Reference no: EM132371952

Assignment - Mobile Policy Design (Teams of two) or Short Research Question

Option 1 -Team Assessment Groups of two.

Option 2 –Individual Work.

Introduction

You and colleague share the role IT Manager/CIO/CISO of an organisation of your choice. You are required to design the organisation’s mobility policy present the report the company’s CEO.

The primary goal of the policy is end user enablement; at the same time, the policy must also be enforceable, manageable, user friendly (hence adoption and compliance), and secure.

Minimum Requirement

You must

1. Define which company/organisation you are working form, real or fictitious are both acceptable. (Lockheed Martin/ Frank Underwood 2019 Campaign Team/SPECTRE/ABC Hospital/ Meadowbank TAFE/ The Anonymous /NSA/ Jiro’s Sushi Train etc.)

2. Describe the organisation’s nature (Defence, NFP, Government, Underground Revolutionaries, Finance, School etc.) and unique policy and/or security challenges. Minimum Users in your Organisation – 25

3. Define Mobility Use Case such as:

a. Sushi Ordering Kiosk

b. Mercedes-Benz Configurator Kiosk

c. Westpac Branch Mobile Concierge

d. Manual Delivery System for Pilots on A350s for QANTAS

e. Peer-to-Peer/ Spoke-and-Hub duress button

f. Emergency Communication for your Underground Anti-Government Movement

g. Augmented Reality Zombie Shooting Game

h. Any other creative uses; note that most organisations will have multiple use cases for their devices

4. Define your likely opponent(s):

a. Typical Opponent Profiles

b. Likely attack vector

c. Mode of operations

5. Detail the policy itself, and explain your rationale. You may want to consider:

a. Is BYOD Allowed?

b. Physical Security

c. Do you have a standardised device type, what happened when they are end-of-life?

d. Minimum OS Requirement

e. Lost and Stolen Policy, Device Pool Replenishment

f. Are users allowed to install their personal apps?

g. Are personal use allowed? Limits on personal use? Can the organisation wipe personal data?

h. Device passcode requirement/ Encryption requirement

i. Is SD Cards on devices allowed

j. Periodic Wipe?

k. Compromise Device Policy (i.e. what would you constitute a compromised device that is consider unsafe?)

l. Must the user bring their device to work? What if they didn’t?

m. Can the organisation track the owner’s location? Do we tell them they are being tracked?

n. Etc.

Assignment Format

Minimum Deliverables

Please consider all of the following areas:

• Policy

• Standard

• Baseline

• Guideline

• Draw the procedure/process of ONE of the following using Cross-Functional Flow Chart1:

o Lost or Stolen

o Security Breach

o New Device/Breach

o Device Troubleshooting

o App Troubleshooting

o New Device Procurement/Provisioning

o Any other relevant procedure/process

Option 2

Part A –

A1. A Windows 10 laptop with information on Trump Tower was stolen from the Secret Service on 17 March 2019. The laptop is MDM Enrolled, the laptop is reported last seen 10:10am on the MDM Console, the same day. A device wipe command was issued on 10:30am, 17 March 2019 but execution cannot be validated. List 2 possible causes.

A2. Apps from the Apple App store requires "signing" prior to being published. Explain how app signing improves the security of iOS devices and the Apple Ecosystem.

Part B –

B1. A Windows 10 laptop with information on Trump Tower was stolen from the Secret Service on 17 March 2019. After investigation, it is determined that it was the doing of a 17-year-old opportunistic thief. What are the possible motive from this opportunistic thief? Discuss how an MDM solution, if utilised, would help secure the information in the laptop.

B2. What is an OS Kernel? What function does a Kernel provide? What three main types of kernels are there?

Part C

Scenario

Chuck is the sole owner of Norris Sushi. Like most sushi trains, customers may either get the sushi from the train/belt, or order special sushi (and drinks) with a waitperson.

Chuck, being multitalented, developed a Sushi ordering app for Android, created the database and infrastructures required to support the app overnight. The use case is that customer should be able to order sushi wirelessly without needing a waitperson. Chuck decided that he will select his devices based primarily on price, and decided on an unknown brand of 8" Intel Atom based Android tablet sold at Officeworks for $39 each. These devices do not have a SIM-slot.

Chuck also ordered 25 custom-made bacteria-proofed case mount specifically designed for the device to be permanently mounted at each table. Devices are not physically locked, but dismounting a device requires superhuman strength and is sufficient to discourage thieves. Once the device is mounted, users will not have access to buttons (soft and hard) on the devices.

Question:

a) Explain how an MDM system would help Chuck to manage his fleet of devices.

b) List the MDM Profiles and other settings/configurations/etc. to be pushed that Chuck will likely need for the successful management of the devices.

c) Before a device can be managed by an MDM, a device will needed to be enrolled into the MDM. Describe the enrolment process.

d) Upon enrolment to MDM, the MDM server rejects the devices straight away, explain likely cause.

e) Chuck managed to negotiate with Officeworks to replace the budget devices with solid gold iPads for free:

• Device mount has been redesigned and now has a locking mechanism. Chuck is the sole person who owns
the key to the new device mount,

• Chuck’s son, Mike, is responsible for MDM administration, and

• A waitperson is responsible for enrolling new devices.

Using a cross functional flowchart, design a new device provisioning process to provision these new iPads.

Part D –

1. Which of the following is not a valid reason to disable cellular data networking?

You have a limited amount of data in your monthly plan.
You have access to a reliable WiFi signal.
You are about to download an update to your phone.
Your phone calls are going out over your carrier's cellular network.

2. Which of the following allows other mobile devices to share your mobile device's Internet connection?

Internet pass-through
Wi Fi+ tethering
Locator application
IMAP

3. Which of the following built-in components is used by location services to find a lost mobile device?

Gyroscope
Accelerometer
Global positioning system
Magnetometer

4. Your organization is concerned about a scenario where a mobile device with confidential data is stolen. What should you recommend first?

Remote wipe program
Remote backup application
Passcode locks
Locator application

5. Many, but not all tablet device security policies mirror those used to lock down smartphones. Which of the following best practices for managing mobile devices will not work with tablets?

Considering self-protecting applications that keep business and personal data separate.
Using mobile device management software.
Using Short Message Service (SMS) texting for enrollment, remote lock and wipe, or antivirus update practices.
None of the above

6. For which of the following areas of mobile device management are an MDM system out-of-the-box features least likely to need modification?

Wireless LAN infrastructure.
Event monitoring.
Authentication.
None of the above

Part E –

1. Explain Full Form Of The Various Extensions?

Apk
Exe
IPA
Prc
Jad
Adb
Aapt

2. What are the advantages and disadvantages of rooting a mobile device?