Digital Infrastructure T-Level

  Mobile device/a pplication management     What is mobile device management (MDM)?   Mobile device management (MDM) is a service that allows an organisation to remotely control mobile devices. The devices are often manage d to enforce policies and harden security on the device.     What is mobile a pplication management (MAM)?   Mobile a pplication management (MAM) is a service that allows an organisation to remotely manage applications on a mobile device. This is usually used on personal devices where employees are still using them for work. Policies still need to be enforced, however because it is a personal device, the company cannot remotely manage the whole device.     Why do companies use MDM/MAM?   Companies use mobile management services to enforce policies on devices used for work related purposes, especially with access to sensitive data. By using MDM, the company can monitor activity on the device and flag suspicious acce...

  Cyber incident response plans (CIRP)     What is a cyber incident response plan?   A cyber incident response plan (CIRP) is an in-depth document created by companies to outline and advise what to do in a m ajor cyber incident. Such incidents could include large or sensitive data breaches, data loss, outages and ransomware attacks.     Preparation   Arguably the most important phase of a cyber incident response plan. The main premise of this step is to ensure that a CIRP is in place well before an attack happens and relevant staff are briefed on what to do. The incident response team should be listed along with their contact infor mation in case they need to be notified in a cyber incident.     Detection and analysis   This phase focuses on detecting and analysing cyber incidents once they occur. Security policies, monitors and features should be set up along with staff training on how to detect and recognise cyber incidents happeni...

  Password policies and protection     Passwords for protecting sensitive information   In most cases, passwords can be used to protect sensitive information from unauthorised viewing. This can be through password protected files/directories, cloud access accounts or password protected storage drives and PCs. The company must ensure that staff who set their own passwords abide by a robust and secure password policy and follow confidentiality requirements at all times .     What is a password policy?   A password policy is a set of rules required by a system or application when the user is setting a password. These rules are mandatory to maintain the safety and security of the data it is protecting.     Why are password policies important?   Password policies are designed to reduce the risk of a brute force attack on the system that it is protecting. Brute forcing is when an attacker can guess a password, usually by using a wordlist o...