Reference no: EM133499417
Question: A Further Education college has recently fallen victim to a cyber security related incident. This happened after a student connected their laptop to the college network using a cable and was allocated an IP address. In doing so, it allowed the accidental transfer of a virus from the laptop to the college system, which led to the IT infrastructure being compromised. This has prompted the IT manager to carry out a full review of all their systems.
a.Outline three steps that could have been taken to prevent the laptop from accessing the college network.
b.The college currently uses an 'ad-hoc' wi-fi system to let students connect to the Internet, however this incident has prompted management into implementing a strict Bring Your Own Device (BYOD) policy throughout the whole college.
i.What advice would you give to the college when starting out on the development of their BYOD policy? In your answer, you should consider advice on acceptable use, the goal of the policy as well as technical considerations.
ii.The National Cyber Security Centre (NCSC) comment that when implementing BYOD, organisations need to consider 'what would happen if the services you intend to expose were compromised and the business impact it would cause' (NCSC, 2021).
Whilst considering the context of the college and their BYOD implementation, access the NCSC Device Security Guidance page
Identify and briefly describe four risks that you think the college should be taking into account in their BYOD implementation.