Interactive Session and Technology BYOD
Assignment ID Number AFFGEHU83939HD Type of Document Essay Writing Format APA/MLA/Harvard Academic Level Masters/University References/Sources 4 References
Interactive Session and Technology BYOD
Case study 4 chapter 8
- Answer the Case Study Questions (found at the end of each case study) in 500-750 words total (not including reference list).
- Include at least one additional, external reference to sources such as an article or video. Cite the reference(s) in your study.
Your case study will be graded on the following:
Grading: 20 points
Content 80% (how thoroughly and logically you answer the questions, how well you incorporate your reference(s), how well you make arguments and state facts to support your answers).
Interactive Session: Technology BYOD: A Security Nightmare?
Bring your own device has become a huge trend, with half of employees with mobile computing tools at workplaces worldwide using their own devices. This figure is expected to increase even more in the years to come. But while use of the iPhone, iPad, and other mobile computing devices in the workplace is growing, so are security problems. Quite a few security
experts believe that smartphones and other mobile devices now pose one of the most serious security threats for organizations today.
Whether mobile devices are company-assigned or employee-owned, they are opening up new avenues for accessing corporate data that need to be closely monitored and protected. Sensitive data on mobile devices travel, both physically and electronically, from the office to home and possibly other off-site locations. According to a February 2016 Ponemon
Institute study of 588 U.S. IT and security professionals, 67 percent of those surveyed reported that it was certain or likely that an employee’s mobile access to confidential corporate data had resulted in a data breach. Unfortunately, only 41 percent of respondents said their companies had policies for accessing corporate data from mobile devices.
More than half of security breaches occur when devices are lost or stolen. That puts all of the personal and corporate data stored on the device, as well as access to corporate data on remote servers, at risk. Physical access to mobile devices may be a greater threat than hacking into a network because less effort is required to gain entry. Experienced attackers
can easily circumvent passwords or locks on mobile devices or access encrypted data. Moreover, many smartphone users leave their phones totally unprotected to begin with or fail to keep the security features of their devices up-to-date. In the Websense and the Ponemon Institute’s Global Study on Mobility Risks, 59 percent of respondents reported that
employees circumvented or disabled security features such as passwords and key locks.
Another worry today is large-scale data leakage caused by use of cloud computing services. Employees are increasingly using public cloud services such as Google Drive or Dropbox for file sharing and collaboration. Valiant Entertainment, Cenoric Projects, Vita Coco, and BCBGMAXAZRIAGROUP are among the companies allowing employees and freelance
contractors to use Dropbox for Business to post and share files. There are also many instances where employees are using Dropbox to store and exchange files without their employers’ approval. In early 2015 Dropbox had to patch a security flaw that allowed cyberattackers to steal new information uploaded to accounts through compromised third-party apps that
work with Dropbox services on Android devices. There’s very little a company can do to prevent employees who are allowed to use their smartphones from downloading corporate data so they can work on those data remotely.
Text messaging and other mobile messaging technologies are being used to deliver all kinds of scam campaigns, such as adult content and rogue pharmacy, phishing, and banking scams, and text messages have been a propagation medium for Trojan horses and worms. A malicious source is now able to send a text message that will open in a mobile browser by
default, which can be readily utilized to exploit the recipient.
To date, deliberate hacker attacks on mobile devices have been limited in scope and impact, but this situation is worsening. Android is now the world’s most popular operating system for mobile devices with 81 percent of the global market, and most mobile malware is targeted at the Android platform. When corporate and personal data are stored on the same
device, mobile malware unknowingly installed by the user could find its way onto the corporate network.
Apple uses a closed “walled garden” model for managing its apps and reviews each one before releasing it on its App Store. Android application security has been weaker than that for Apple devices, but it is improving. Android application security uses sandboxing, which confines apps, minimizing their ability to affect one another or manipulate device features
without user permission. Google removes any apps that break its rules against malicious activity from Google Play, its digital distribution platform that serves as the official app store for the Android operating system. Google also vets the backgrounds of developers. Recent Android security enhancements include assigning varying levels of trust to each app,
dictating what kind of data an app can access inside its confined domain, and providing a more robust way to store cryptographic credentials used to access sensitive information and resources.
Google Play now provides security scanning of all applications before they are available to download, ongoing security checks for as long as the application is available, and a Verify Apps service for mobile device protection for apps installed outside of Google Play. However, these Android improvements are largely only for people who use a phone or tablet
running a newer version of Android and restrict their app downloads to Google’s own Play store.
Companies need to develop mobile security strategies that strike the right balance between improving worker productivity and effective information security. Aetna’s Chief Security Officer (CSO) Jim Routh says there is a certain minimum level of mobile security he requires regardless of whether a device is company- or personally owned. Aetna has about 6,000
users equipped with mobile devices that are either personally owned or issued by the company. Each device has mandatory protection that provides an encrypted channel to use in unsecured Wi-Fi networks and alerts the user and the company if a malicious app is about to be installed on the device.
Colin Minihan, director of security and best practices at VMWare AirWatch, believes that understanding users and their needs helps a mobile security strategy progress further. VmAirWatch categorizes similar groups of users and devises a specific plan of action for each group, choosing the right tools for the job.
According to Patrick Hevesi, Nordstrom’s former director of security, if users need access to critical corporate data that must be protected, the firm should probably allow only fully managed, fully controlled, approved types of devices. Users who only want mobile tools for e-mail and contacts can more easily bring their own devices. The key questions to ask are
called the “three Ws”: Who needs access? What do they need to access? What is the security posture of the device?
Sources: Michael Heller, “Mobile Security Strategy Matures with BYOD,” and Kathleen Richards, “CISOs Battle to Control Mobile Risk in the Workplace,” Information Security Magazine, June 1, 2016; Nathan Olivarez-Giles, “Android’s Security Improves—for the Few,” Wall Street Journal, April 21, 2016; Ponemon Institute, “The Economic Risk of Confidential Data on
Mobile Devices in the Workplace,” February, 2016; McAfee Inc., “Mobile Threat Report: What’s on the Horizon for 2016,” 2016; Charlie Osborne, “Dropbox Patches Android Security Flaw,” Zero Day, March 11, 2015; Edel Creely, “5 BYOD Security Implications and How to Overcome Them,” Trilogy Technologies, May 26, 2015; Tony Kontzer, “Most of Your Mobile Apps
Have Been Hacked,” Baseline, January 16, 2015; and Ponemon Institute, Global Study on Mobility Risks (February 2012).
Case Study Questions
- It has been said that a smartphone is a computer in your hand. Discuss the security implications of this statement.
- What kinds of security problems do mobile computing devices pose?
- What management, organizational, and technology issues must be addressed by smartphone security?
- What steps can individuals and businesses take to make their smartphones more secure?
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. 20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. 30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. 40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. 50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. Use of Sources (worth a maximum of 20% of the total points). Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. 5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. 10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. 15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. 20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. 5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors 10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors 15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. 20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper. 3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. 5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper 7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. 10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper.
GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!!
Tired of getting an average grade in all your school assignments, projects, essays, and homework? Try us today for all your academic schoolwork needs. We are among the most trusted and recognized professional writing services in the market.
We provide unique, original and plagiarism-free high quality academic, homework, assignments and essay submissions for all our clients. At our company, we capitalize on producing A+ Grades for all our clients and also ensure that you have smooth academic progress in all your school term and semesters.
High-quality academic submissions, A 100% plagiarism-free submission, Meet even the most urgent deadlines, Provide our services to you at the most competitive rates in the market, Give you free revisions until you meet your desired grades and Provide you with 24/7 customer support service via calls or live chats.