CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY
CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY WIRELESS AND
MOBILE
STUDENT ID: XXXXXXXXXX
STUDENT NAME: MOHITKUMAR KAMLESHBHAI PATEL
DUE DATE: 30TH APRIL,2018
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
1 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L
TABLE OF CONTENTS
INTRODUCTION .............................................................................................................. XXXXXXXXXX2
BOYD IMPLEMENTATION REQUIREMENTS ......................................................... XXXXXXXXXX3
KEY REQUIREMENTS AND WEIGHTINGS .............................................................. XXXXXXXXXX4
REQUIREMENT 1: IDS/IPS AND NETWORK DESIGN ........................................... XXXXXXXXXX5
REQUIREMENT 2: MONITORING NETWORK AND TRAFFIC ANALYSIS USING
IDS/IPS ............................................................................................................................... XXXXXXXXXX8
REQUIREMENT 3: LEGEL POLICIES AND STANDARDS ................................... XXXXXXXXXX11
REQUIREMENT 4: BOYD SECURITY RISKS AND MITIGATION STRATEGIES XXXXXXXXXX
CONCLUSION ................................................................................................................ XXXXXXXXXX16
REFERENCES ................................................................................................................. XXXXXXXXXX16
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
2 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L
INTRODUCTION
The cu
ent research aiming to collect and mobile device forensic issues associated with a
Proposed new network infrastructure to be implemented at Bradford Hospital, In Perth(WA). The
hospital has accommodation of 600 beds with 50 in-charge administration employees and 3 IT in-charge
employees. The employees of the hospital are showing their continual expression of interest in building
a new network infrastructure which allows them to connect various wireless devices such as
smartphones, tablets, storage devices, laptops and their devices. The employees are aiming to make the
most out of the proposed network infrastructure such as managing patient data, uploading records and
eview patient files on the go. This kind of network known as Bring Your Own Device (BYOD). The
existing network and infrastructure do not allow this type of activity.
The hospital’s existing operational environment is based on manual and on paper record keeping
system. Hence, the proposed changeover would require the hospital to invest a certain amount in new
infrastructure and hospital will need new maintenance agreements, usage policies, some devices to be
ought. Moreover this, Bradford hospital will also need to hire personnel to provide training to the
existing staff.
On the off chance, if executed, this new system enables staff to coordinate with their smartphones and
other wireless devices; permitting them with an advanced facility to manage and upload patient data
and retrieve specific patient data if needed. An additional advantage is that it will staff to take their
smart devices home to provide further adaptability with their workplace.
Overall, the proposed network and infrastructure has the potential to offer the staff flexibility,
technically more logical solution to access patient records and produce required reports on time. The
proposed system will allow Bradford hospital to reduce hardware and maintenance costs in the long
term.
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
3 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L
BOYD IMPLEMENTATION REQUIREMENTS
The proposed system from this report is to continue with the improvement of another system
simultaneously, permitting Bring Your Own Device (BYOD) devices at the hospital, with certain
conditions. BOYD will be permitted with following conditions:
1. The hospital should purchase all the wireless devices and network infrastructure devices from the
certified vendor. The network should allow staff to connect specific models of smartphones, tablet
and workplace telephones which can be forensically certified.
2. The involvement of a third-party vendor who is responsible and trusted to download with digital
signatures. The device diagnoses reports should be continuously monitored by the network
administrator.
3. The software and procedures used by the hospital should not be operable on staff's devices. Every
device which connects to the hospital's network must be handled safely. Exchange of patient data must
e logged in a centralised storage device to ensure the integrity of evidence, and it must be kept
confidential.
4. detailed documented and implemented BOYD policy must be in place, and all staff using devices
connected to proposed network structure need to accept BOYD policy prior connecting any devices.
5. essentially the training should be provided for the network administrators and security staff to ensure
all the risks are documented in this reports and mitigation strategies must be in place to address them to
the satisfactory level.
6. The implementation of a digital “workplace policy” to control operational restrictions that are
indulged on the hospital staff and making sure they are completely satisfying workplace procedures.
7. The periodical security checks must be in place to ensure if the wireless device like smartphones,
tablets, laptops are updated to latest security patches including software updates. The devices must not
e disconnected from the network until and unless the update or security issue is rectified.
8. Device ownership documents should be signed off by the staff members to ensure that no illegal
activities ca
ied out on hospital’s network.
All in all, the most significant risk to the hospitals confidential is data loss or leakage ca
ied out; if a
device is lost or stolen. With keeping in mind, the fact that technical devices come along with the
security risks; this report will provide useful recommendations to reduce these risks in a significant
manner.
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
4 | P a g e