Recommend and Apply Basic Security Controls Exercise

Jill & Roy's Accounting - Case Study

You should be familiar with this case study from an earlier lesson. But notice that more information has been added.

Jill and Roy provide accounting services throughout their area. They employ 7 full-time workers: 4 accountants, 1 office administrator, and themselves. They also have about a dozen seasonal workers during tax season.

They use Microsoft 365 (aka Office 365) for all of their office applications (email, word processing, spreadsheets, etc.). For their accounting, they use Intuit's Quickbooks and ProConnect online versions. They have a single office with a network router to their ISP, a Linksys LGS116P Ethernet Switch and a Linksys AC1900 WiFi Router.

The full-time accountants each have a Lenovo ThinkPad T490 and the office administrator has a Lenovo desktop. All company workstation computers use Windows 10 and Google Chrome for their standard web browser. All users have administrator rights on their PC and many have installed their own software, which includes games and media streaming applications.

They also have one internal Windows 10 Lenovo desktop that they use as a centralized print and file server that sits in the main office area. Only Roy, Jill, and the office admin have an account on it. They recently allowed Remote Desktop Protocol (RDP) into it to allow employees to access files from home. The temporary workers use their own laptops, which are a mixture of Windows and Macs. It's known that some of the temporary accountant workers will download client files onto their personal computers to work offline.

The office has a Bring Your Own Device (BYOD) Policy for all cell phones (a mix of Apple iPhones and Android). Cell phones are used for business email and to speak with office workers and clients.

Jill & Roys has a contract with a local IT company to provide services, which includes a weekly backup of the file/print server, monthly updating of Microsoft products on office computers, and maintenance of the network equipment.

Answer the questions below based on this case study.

Part 1: Recommendations

Recommendations

QUESTION:

Based on the case study described above, provide three recommendations to improve security for Jill & Roy's Accounting. Consider the following areas: access and authority, passwords, updating, network access, and use of personnel devices for work.

ANSWER:

Jill & Roy's have many areas to improve their cybersecurity posture. Below are sample answers:

All users should have local or standard user privileges and not be an administrator. The risk is that unauthorized software could be installed. You should remove administrator rights for all users and there should be a separate administrator account for installing new programs on PCs.
You should set a password policy using the Local Security Policy as explained in an earlier lesson. All users should have a password that is at least 8 characters, changed at least every 90 days, and meets the complexity requirements. You can also set the account lockout policies.
Remove any applications that aren't needed for the business.
Ensure the Windows operating system and all applications are set to auto-update.
Review running services including the use of Remote Desktop (RDP). That service should be disabled for the business's file/print server. Jill & Roy's should use a secured cloud service for sharing sensitive files.
Review the firewall rules that allow access into the internal network.
Create and deliver user security awareness training for all employees. This should include the protection of Personally Identifiable Information (PII) and on the use of personal devices and their safe use for businesses.
Create an announcement upon log-in to remind all employees that these computers are to be for Jill & Roy's business-use only.

Part 2: Applying Security Controls

For part 2, you'll continue to use the Windows 10 virtual PC CYBERND01PRJ01. Sign in to the Windows 10 virtual PC provided with this class and complete the exercises below. If you don't know how to get remote control of the virtual PC, please follow Step 4. Return to lab VM in the document Setup Student LAB

Username: cyberadmin
Password: @UdacityLearning#1

IMPORTANT: Please always remember to shut down ALL of the virtual machines when not in use to avoid charges! The status of ALL virtual machines should be stopped!

Action based on Recommendations

QUESTION:

Now you have given some useful recommendations, please make the appropriate changes in the CYBERND01PRJ01 VM based on your recommendations.
Note: Check, but don't change RDP use. Use the space below to record your observations.

ANSWER:

Good job. Please see the solution page for more information.

Next Concept