Cybersecurity in an Organization: BYOD Policy and Phishing Riskslg...
|12
|2224
|335
Risk Assessment of Southern Cross Universitylg...
|13
|2466
|317