Preventing Device Thefts: Recommendations for Chief Information Security Officer (CISO)

Implementing Security Measures to Counteract Device Thefts

Question

Staff members are reporting an unusual number of device thefts associated with time out of the office.

Thefts increased soon after the company deployed a new social networking application.

Which of the following should the Chief Information Security Officer (CISO) recommend implementing?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

The Chief Information Security Officer (CISO) should recommend implementing option D, Network Access Control (NAC) checks to quarantine devices.

Explanation:

The scenario presents a situation where there has been an increase in device thefts associated with time out of the office after the deployment of a new social networking application. This suggests that there could be a potential link between the application and the thefts. One possibility is that the application may be making it easier for attackers to identify when staff members are out of the office, and therefore more vulnerable to device theft.

To mitigate this risk, the CISO should recommend implementing NAC checks to quarantine devices. NAC is a security solution that ensures that only authorized devices are allowed to access the network. NAC checks can be set up to verify that devices meet certain security requirements, such as up-to-date antivirus software and operating system patches. Devices that fail the NAC checks can be quarantined and prevented from accessing the network until they are brought up to the required security standard.

By implementing NAC checks, the company can ensure that only authorized and secure devices are allowed to access the network. This will make it more difficult for attackers to gain access to sensitive information, even if they are able to steal a device. Additionally, NAC checks can help to identify compromised devices and prevent them from spreading malware or other threats throughout the network.

Option A, automatic location check-ins, could potentially help to identify when devices are out of the office, but it does not address the root cause of the problem - the potential link between the social networking application and the thefts.

Option B, geolocated presence privacy, is not a security solution and does not address the problem of device thefts.

Option C, integrity controls, is also not directly relevant to the problem of device thefts associated with time out of the office. While integrity controls are important for ensuring the accuracy and consistency of data, they do not address the root cause of the problem.

In summary, the best option to address the issue of device thefts associated with time out of the office is to implement NAC checks to quarantine devices.