1 - BCTAA Employee Device Access
Appropriateness of Protection Measure
It is an important consideration that each employee at BCTAA is able to keep their own work
safe and secure, where only they can access it.
Alternative Protection Measures that Could be Used
Alternatively, each computer at the office could be unique to the employee that uses it,
meaning that only person A can use computer A and so on. This would mean that every user
logs in to their own allocated computer to manage their own files.
A downside to the idea of having individual PCs for each employee, would be that they
wouldn’t be networked together, meaning that there would be no way for them to share files
directly over the network.
Rationale for Choice of Protection Measure
The reason I chose this protection measure was so that employees are able to securely
store and access the files that relate to their jobs, while still being able to share files and to
access publically shared files.
2 - Theft or Copying of Door Access Card
Appropriateness of Protection Measure
It is important to educate the employees of the risks that can exist when they do not look
after their access cards, because it will promote them to keep their cards safe and to not
allow them to be used by others.
It is also an important step to increase the security regarding the card-based access to the
office, so that the office is kept physically secure.
Alternative Protection Measures that Could be Used
An entirely different access method could be employed, like a keycode that all employees
must memorise, or a biometric fingerprint scanner that all employees have been whitelisted
on.
The issues with these come down to the expense of biometrics and technical proficiency
required to set it up and maintain it, as well as the possibility of misremembering a code for a
keypad as the code will likely change on a regular basis.
, Rationale for Choice of Protection Measure
I think that the best method for protecting cards is to keep employees aware of the security
risks, to improve the physical security that protects physical access, and to provide
capabilities of preventing card ID theft such as RFID proof wallets.
3 - Man in the Middle Attack
Appropriateness of Protection Measure
I believe that the protection measure of ensuring that all wireless communication is
encrypted is very appropriate for BCTAA. In order to prevent attackers from being able to
intercept and then read sensitive information passed via a wireless transmission, the data
being sent must be encrypted. Failure to ensure encryption would resort in untrustworthy
wireless communication.
Alternative Protection Measures that Could be Used
An alternative to risking data and information that is being sent to, from, and within the
network, would be to use wired connections for as much communication as possible. This
would be impossible to achieve between the network and the internet/client, but BCTAA
could cut down on any of the wireless devices that are being used, and replace them with
wired connections. For example, the staff mobile devices would not be allowed to connect to
the network.
Rationale for Choice of Protection Measure
I believe that the protection measure I have come up with is vital if wireless communication
is to be had with the EH network. Therefore, wireless encryption via protocols such as FTP
or TLS is required.
4 - Public Areas Hours
Appropriateness of Protection Measure
The accessibility to both, the EH network, and the building itself by guests is possible outside
of the typical working hours of the offices at the building, meaning that the offices of the
network are potentially more at risk, since they are empty of employees, unsupervised,
which could allow an attacker to gain access.
It is therefore important to ensure additional measures of security to lessen the risk of
unauthorised access to the office, or to the network.
Appropriateness of Protection Measure
It is an important consideration that each employee at BCTAA is able to keep their own work
safe and secure, where only they can access it.
Alternative Protection Measures that Could be Used
Alternatively, each computer at the office could be unique to the employee that uses it,
meaning that only person A can use computer A and so on. This would mean that every user
logs in to their own allocated computer to manage their own files.
A downside to the idea of having individual PCs for each employee, would be that they
wouldn’t be networked together, meaning that there would be no way for them to share files
directly over the network.
Rationale for Choice of Protection Measure
The reason I chose this protection measure was so that employees are able to securely
store and access the files that relate to their jobs, while still being able to share files and to
access publically shared files.
2 - Theft or Copying of Door Access Card
Appropriateness of Protection Measure
It is important to educate the employees of the risks that can exist when they do not look
after their access cards, because it will promote them to keep their cards safe and to not
allow them to be used by others.
It is also an important step to increase the security regarding the card-based access to the
office, so that the office is kept physically secure.
Alternative Protection Measures that Could be Used
An entirely different access method could be employed, like a keycode that all employees
must memorise, or a biometric fingerprint scanner that all employees have been whitelisted
on.
The issues with these come down to the expense of biometrics and technical proficiency
required to set it up and maintain it, as well as the possibility of misremembering a code for a
keypad as the code will likely change on a regular basis.
, Rationale for Choice of Protection Measure
I think that the best method for protecting cards is to keep employees aware of the security
risks, to improve the physical security that protects physical access, and to provide
capabilities of preventing card ID theft such as RFID proof wallets.
3 - Man in the Middle Attack
Appropriateness of Protection Measure
I believe that the protection measure of ensuring that all wireless communication is
encrypted is very appropriate for BCTAA. In order to prevent attackers from being able to
intercept and then read sensitive information passed via a wireless transmission, the data
being sent must be encrypted. Failure to ensure encryption would resort in untrustworthy
wireless communication.
Alternative Protection Measures that Could be Used
An alternative to risking data and information that is being sent to, from, and within the
network, would be to use wired connections for as much communication as possible. This
would be impossible to achieve between the network and the internet/client, but BCTAA
could cut down on any of the wireless devices that are being used, and replace them with
wired connections. For example, the staff mobile devices would not be allowed to connect to
the network.
Rationale for Choice of Protection Measure
I believe that the protection measure I have come up with is vital if wireless communication
is to be had with the EH network. Therefore, wireless encryption via protocols such as FTP
or TLS is required.
4 - Public Areas Hours
Appropriateness of Protection Measure
The accessibility to both, the EH network, and the building itself by guests is possible outside
of the typical working hours of the offices at the building, meaning that the offices of the
network are potentially more at risk, since they are empty of employees, unsupervised,
which could allow an attacker to gain access.
It is therefore important to ensure additional measures of security to lessen the risk of
unauthorised access to the office, or to the network.
