Developing a Threat Matrix for Smart Devices in a University Network Towards a Secure Local Area Network Ecosystem
The need by staff and students to use smart mobile devices in corporate network is indisputable. This is because it aids them carrying out their work and study more effectively as well as achieve better work-life balance. However, the smart mobile devices pose a security challenge as they continue to expand the corporate network unchecked. The devices are supposed to adhere to corporate security policies to ensure that they do not bring malware or leave with sensitive data from the network, hence they create a major security burden to security professionals who are supposed to ensure that they adhere with the security policy as enshrined in the BYOD (Bring Your Own Device). The purpose of this study, therefore, was to develop a security threat matrix for smart mobile devices. To achieve this, threats introduced by use of smart mobile devices in the university network were evaluated. Later the study identified countermeasures adopted from the existing ICT security policy of the university. This then led to the development of security threat matrix model, which displayed likelihood of attack from various threats and gave recommendations on security countermeasures required for a secure university LAN ecosystem. To accomplish this, a proof of concept methodology was adopted, relevant data was gathered using structured questionnaire which later was analyzed and a prototype was developed based on this data.