Work Stations and Other Digital (Wireless) Devices

Risks, Vulnerabilities and Threats

  • Loss or theft of hardware
  • Data Compromise
  • Use of device for attacks
  • Loss of data/programs
  • User security mistakes (weak/no password, not logging off)
  • Poor software maintenance
  • Unsolicited messages (email, IM, voice)
  • Malware/Spyware/Adware

 

Control Objectives and Operational Goals

  • Protect data by encryption (on device and over the wire)
  • Keep antivirus, firewalls, and protective software current
  • Use lock down Security Cables
  • Backup as required
  • Have continuous user training
  • Have up to date device operating software
  • Remote wipe for lost or stolen devices
  • Device details (serial numbers, etc.) kept in a secure place