DhrumilAnandjiwalaStudentId: 2832658Lab09 LabAssignment #9USE CASE #1Organizations globally are adopting the concept of BYOD (Bring Your OwnDevice).
enabling users to compute using cloud technologies and use Web-basedtools including social media sites as a way to do business, share knowledge,conduct training, and communicate. Many of these organizations are mandatingthat you either install software on your device to protect their interest ornot access these systems at all. The software captures every action taken toensure the enterprise backbone (be it the school or corporation) is safe. Two Questions • If you are theowner of a device (i.e. iPhone, iPad, Laptop etc) or even work remotely usingyour own telecommunications provider (i.
e. high speed Internet) to conduct yourwork, do you think that it is appropriate to put restrictions on the user? Whyor why not? o Now days every company or organization areproviding Device (I.e : iPhone, iPad,Laptop) to their employee just becauseof company security. If the company willgive permission to every employee to use their own device for company work socompany have to tell every employee to install company software for to securecompany policy and privacy. Even they have to put few restrictions to ownerdevice, because the company data will stay secure. If the owner is using theirown device and telecommunications (speed internet) so it might have get databreach chances. For remotely workcompany is providing VPN(Virtual Private Network) access to every employee. Ifowner want to work by their own communication provider they can work but companywill restrict to their device.
Somehow owner cannot use everything form companydata, in his or her own telecommunications network. o BYOD isn’t all wine and roses, however. Thereare a few issues to consider also.
By grasping BYOD, associations lose asignificant part of the control over the IT equipment and how it is utilized. Organizationissued IT commonly accompanies an adequate utilize approach, and it is ensuredby organization issued security that is overseen and refreshed by the IToffice. It is somewhat trickier telling a worker what is or isn’t, an”adequate use” of their own devices. Ensure you have a clearlycharacterized arrangement for BYOD that layout the guidelines of engagement andstates in advance what the desires are. You should likewise lay out leastsecurity requirements, or even order organization authorized security tools asa condition for enabling individual devices to associate with organization dataand system assets. • What do you thinkis the happy medium? Should the organization also control and own the data – oris it the device owner who owns the data and responsible for securing thatdata?o From my point of view I think both areresponsible for the secure company data.
If company is providing device totheir employee then they ensure that company employee will not miss use data. Companyhas to secure their data by their own. Employee also has to secure companydata. It is owner responsibility that he or she whenever they use company dataor device in their own telecommunicates network data and device will not breachor steal.o Company or Organization also require installantivirus software on owner’s own device, to provide technical support to theemployee on their own device, when they use for company purpose and in place aBYOD accept use policy provide guidance to owner to how they can use their owndevice while working with company and personal data. Company also has to monitorwhile BYOD policy apply. They have to ensure and track the device to secure thecompany data.
Monitoring like cloud, record location of the personal device,also monitoring network traffic.o After all of this company is responsible for thesecurity of company data and data protection is require careless of theownership of the device and there for need to responsible with BYOD USE CASE #2 Schools and trainingorganizations constantly push for the use of social media as a learning agent.Yet, social media is often considered the “wild west”. The “wild west” includesaccess to downloads that can be virus prone, links that take you to spam-likecontent and/or opt-in list, or systems that can compromise not only computersecurity but the server which is controlling Internet traffic. One Question• What kind ofpolicies would you implement to ensure people in your organization are safe inthe world of social media, and that organizational infrastructure is notcompromised by a social media security breach?o Social media offer advantage and disadvantage tocompany and organizations, but companies have to make secure policy because ithas common security risk. But many of company or organization are not sure thathow to make social media policy. Many of company or organization simply bannedsocial media use or have no policy on use of social media. Both of theseapproaches are not safe.
If company or organization that do not adopt socialmedia fail to significant benefits and disadvantage to their competitors and theyallow without any social media policy they security threats issue. To avoidsecurity breach organization has to moderate through appropriate and consistentend-user practices. They also have to arrange good security awareness programand apply organizational security policies.
o Security policies must reflect current advancesand business forms. But all policy istoothless without compelling requirements. Even company employee has to strictlyfollow that policy. They reluctantly acknowledge this conduct, knowingregardless that there is little they can do to counteract it. Organization or companyhave to create new set tool that tool will suited with modern businessenvironment of social media and mobile both always have to connected with thatapplication.