Mobile Device Management Policy
As the chief information security officer for one of the largest global financial institutions, you are part of the company’s weekly executive meetings.
This week, the CEO starts the discussion with a statement: “I am constantly impressed with the stuff I can do on my cell phone and tablet. It’s amazing!…I am completely connected to all aspects of the business, as well as the outside world.”
After a brief pause, he continues: “And that’s what causes me concern. Some of the questions that occur to me are: Where are these devices made? What do we know about the security of these devices? Are we confident that our information is protected when we can so easily connect to the company’s information?”
“Why, just the other day on my flight, I read a magazine story about a computer chip that is intentionally built to spy on users. Well, how do we know this chip isn’t in any devices that our employees use? Do we have a specific policy in place on access? Well, if not, we need to develop one, fast.”
You realize that the CEO’s concerns extend beyond the possible issues with mobile technologies so you make the note to update policies on incident management & emerging technologies. Then, while the idea is fresh on your mind, you start to outline the scope of work.
As the CEO asks for input at the close of the meeting, you propose a series of four projects for your team:
1- An updated Mobile Device Management Policy to address his immediate concern,
2- An Identity Theft Response Plan to address a “worst-case scenario” event,
3- A Digital Currency Applicability report to address the viability of using blockchain technology, and
4- An Enterprise Cyber Program presentation to the board of directors to explain how your organization addresses cybersecurity issue.
The CEO agrees and asks that you begin with the presentation on the updated Mobile Device Management Policy in the executive meeting scheduled two weeks from today.
As a recent graduate of the UMGC Master’s in Cybersecurity program, you have received a well-deserved promotion to chief information security officer (CISO) at the global financial institution where you work. The role is new for you and the company. It reports directly to the chief information officer (CIO), which for the purposes of this course, is the instructor. Much of what you will be doing in the next couple of months is centered around the policy aspects of the bank.
The CIO has lobbied for your role to be created as a result of four concerns that will require your expertise and focus. In general, you are told you will be addressing the following four projects:
Mobile Device Management (MDM)
Now that you have an idea of the tasks ahead, the first project will be developing recommendations for mobile device management, which will include written comments and a presentation for the company’s leadership. This is the first of four sequential projects in this course and should be completed in about two weeks. There are 11 steps to complete in Project 1. Contact the CIO (your instructor) with any questions. Proceed to Step 1 to begin.
Step 1: Prepare a Scope of Work Overview
Since the CEO has agreed for you to update the company’s mobile device management (MDM) Policy, the CIO has requested you first provide a scope of work to determine the level of effort that your team will face.
Prepare an overview of the scope of work by posting a brief paragraph (three to five sentences) explaining the approach and deliverable for this project with a few bullet points that address general financial industry concerns with cybersecurity and MDM.
Post the overview to the scope of work discussion for feedback. Afterward, move to the next step, in which you will consider critical infrastructure and how it will affect compliance.
Step 2: Research Critical Infrastructure Concerns
After defining the scope of work, you are ready to begin updating the MDM policy. In order to determine the effectiveness of the current policy, research what critical infrastructure protection concerns affect compliance.
Consider the following list to guide your research:
impact of cyberattacks on critical infrastructure as defined by the Patriot Act of 2001
technologies used in critical infrastructure cyberattacks
cybersecurity defense principles that should be used to counter these cyberattacks
cybersecurity policy framework that should be employed to minimize the opportunity for a successful critical infrastructure cyberattack
Document the findings since they will be used in upcoming steps. In the next step, you will itemize those concerns.
Step 3: Itemize Critical Infrastructure Concerns
Using notes taken from the completed research in the last step, itemize the findings in a table or spreadsheet titled Crucial Concerns Worksheet that assesses:
The impact of cyberattacks on critical infrastructure as initiated by the Patriot Act of 2001 and later refined by the Department of Homeland Security (DHS).
The technologies used in critical infrastructure cyberattacks. Especially consider which and how technologies may exploit mobile device vulnerabilities.
Cybersecurity defense principles should be used to counter these cyberattacks.
This itemized list of critical infrastructure concerns will be expanded to include an evaluation of cyber-physical systems in the next step so that you can later align critical concerns to MDM policy. It will also be included as an appendix to the updated MDM policy presentation for the board of directors. Submit the Crucial Concerns Worksheet for feedback.
In the next step, cyber-physical systems and the Internet of things will be considered and evaluated for the MDM policy presentation.
We are a professional custom writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework.
Yes. We have posted over our previous orders to display our experience. Since we have done this question before, we can also do it for you. To make sure we do it perfectly, please fill our Order Form. Filling the order form correctly will assist our team in referencing, specifications and future communication.
2. Fill in your paper’s requirements in the "PAPER INFORMATION" section and click “PRICE CALCULATION” at the bottom to calculate your order price.
3. Fill in your paper’s academic level, deadline and the required number of pages from the drop-down menus.
4. Click “FINAL STEP” to enter your registration details and get an account with us for record keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
5. From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.