CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY...

Question

CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY
CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY WIRELESS AND
MOBILE
STUDENT ID: XXXXXXXXXX
STUDENT NAME: MOHITKUMAR KAMLESHBHAI PATEL
DUE DATE: 30TH APRIL,2018
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
1 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L

TABLE OF CONTENTS
INTRODUCTION .............................................................................................................. XXXXXXXXXX2
BOYD IMPLEMENTATION REQUIREMENTS ......................................................... XXXXXXXXXX3
KEY REQUIREMENTS AND WEIGHTINGS .............................................................. XXXXXXXXXX4
REQUIREMENT 1: IDS/IPS AND NETWORK DESIGN ........................................... XXXXXXXXXX5
REQUIREMENT 2: MONITORING NETWORK AND TRAFFIC ANALYSIS USING
IDS/IPS ............................................................................................................................... XXXXXXXXXX8
REQUIREMENT 3: LEGEL POLICIES AND STANDARDS ................................... XXXXXXXXXX11
REQUIREMENT 4: BOYD SECURITY RISKS AND MITIGATION STRATEGIES XXXXXXXXXX
CONCLUSION ................................................................................................................ XXXXXXXXXX16
REFERENCES ................................................................................................................. XXXXXXXXXX16
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
2 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L
INTRODUCTION
The cu
ent research aiming to collect and mobile device forensic issues associated with a
Proposed new network infrastructure to be implemented at Bradford Hospital, In Perth(WA). The
hospital has accommodation of 600 beds with 50 in-charge administration employees and 3 IT in-charge
employees. The employees of the hospital are showing their continual expression of interest in building
a new network infrastructure which allows them to connect various wireless devices such as
smartphones, tablets, storage devices, laptops and their devices. The employees are aiming to make the
most out of the proposed network infrastructure such as managing patient data, uploading records and
eview patient files on the go. This kind of network known as Bring Your Own Device (BYOD). The
existing network and infrastructure do not allow this type of activity.
The hospital’s existing operational environment is based on manual and on paper record keeping
system. Hence, the proposed changeover would require the hospital to invest a certain amount in new
infrastructure and hospital will need new maintenance agreements, usage policies, some devices to be
ought. Moreover this, Bradford hospital will also need to hire personnel to provide training to the
existing staff.
On the off chance, if executed, this new system enables staff to coordinate with their smartphones and
other wireless devices; permitting them with an advanced facility to manage and upload patient data
and retrieve specific patient data if needed. An additional advantage is that it will staff to take their
smart devices home to provide further adaptability with their workplace.
Overall, the proposed network and infrastructure has the potential to offer the staff flexibility,
technically more logical solution to access patient records and produce required reports on time. The
proposed system will allow Bradford hospital to reduce hardware and maintenance costs in the long
term.
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
3 | P a g e XXXXXXXXXX XXXXXXXXXXM O H I T P A T E L
BOYD IMPLEMENTATION REQUIREMENTS
The proposed system from this report is to continue with the improvement of another system
simultaneously, permitting Bring Your Own Device (BYOD) devices at the hospital, with certain
conditions. BOYD will be permitted with following conditions:
1. The hospital should purchase all the wireless devices and network infrastructure devices from the
certified vendor. The network should allow staff to connect specific models of smartphones, tablet
and workplace telephones which can be forensically certified.
2. The involvement of a third-party vendor who is responsible and trusted to download with digital
signatures. The device diagnoses reports should be continuously monitored by the network
administrator.
3. The software and procedures used by the hospital should not be operable on staff's devices. Every
device which connects to the hospital's network must be handled safely. Exchange of patient data must
e logged in a centralised storage device to ensure the integrity of evidence, and it must be kept
confidential.
4. detailed documented and implemented BOYD policy must be in place, and all staff using devices
connected to proposed network structure need to accept BOYD policy prior connecting any devices.
5. essentially the training should be provided for the network administrators and security staff to ensure
all the risks are documented in this reports and mitigation strategies must be in place to address them to
the satisfactory level.
6. The implementation of a digital “workplace policy” to control operational restrictions that are
indulged on the hospital staff and making sure they are completely satisfying workplace procedures.
7. The periodical security checks must be in place to ensure if the wireless device like smartphones,
tablets, laptops are updated to latest security patches including software updates. The devices must not
e disconnected from the network until and unless the update or security issue is rectified.
8. Device ownership documents should be signed off by the staff members to ensure that no illegal
activities ca
ied out on hospital’s network.
All in all, the most significant risk to the hospitals confidential is data loss or leakage ca
ied out; if a
device is lost or stolen. With keeping in mind, the fact that technical devices come along with the
security risks; this report will provide useful recommendations to reduce these risks in a significant
manner.
CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT
4 | P a g e

