Question 1: You have just been promoted to Corporate Information Security Officer (CISO) for a mid-level company that specializes in Point-of-Sale (PoS) technology. The primary responsibility of this role is to develop plans, policies, and physical control requirements and specifications for the company that specifically address the security posture facing this sector. With highly publicized breaches of clients using your PoS technologies, including Target, Delta, Best Buy, and many others, the company is looking to you to specifically do the following:
a) Develop policies, standards, guidelines and procedures to detail what users and administrators can do to maintain the security of the business systems and network. Write one example of each (policy, standard, guideline, procedure) that specifically protects a PoS network. This example should be written so that any client using your PoS technology can adapt the verbiage to their operations.
b) Explain how the growing use of wireless cellular technology has impacted data transmission and how factors, such as location, affect your company's ability to protect confidential data. Provide examples of how this technology can be used to jam and hack PoS technology.
Sample Solution