Sam’s Scoops has experienced substantial expansion. Operating across multiple locations, Sam’s Scoops deals with sensitive customer data, including credit card information, addresses, and personal details.
The growing workforce, now over 250 employees, work in diverse departments. An emerging concern is that some of these employees bring their personal computers to the office, potentially introducing new vulnerabilities into the company’s network.
Given the rising complexity of cyber threats, Sam’s Scoops is increasingly exposed to potential risks like phishing, ransomware, and DDoS attacks. Furthermore, data breaches are an ever-looming threat that could impact the company’s reputation and financial stability.
Your task is to conduct a comprehensive security analysis and develop a detailed security strategy report for Sam’s Scoops. The strategy should address the evolving threats that the company could encounter and outline suitable solutions for risk mitigation and data protection. Use the knowledge gained from this course and previous courses to develop this strategy report.
RISK ASSESSMENT
Internal threats
- Phishing attacks
- Vulnerable personal devices
External threats
- Large attack surface
- DDoS attacks
- Unauthorised access to sensitive data
- Business disruption
COUNTERMEASURES
- Staff: training should be run regularly and cover latest threats and incident response protocols. Email filters to be setup. Antivirus and anti-malware software to block malicious websites.
- Personal devices: BYOD policy to ensure minimum security specifications: for example, an approved antivirus is used, that updates are performed when they become available and that a suitable firewall is installed. Company data on devices should be minimal and it should be encrypted and access to company’s resources should be possible only through VPN. Regular security checks of personal devices to ensure policy is being enforced.
- Network: Network segmentation. Firewall configured for least privileged access and Intrusion Detection and Prevention Systems. Regular audits, monitoring and employee training on security best practices. DDoS protection from the CSP
- Data: Strong encryption methods, regular data backups. Access controls and MFA. Biometric authentication might also be implemented where relevant. Secure servers with regular updates
- Damage control: Devise an Incident response plan and update it based on incidents and new threats, to ensure minimal business disruption and reputational damage.