Step 15 Plan for the IRP Implementation

profilejay662
Project1UpdatetheMDMPolicyFrameworkUR.docx

An Update to the MDM Policy Framework

Urie L. Reed

MDM Policy Framework

Dr. Roger Ward

CMP 640 Cyber Security Program Development

University of Maryland Global Campus

An Update to the MDM Policy Framework

Evaluation is an important aspect on mobile device management because it helps in determining the effectiveness and drawbacks of the existing policy. Cyber security threat keeps changing and there is need to ensure that the organization is using an updated policy guideline that ensure maximum security for the mobile devices being used. The best way of evaluating the effectiveness of MDM policy is running penetration test which will provide all the vulnerabilities associated with the application of mobile devices (Angelis, Kanavos, & Phillips, 2020).

To have a proper update for the MDM policies it is important to identify all the current vulnerabilities associated to the use of mobile devices within the organization by the use of penetration test which will provide an overview of all the vulnerabilities. After the understanding of the possible vulnerabilities it is important to identify all the possible attacks that can take advantage of the existing vulnerabilities. The third step is to evaluate the current strategies being used by the organization to prevent the attack on the system of the organization by use of mobile devices being used by the employees.

The potential threat that are not covered by the current policy need to be included in the update to the current MDM so that they policy can be effective and protect the entire system from hacking which secures all the transactions. To secure the transactions of the organization it is important to have strong security measures that include training all employees on secure operations of mobile devices with the aim of minimizing human errors when operating mobile devices that can result in hackers accessing the transactions history stored in the mobile devices (Yamin, & Katt, 2019, January). There is need for implementation of cloud security which ensures that the data that is stored through cloud computing is safe. Additionally, having a backup is essential because it helps the organization to have data in case the mobile device is stolen or its operating system corrupted. It is important to have transaction information because it helps when making different decisions.

Password manager need to be implemented and applied effectively to all mobile devices to ensure that only authorized individuals are the ones who uses the mobile devices. Control access policy is important because it limits the number of individuals accessing the mobile devices hence reducing cyber security risks. The password used should be strong so that it cannot be used in case of theft of mobile devices that are being used by the organization.

There is also need for the organization to set aside a room where all the mobile devices that are not under use should be stored. The selected room should be secure and ensure physical access is controlled only to limited individuals who are allowed to access the room.

Application of chain of custody will help in ensuring that the tracking of evidence on the mobile device is effective and any theft or hacking detected, evaluated and reported for effective measures to be taken. The organization need to train all employees to understand the steps followed during chain of custody to ensure that employees are aware on effective ways of ensuring the surety of mobile devices. It is essential to have guidelines and standards that stipulates Collection techniques, preservation, packaging, transportation, storage and creation of the inventory list are all part of the process used in establishing the chain of custody.

The expected response from the board will be based on the cost of implementing MDM update framework. The main objective of the board is to ensure that effective strategies that are cost friendly are implemented because the main objective of the business is profit maximization and minimizing the cost is the best way of ensuring that profit is maximized.

References

Angelis, A., Kanavos, P., & Phillips, L. D. (2020). ICER value framework 2020 update: recommendations on the aggregation of benefits and contextual considerations. Value in Health, 23(8), 1040- 1048.

Yamin, M. M., & Katt, B. (2019, January). Mobile device management (MDM) technologies, issues and challenges. In Proceedings of the 3rd International Conference on Cryptography, Security and Privacy (pp. 143-147).