Mobile Device Management Policy

Mobile Device Management Policy

Step 1: Prepare a Scope of Work Overview

As a recent Graduate, Master’s in Cybersecurity program, you have received a well-deserved promotion to chief information security officer (CISO) at the global financial institution where you work. The role is new for you and the company. It reports directly to the chief information officer (CIO), which for the purposes of this course, is the instructor. Much of what you will be doing in the next couple of months is centered around the policy aspects of the bank.

The CIO has lobbied for your role to be created as a result of four concerns that will require your expertise and focus. In general, you are told you will be addressing the following four projects:

  • Mobile Device Management (MDM)
  • Identity Theft
  • Digital Currency
  • Enterprise Policy

Now that you have an idea of the tasks ahead, the first project will be developing recommendations for mobile device management, which will include written comments and a presentation for the company’s leadership. This is the first of four sequential projects in this course and should be completed in about two weeks. There are 11 steps to complete in Project 1. Contact the CIO (your instructor) with any questions. Proceed to Step 1 to begin.

 

Since the CEO has agreed for you to update the company’s mobile device management (MDM) Policy, the CIO has requested you first provide a scope of work to determine the level of effort that your team will face.

Prepare an overview of the scope of work by posting a brief paragraph (three to five sentences) explaining the approach and deliverable for this project with a few bullet points that address general financial industry concerns with cybersecurity and MDM.

Post the overview to the scope of work discussion for feedback. Afterward, move to the next step, in which you will consider critical infrastructure and how it will affect compliance.

 

Step 2: Research Critical Infrastructure Concerns

After defining the scope of work, you are ready to begin updating the MDM policy. In order to determine the effectiveness of the current policy, research what critical infrastructure protection concerns affect compliance.

Consider the following list to guide your research:

  • impact of cyberattacks on critical infrastructure as defined by the Patriot Act of 2001
  • technologies used in critical infrastructure cyberattacks
  • cybersecurity defense principles that should be used to counter these cyberattacks
  • cybersecurity policy framework that should be employed to minimize the opportunity for a successful critical infrastructure cyberattack

Document the findings since they will be used in upcoming steps. In the next step, you will itemize those concerns.

Step 3: Itemize Critical Infrastructure Concerns

Using notes taken from the completed research in the last step, itemize the findings in a table or spreadsheet titled Crucial Concerns Worksheet that assesses:

  • The impact of cyberattacks on critical infrastructure as initiated by the Patriot Act of 2001 and later refined by the Department of Homeland Security (DHS).
  • The technologies used in critical infrastructure cyberattacks. Especially consider which and how technologies may exploit mobile device vulnerabilities.
  • Cybersecurity defense principles should be used to counter these cyberattacks.

This itemized list of critical infrastructure concerns will be expanded to include an evaluation of cyber-physical systems in the next step so that you can later align critical concerns to MDM policy. It will also be included as an appendix to the updated MDM policy presentation for the board of directors. Submit the Crucial Concerns Worksheet for feedback.

Step 4: Evaluate Cyber-Physical Systems (CPS) and Internet of Things (IoT)

In this phase of the project, you will evaluate cyber-physical systems (CPS) and the internet of things (IoT) to build upon the critical infrastructure concerns itemized in the previous step.

Assuming that you have addressed most of the concerns related to MDM from a policy perspective, begin an itemized list of potential countermeasures. In recognition of on-the-job training, education, and research conducted here, continue to expand the worksheet by specifically addressing issues relating to cyber-physical systems and the internet of things.

Briefly evaluate cybersecurity hardware, software, and network technological components of cyber-physical systems and the policy issues that they require. Also consider Wi-Fi and Bluetooth technologies and the policy issues they require.

Add this evaluation to the Crucial Concerns Worksheet completed in the previous step. This worksheet will be used to align to MDM policy later in the project and will be included as an appendix to the updated MDM policy presentation for the board of directors, and will be assessed as part of the final Project. Name the files Appendix 1, Appendix 2, etc. Submit the updated table or spreadsheet for feedback.

Step 5: Document Policy Impact

Now that you have listed crucial concerns surrounding critical infrastructure, cyber-physical systems, and the internet of things, in this step, you will report on policy impact.

Specifically consider:

  • the impact, if any, on the critical infrastructure of the company’s mobile device management policies
  • policy or compliance initiatives that can address these concerns.
  • a recommended cybersecurity policy framework that when deployed would minimize the opportunity for a successful critical infrastructure cyberattack

Compile your ideas in a report titled Policy Alignment. Create a section in your report titled Policy Impact to document your ideas. This report will also be included as an appendix to the updated MDM policy presentation for the board of directors. You will add to this report in the next step.

Step 6: Describe Policy Issues Related to Cyber-Physical Systems and Internet of Things (IoT)

Continue to build the Policy Alignment report from the previous step. Now that policy impact has been considered, you will examine policy issues related to cyber-physical systems (CPS) and the internet of things (IoT).

