Question

Case Study for IT management

You have been working in the IS/IT field as a consultant for two years following graduation. Your clients have consisted of home users and a few small businesses. Recently you were referred to the owner of a small used car dealership. The owner is curious about endpoint security, however, not yet sold on the idea. The dealership has 4 sales consultants, two receptionists, two finance specialists and two reconditioning technicians. Each employee has a cell phone, laptop, access to a networked printer and the dealership also has security cameras which the owner accesses from his mobile devices (phone, iPad, laptop).

Create a proposal for the owner detailing how endpoint security should be a requirement for the dealership. The owner has asked several consultants for proposals, the best proposal will receive the job! It is up to you to decide how best to approach is. Remember ... you are trying to get the job!

Answer 1

Facts of the case:

The dealership has 4 sales consultants, two receptionists, two finance specialists and two reconditioning technicians. Each employee has a cell phone, laptop, access to a networked printer and the dealership also has security cameras which the owner accesses from his mobile devices (phone, iPad, laptop).

Proposal:

Since the business is small used dealership, we have to consider all possible security checks.

Endpoint security / endpoint protection is an approach to the protection of computer networks that are remotely connected to client devices. The connection of laptops, tablets, mobile phones and other wireless devices to corporate networks creates attack paths for security threats.

As the dealership has 4 sales consultants, 2 finance specialists and 2 reconditioning technicaians. The owner has to check the end point security where ever possible.

1. We have ensure controls over the sales consultants not to provide higher discounts by creating max discount policy in the system.Otherwise it leads to higher discounts to the person known to them

2. Accessing network has a big risk in modifiying the data, so we have to restrict the user access rights in order to prevent data modification.

3. Also need to keep check on the persons by verifying the accounting entries.

4. Seggregation of duties are required in dealership.

5. Malicious attacks from the hackers leads to loss of data.

How we will protect ?

1. Part of remediating a problem is putting it in quarantine so it can’t keep spreading. When necessary, we’ll even isolate compromised devices until we can be sure they’re safe.

2. If we find something malicious, we’ll go ahead and remove it for you. It’s the least we could do. We make it simple and automatic.

3. By automating threat discovery, investigation, and response, Synchronized Security revolutionizes threat detection. Incident response times are reduced exponentially and tactical resources can be refocused on strategic analysis.