Reference no: EM131446308
Mobile App Security Assessment & Strategy
Scenario:
A federal agency has asked your cybersecurity consulting firm to provide it with a white paper that discusses best practices for security architectures and designs for mobile apps. The white paper should also present the agency with a strategy for developing an award winning digital government mobile app for its submission to next years' Mobi-Gov awards. The agency had several mobile apps in the "honorable mention" category this past year but, each of the apps failed to make passing scores in the mobile app security category. The contest rules do not allow revision and resubmission of entries from prior years. For this reason, your starting point should be recommendations for a security architecture for a completely new mobile app.
The scoring for the awards is organized around the three strategies from the federal government's digital government strategy (posted in the Week 3 readings).
- Enable the American people and an increasingly mobile workforce to access high-quality digital government information and services anywhere, anytime, on any device.
- Ensure that as the government adjusts to this new digital world, we seize the opportunity to procure and manage devices, applications, and data in smart, secure and affordable ways.
- Unlock the power of government data to spur innovation across our Nation and improve the quality of services for the American people.
Research:
- Research the "best" of federal mobile apps to see examples of the type of apps the agency will be competing against next year.
- 19 of the Coolest Government Mobile Apps https://www.govloop.com/community/blog/cool-gov-mobile-apps/
- 10 Most Entertaining Government Mobile Apps https://www.govloop.com/community/blog/10-most-entertaining-government-mobile-apps/
- 3 Innovative Ways Agencies are Leveraging Mobile Apps https://fedscoop.com/great-government-mobile-apps
- Research the federal government's perspective on mobile app security architectures and design recommendations. Here are three sources to help you get started:
- Mobile App Developers: Start with Security https://www.ftc.gov/tips-advice/business-center/guidance/mobile-app-developers-start-security
- Mobile Security Reference Architecture https://cio.gov/wp-content/uploads/downloads/2013/05/Mobile-Security-Reference-Architecture.pdf
- Architecture and Design Considerations for Secure Software (Mobile Applications)
https://buildsecurityin.us-cert.gov/sites/default/files/ArchitectureAndDesign_PocketGuide_v2%200_05182012_PostOnline.pdf
- Research industry recommendations for mobile app security. Begin with the following sources:
- OWASP Mobile Security Project https://www.owasp.org/index.php/OWASP_Mobile_Security_Project
- Top 10 Mobile Risks (click on tab) https://www.owasp.org/index.php/OWASP_Mobile_Security_Project
- Mobile app security: Always keep the back door locked https://arstechnica.com/security/2013/02/mobile-app-security-always-keep-the-back-door-locked/
- Find five or more best practice recommendations for ensuring the security of mobile apps. These recommendations must include security for the platform (mobile device), the data on the device, and the transmission path between the device and the mobile application server.
Write:
Write a five (5) to eight (8) page white paper in which you summarize your research and present your "best practices" based strategy for developing an award winning, secure mobile app. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a minimum, your white paper must include the following:
An introduction or overview of mobile apps for digital government. Your overview should include examples of mobile apps which are recognized as being innovative and "best of category" for delivering government information and services to mobile devices. This introduction should be suitable for an executive audience.
A separate section in which you discuss the federal government's requirements and recommendations for mobile app security architectures and the associated design recommendations. This section should be written for non-technical managers; you will need to translate from tech-speak to manager-speak. Diagrams and pictures may be useful but, remember to include the appropriate in-text citations for the source (append to the figure caption).
A separate section in which you discuss industry's recommendations for security architectures and risk reduction for mobile app security.
A section in which you present 5 or more best practice recommendations for building security into the new mobile app which will become next year's entry into the Mobi-Gov awards contest. These recommendations should be presented as your "strategy" for "winning" the security evaluation category for mobile apps.
Submit For Grading
Submit your white paper in MS Word format (.docx or .doc file) using the OPEN Data Assignment in your assignment folder. (Attach the file.)
You must also submit your white paper to TurnItIn before the due date for this assignment.
Additional Information
- Your white paper should use standard terms and definitions for cybersecurity concepts. The following sources are recommended:
ISACA Glossary https://www.isaca.org/pages/glossary.aspx
Guidelines on Security and Privacy in Public Cloud Computing https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf
You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university's Academic Integrity policy.
Use APA 6th edition style (formatting) for the organization and appearance of the MS Word document that you submit to your assignment folder. This includes margins, section headings, and consistent use of fonts (Times New Roman 12 in black), paragraph styles (first line indent by ½ inch), and line spacing (double). Formatting requirements and examples are found under Course Resources > APA Resources. Your file should contain both a title page and a separate References page. Use page breaks to ensure that the title page and references page are separate from the body of the paper.
You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. These items are graded under Professionalism and constitute 15% of the assignment grade.
How the judicial system fits into american society
: Explain the purpose of business law and how the judicial system fits into American society -- including business. Differentiate the US federal court structure from Florida state's court structure.
|
What specific legal issues can arise in documenting
: Analyze the ethical issues related to documenting informed consent and ethical issues related to release of treatment and assessment records.Which enforceable standards are relevant to the release of treatment-related materials and disclosure of ..
|
What reasons for disagreement over definition of terrorism
: What are the reasons for global disagreement over the definition of terrorism? (Minimum 650 words, 3 scholarly APA references)
|
How the job skills can lead to improved job performance
: Explain the connection between organizational behavior and your job skills. Discuss how these job skills can lead to improved job performance. Explain how Organizational Behavior can aid you in decision-making and problem-solving.
|
Mobile app security assessment-strategy
: A federal agency has asked your cybersecurity consulting firm to provide it with a white paper that discusses best practices for security architectures and designs for mobile apps.
|
Discuss about the concept of the awakened mind
: Philosophical Review of chosen topic demonstrating full understanding of the concept of the awakened mind. Must use Japanese Philosophy: A Sourcebook as a primary source and one (legitimate) secondary source of your choice.
|
What are positive implications of innovations for security
: How can retail shrinkage losses be reduced through private and public sector cooperation? What are the positive and negative implications of technological innovations for security and loss prevention programs?
|
Define it standards-itil and cobit5
: Two links to articles or news sources about the area of focus for the week. Include a 1 to 2 sentence summary of the interesting points. The area of interest is IT standards : ITIL and COBIT5
|
Discuss two human growth and development theories
: Discuss 2 human growth and development theories that have been supported by research. Discuss 1 theory that has continued to be examined but has no empirical support. In addition, discuss what research is suggesting about the importance of spiritu..
|