Create two sections in the Policy Alignment report. The first section will be titled Policy Issues Related to Cyber-Physical Systems. In this section of the report, describe enterprise, national, and international cybersecurity policy issues that arise due to the deployment of cyber-physical systems. In the second section, titled Policy Issues Related to IoT, describe enterprise, national, and international cybersecurity policy issues that arise due to the effect of the internet of things.

This report will also be included as an appendix to the updated MDM policy presentation for the board of directors. You will add to this report in the next step.

Step 7: Analyze Current Technology Developments

After documenting policy impact on critical infrastructure and describing policy issues related to cyber-physical systems and the internet of things in the previous steps, move the focus to current technology developments relevant to mobile device management such as mobile payments and bring your own device (BYOD).

As the CISO of a global financial institution, analyze how such developments affect cybersecurity management and policy at the enterprise, national, and international levels. Also consider relevant technological development topics that may affect policy, such as mobile device privacy concerns. Document your findings in the final section of the Policy Alignment Report. This report will be included as an appendix to the updated MDM policy presentation for the board of directors. Submit the Policy Alignment Report for feedback, and will be assessed as part of the final Project. Name the files Appendix 1, Appendix 2, etc.

Step 8: Complete the Evaluating Cyber Policy eLearning Module

After creating a list of crucial concerns and documenting issues of policy alignment, you are ready to evaluate the current MDM policy. Complete the Evaluating Cyber Policy eLearning Module for guidance on developing a course of action or strategy for updating the current MDM policy for the organization. Document noteworthy concepts, steps, or strategies that will help update the MDM policy in later steps.

In the next step, you will consider any chain of custody impacts to the policy.

Step 9: Address Chain of Custody

After reviewing the process of evaluating cyber policy in the previous step, you are nearly ready to update the MDM policy. Keeping in mind the demands should a breach occur, address two primary aspects of this concern:

  • mobile device risk reduction (management of mobile device risk) from the employee/consultant perspective
  • highlighting the portion of your policies that addresses the “chain of custody” requirements if an investigation is required

Document your thoughts to be included in the updated MDM policy framework in the next step.

Step 10: Update the MDM Policy Framework

You are finally ready to update the MDM policy framework. Develop final written comments for presentation at the next standards body meeting. Include any perspectives on evaluation strategy and chain of custody from the previous two steps. These comments should be between two and three pages, and should include a paragraph on your thoughts about how your comments will be received and whether or not they will have an impact on the regulations/standards, etc. Submit the MDM policy framework for feedback. This framework will serve as the basis for your presentation, and will be assessed as part of the final Project. Name the files Appendix 1, Appendix 2, etc.

Step 11: Submit the MDM Policy Presentation

The final phase of the project is to deliver a presentation on the MDM findings and policy recommendations to management that summarizes the results. This will include an update to the Policy Framework from the previous step according to received feedback. You are allotted 15 minutes for the presentation.

Refer to the MDM Policy Presentation Instructions for detailed requirements. Submit the MDM Policy Presentation.

MDM Policy Presentation Instructions

Assignment: MDM Policy Presentation

After reviewing your supporting documents, the CEO has asked you to prepare a high-level mobile device management policy presentation based on these documents. The presentation should be about 15 minutes in length. It should highlight how you arrived at your conclusions and why you made these specific recommendations based upon the organizational needs.

Note: This presentation should incorporate key points from the three deliverables that you completed in this project. Those deliverables should be submitted as supporting documents separate from the presentation. You will submit four files in total.

The presentation to management should include the following elements:

  • Title Slide
    • Include:
      • client (person and/or organization)
      • title
      • date prepared
      • provider (person and/or organization who prepared/is presenting)
  • Agenda
  • Overview (introduction and purpose)
  • Scope of Work (discussion board posting: Step 1)
    • should include modifications made from feedback received
  • Crucial MDM Concerns (from Step 2)
    • Determine the effectiveness of current policies by:
      • researching the critical infrastructure concerns (include in appendix of presentation) that affect compliance
      • itemizing findings
      • evaluating cyber-physical systems
  • Policy Alignment (from Steps 5-7)
    • Should include how policy alignment impacts crucial concerns and issues affecting critical infrastructure and cyber-physical systems and consider:
      • MDM
      • initiatives that can address concerns
      • recommendation for framework deployment to minimize opportunities of attacks
      • potential global effects
      • ongoing and evolving technological advancements
  • MDM Policy Framework (from Steps 8-10)
    • Should include:
      • action plan to update current MDM policy with strategies, steps, or concepts
      • potential breach chain of custody to address mobile device risk reduction of individuals and demonstration of policy requirements

When you are finished, submit the 15-minute MDM Policy Presentation, along with the following appendices, which are the assignments you completed during Project 1:

  • Appendix A: Crucial Concerns Worksheet (Step 2)
  • Appendix B: Policy Alignment Report (Steps 5-7)
  • Appendix C: Comments on the MDM Policy Framework (Steps 8-10)

 

 

 

 

Mobile Device Management Policy

Create an order via https://peakassignments.com/order if you need work on such topic and many more from different disciplines.

 

"Order a similar paper and get 100% plagiarism free, professional written paper now!"

Order Now