You can download the solution Decision Types – Assignment Collaboration With Google Drive for free. For further assistance in Information Technology Assignments please check our offerings in Information Technology assignment solutions. Our subject-matter experts provide online assignment help to Information Technology students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.
(ExpertAssignmentHelp does not recommend anyone to use this sample as their own work.)
You are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the university is facing. Your tasks are the following:
∙ Task 1: the university is currently using a password based authentication system to control the user access to the university's information system. However, the
Bring Your Own Device (BYOD) policy recently implemented by the university
has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university’s information system.
∙ Task 2: After the assessing the risk from the BYOD policy, you suggest the university to replace the current password-based authentication scheme with a
Certificate-Based Authentication. To justify your suggestion, write a technical
report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case
by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.
∙ Task 3: You have identify Spamming is among the top cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to develop
Task 1 – BYOD risk assessment
Critical components of University's information system
The information systems are being used in the university to integrate multiple operations going on in different departments. Information system of the university provides information about education, research, education capabilities, and scientific cooperation offers. The need for incorporation of information systems arises from increased requirement of data to be accessed throughout the university and its departments. The university is currently using the password-based authentication system for controlling the access of the users to the information systems of the university, which is a high security initiative. However, introduction of Bring Your Own Device (BYOD) policy has raised a few concerns, which will be discussed in the next section. The critical assets of the IT system of the university are its administrative systems, documents related to course evaluation, research and development, patenting and introduction of new courses and technology, customer sales information, proprietary software, human resource information and corporate financial data (Kudrass, 2018).
Threats associated with BYOD policy
The following are the risks associated with the BYOD policy:
Data leakage: Disclosure or leakage of the data of the university can occur from an unrecognized or unsecured device.
Local exposure: Loss of visibility and control of the university data which are being processed, stored and transmitted.
Loss of data: Theft of a device or physical loss (EYGM Limited, 2013)
Insecure usage: Any third party can use the BYOD, such as the family members or friends of the employees.
Public exposure: BYOD policy increases the susceptibility of data to eavesdropping and man-in-the-middle attacks through Wi-Fi hotspots, Bluetooth and others.
No password protection: Many users don't protect their devices using passwords or choose very simple passwords which are easily breached.
Mobile app breach: There are a number of applications developed by hackers, which can easily corrupt the software of the device, and access or hack the private information present within the device (EYGM Limited, 2013).