The increasing prevalence of using portable technologies such as, laptops, BYODs, and
removable media has created some very real and challenging security risks.
As a recently hired junior member of the IT department for Acme Inc., You have been assigned
the task of developing a revision to the existing security policy. The purpose of this revision is to
identify and mitigate risks associated with laptops, BYODs, and removable media.
a. A section titled RISK ASSESSMENT
i. Under risk assessment, three bulleted categories; one for laptops, one for
smart phones, one for removable media.
ii. Under each category include a paragraph that describes the potential
threats and risks that the corporation may be exposed to through the use of
each particular technology.
Example; what happens if a laptop is lost or stolen?
b. A section titled Risk Mitigation and Acceptance
i. Under risk mitigation and acceptance, three bulleted categories; one for
laptops, one for smart phones, and one for removable media.
ii. Under each category include a paragraph that describes the measures that
should be taken to mitigate the determined risks, or else a statement to the
effect that the risk cannot be managed, in which case the company must
decide on whether or not to accept the risk.
Note: It is very important that company stakeholders are informed of all
risks, especially those for which there are no effective countermeasures,
so that they can either accept the risk or choose not to use the
Example; what feature is included in Windows Vista ultimate that will
protect information on the hard drive if the laptop is lost or stolen?, what
feature is included in Windows exchange server that can protect
information in a smart phone that is lost or stolen,? What feature is
included in Windows Vista or XP service pack three that can prevent the
unauthorized use of removable media?
c. A section titled Policy Implementation
i. Under policy implementation and enforcement, three bulleted categories;
one for laptops, one for smart phones, and one for removable media.
ii. Under each category include a paragraph that describes the policies you’re
going to use to mitigate the determined risks; example, all laptops that are
used off premises must have bit locking encryption enabled on the hard
iii. Under each category include a second paragraph that describes how this
policy implementation will be assessed; example, all new laptops must be
approved by the IT department before they can be put into service. All
laptops and smart phones will be audited every six months.
d. A section titled Policy Enforcement
i. Under policy enforcement, three bulleted categories; one for laptops, one
for smart phones, and one for removable media.
ii. Under each category a bulleted list defining unacceptable uses; such as
installing unauthorized software, leaving a device in unsecured location,
using the devices for non-business purposes, etc.
iii. After the bulleted list include a paragraph describing disciplinary
measures that may be incurred for failure to follow a specific policy;
example, normally an employee is first warned, then lose their network
privileges, and ultimately could face termination for serious breaches of
security or a documented history of repeated violations.
A section titled Reference List:
a. Make sure you reference any sources that you use in the development of your
Place your order now for a similar paper and have exceptional work written by our team of experts to guarantee you A Results
Why Choose US
6+ years experience on custom writing
80% Return Client
Urgent 2 Hrs Delivery
Your Privacy Guaranteed
Unlimited Free Revisions