IFN511 Security Management - Semester 1 2019: BYOD Risk Report ABC

Verified

Added on  2023/01/19

|5
|948
|84
Report
AI Summary
This report, prepared for the IFN511 Security Management course, examines the risks associated with the Bring Your Own Device (BYOD) policy implemented by the ABC Company, an IT service provider. The report identifies the company's industry, size, and information assets, highlighting the significance of information security. It details the infrastructure and the specific threats related to BYOD, such as loss of devices, malicious actions, and phishing attacks. The vulnerabilities are discussed, including the use of malicious and untrusted operating systems, and the password-based authentication method. To mitigate these risks, the report recommends training employees on security vulnerabilities, implementing verified software, and adopting certificate-based authentication. The report references real-life cases of security breaches and provides recommendations tailored to the ABC Company to enhance its security posture. This report is a comprehensive analysis of BYOD security risks, providing insights into vulnerabilities, threats, and mitigation strategies.
Document Page
SCIENCE AND ENGINEERING FACULTY
IFN511 Security Management - Semester 1 2019 Assessment Item 1: Group Report
Student Names: Please fill Please fill
Student Numbers: Please fill Please fill
Report Topic: Risk of using BYOD in the organisation of ABC Company.
Item Details Main points and comments Supporting Contributed by
(include the main concepts - in point form - you evidence (write the name of the
intend to use in your report) (record reference group member here, as
details for articles) appropriate)
Industry IT service industry
About your Size/Structure
The ABC company is one of the well-known IT service
industry with about 500 skilled technology consultants.
It has it headquarter in Dayton, Ohio. The company of
ABC offers its services to about 30,000 customers. The
company owns about 4000 corporate devices which are
used as a part of the BYOD policy of the company.
As the organisation is
hypothetical no
references can be
provided Please fill
selected
organisation
Information The major information assets of the organisation of ABC
consists of information related to sales, operational data,
financial information and many more.
All the information assets of the company of ABC are
located within the database of the organisation
The dataset of the organisation consists of both physical
and logical data sets. The physical data sets consist of
details related to the employees who are logging in into
the devices, details of the files that are modified
including the dates and file size. The logical model for
As the organisation is
hypothetical no
references can be
provided
Please fill
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
creating this data sets does not require any metadata
columns and does not need to specify such details in the
table.
Infrastructure
Please fill
How does
The organisation of ABC uses the BYOD policy within
their enterprise in order to transfer necessary
information via the systems. The company implemented
this so as to lower down the cost of the hardware and
software that are used within the organisation.
your report
topic relate to
As recently, the organisation of ABC is facing problems
related to phishing where the employees are receiving
spam emails in an increased rate, besides the devices are
automatically installed with malicious software and use
of untrusted mobile operating system, the threat related
to BYOD policy is addressed in this report.
As the organisation is
hypothetical no
references can be
provided Please fill
this
organisation? Threats related to BYOD policy is common in various
organisations as for example the threat related to
BYOD policy is notable in the organisation of
Australian Mobile Telecommunication Association.
Document Page
For example:
The main security issue that is faced within the
organisation of ABC, is loss of devices, malicious actions
within the organisation, and increased rate of phishing
attack.
As the organisation is
hypothetical no
references can be
provided Please fill
Main aspects of Security Issue
Vulnerabilities
The vulnerabilities that are identified within the
organisation includes use of malicious operating systems,
accessing data of others without any authentication, use
of untrusted mobile operating system and most
importantly, the company of ABC uses the password-
based authentication method in order to verify the access
of the users. The identified vulnerabilities can be
exploited by various means like well-known phishing
attack. The company faced loss of huge amount of
devices that are used while transferring data, automatic
installation of malicious operating systems within the
systems as a result of which the information assets of the
organisation are at the verge of risk where it is reported
that some information related to finance and also the
patents of the organisation were stolen using malware
links.your chosen topic
As the organisation is
hypothetical no
references can be
provided Please fill
Possible
control As a means to control the risks of the BYOD policy, the
employees need to be trained about the latest security
vulnerabilities, and should be trained to handle those
risks by following some simple measures. The basic
As the organisation is
hypothetical no
references can be
provided
Document Page
steps towards preventing the risks of using BYOD
includes, use of verified and authenticated software and
operating systems, use of certified based authentication
system in place of password-based authentication
system.
measures
Similar real life
cases
The real-life example of the consequences of the threat
of using BYOD is reported in case of United Kingdom,
where they faced a major theft by losing about 2 million
of mobile devices in the year 2005. Besides the real-life
case study of the vulnerabilities of using the BYOD
policy is seen in the Australian Mobile
Telecommunication Association where it was reported
that the organisation a major loss of about 100000
mobile devices by which important information were
transferred.
As the organisation is
hypothetical no
references can be
provided Please fill
Recommendations
For the organisation of ABC company, it is
recommended that they use the certificate-based
authentication system in order to authenticate its users
instead of using the low security level password-based
authentication system. Please fill
relevant to
As the organisation is
hypothetical no
references can be
provided
information
security goals of
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
organisation
Reference Details:
Keep track of your source materials – you will need to include citations in the text and the reference
details in the References section of your report (Penalties apply if this is not adequately addressed).
A useful guide to referencing, citation and report writing is: http://www.citewrite.qut.edu.au/.
chevron_up_icon
1 out of 5
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]