tae_636607577650689858_117607_1.pdf

Akansha · Accepted Answer

Why Network Segmentation Needed?
The phase when it required the parting of the networks or a specific equipment has touched its physical volume and the utilization of the partition is done. The network could be extended by fragmenting the LAN. It will decrease the contestation and network issues could be isolated and the security could be enhanced.
▪ Network Extension –to implement the new segments which could allows the new host onto the LAN, switches or routers could added when the network’s maximum physical capacity has been over (Tripod, n.d.). 
▪ Decreasing the Congestion –  with the increase of the number of workstations or devices, the requirement of the bandwidth also increases. The network administrator could segment the LAN and per network hosts could be reduced in number. There is Parallel reduction in the bandwidth usage and requirement if the communication is present in the traffic between the devices on the same segment (Tripod, n.d.). 
▪ Separate network problems – the division of the network in smaller sections by the network administrator, the overflow of the issues could be decreased from one segment to another.  The other challenges like Hardware and Software failure could be reduces to impact the network’s smaller portions (Tripod, n.d.). 
▪ Enhanced Security – the network administer could ensure that an outside source could have the access to the internal configuration of the network by utilizing the partitions. The broadcast of the privileged packets cannot be possible throughout the network, but only on the subnet it originated from  (Tripod, n.d.). 
Point 2
Bradford Hospital’s Firewall Policy
PURPOSE: 
In Bradford Hospital the firewalls play an essential role. They are termed as the alarm system for controlling and restricting the network services and connectivity. It has the control to place a control point if an enforcement of access control is being done. The machines those will be permitted to exchange information is determined by the connectivity. A service is referred here as way to transfer information through a firewall. Such as, services comprise of MS-Exchange Servers, Remote Access (VPN), Mail Relay Server (SMTP) web browsing (HTTP) and File Transfer Protocol (FTP). The given policy demonstrates the important rules related to the maintenance and management of the Bradford Hospital’s Firewalls. The policy is applied to all rented, owned, leased and otherwise used Firewalls in the Bradford Hospital by its employees (Texas Wesleyan Firewall Policy, 2011).
SCOPE: 
Each firewalls of the Bradford Hospital network falls into the control of the policy. It includes the firewalls managed by the hospital’s employees or any third party given access in the branch office. Any permission to the departure from the policy need to be priory approved in writing by the Bradford Hospital’s Network Administrator. In certain cases, the equipment like UTM or Proxy servers could function as Firewalls when they are not recognized officially as firewalls. The role of the firewalls is played by Bradford Hospital, whether or not called as firewalls officially. Still they are to be managed under the policy rules as defined. As particular points, the process may demand the upgradation of the devices so that the devices could support the lowest functionality as defines the policy and procedures (Texas Wesleyan Firewall Policy, 2011). 
REQUIREMENT SPECIFICATION: 
• Documentation Required- the submission of the explanation of the network diagram on the permitted paths with protection for individual, and demonstration of qualified services is important before any firewall of Bradford Hospital gets deployed. This part needs to be submitted to the Bradford Hospital’s Network Administrator. The network administrator f the hospital will provide the permission that will allow any such paths and services. This permission will be given based on the criticality of the business reason and essentiality of the administrative path opted for and ensuring that the viable safety efforts will go along with it. The documentation will be representing the conformance of the real firewall and it will be occasionally checked and scrutinized by the security engineer. The underneath portrayed procedure will be experienced each time a progression of such way takes place. 
• Default to Denial –Bradford Hospital firewalls must deter every affiliation way and organization that isn't especially permitted by this approach. This includes the supporting reports those are issued by the Network Administration division. The neglected which now embraced ways and organizations must be accounted for and taken to all system heads and all information need to be proceeded by Hospital Network Administration Department of Bradford. A stock of all entrance ways in and out of the inner systems of the Bradford Hospital must be kept up by the Network Administration Department of Bradford Hospital.
• Connections in Machines – no real-time connections should be enabled or established between two or more Bradford Hospital. To do this the Network Administration department of the Bradford Hospital should determine first that these connections are not being unduly used to jeopardise with the network’s confidentiality and security. Mostly, comparative middle structure or firewalls should be used. These criteria apply regardless of the innovative technique used, which includes microwave joins, computerised supporter line associations, link modems, remote associations, and administrations advanced system lines. The approval for any association between the in-house Braford Hospital with any external PC or system,

CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY WIRELESS AND MOBILE STUDENT ID: XXXXXXXXXX STUDENT NAME: MOHITKUMAR KAMLESHBHAI PATEL DUE DATE: 30TH...

Solution

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment