Communicate Risks Exercise Solution

Part 1 Risks

Part 2 Recommendations

Summary

The risks to Jilly & Roy’s accounting I found are:

• Administrative Access” to machines
• “Personal Computers” handling business data
• The “Bring Your Own Device” policy for cellphones
• “Games and Streaming” software on business machines
• “Remote Access” to the company fileserver
• “Update Frequency” specified by the IT contract.

My recommendations to migrate the risks are:

• Follow the Least-Privilege principle
• No Client Data on Personal Devices
• Mandatory Anti-Virus Software
• Only Work-Related Software
• Set Credentials To Protect The Network
• Increase IT Update Frequency