Assignment : Security Analysis of an App
The goal of this report is to analyze the permissions of a specific app that is available to public via official app markets from the information security perspective. For this assignment, select an app.
Your app should not be already selected by any other student. A list of the apps that are already selected is available in Blackboard in the same location as the assignment instructions. Once selected, confirm your selected app with the course instructor so that it would be added to the list of the selected apps.
For your selected app, please discuss the following:
• Provide an overview of what the app is/does.
• List the permissions that the app requires (e.g. access to camera, contacts, etc.)
• For each of those permissions explain whether that permission is necessary for proper functioning of the app and why.
• For each permission discuss the potential cyber security issues that can arise due to that permission if the app is compromised.
• As a cybersecurity analyst, discuss what would be the minimum permissions for the app to be able to function properly without having unnecessary permissions/access privileges.
• Review the EULA (End User License Agreement) of the application and answer the following questions.
o Please provide a summary of EULA. Highlight the key/interesting findings.
o If you were the app provider, what changes would you make to the EULA?
o As a potential user of the app, what changes would you make to the EULA?
• Assume that you are a cybersecurity analyst in an organization and are devising the BYOD policy of the organization. What are the potential security issues associated with employees' use of the app on the organization's computing devices or through the organization's network? Please explain.
• As an organization's cybersecurity analyst, would you recommend allowing or prohibiting the use of the app on the organization's devices? Please explain why.
• As an organization's cybersecurity analyst, what actions would you recommend to prevent the potential threats associated with the selected app?
In your report, please reference any security incidents related to the app that has already occurred (if there has been any).
Please keep in mind that the goal of the assignment is not simply describing an instance of security incident but it is analyzing the potential security issues that can arise from the permissions granted to an app.
Format Information: Please adhere to the following format guidelines in preparing your report.
1. The report is to have a cover sheet that identifies:
a. the author's name
b. the title of the report
c. the semester and year during which the paper was submitted
2. The length of papers should range from 700 to 1,000 words (excluding references).
3. Use single space, 12-point font size and allow approximately one-inch margins
4. Include a references section
5. Incorporate APA style for references and citations (in the essay)