Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
72 views4 pages

E-Scooter Security & Compliance Guide

The document discusses security training and compliance at an e-scooter company. It notes that the company's mobile apps were found to have security flaws putting users' data at risk. Hackers could also modify scooters' control systems. Implementing ISO/IEC 27001 standards would help address these risks and maintain information security. The company aims to grow by improving its app and adding features while protecting personal data. It works with Amazon Web Services for storage and a bank for payments. Key information assets include blockchain and developer servers storing user data.

Uploaded by

Dalia Alkhateeb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
72 views4 pages

E-Scooter Security & Compliance Guide

The document discusses security training and compliance at an e-scooter company. It notes that the company's mobile apps were found to have security flaws putting users' data at risk. Hackers could also modify scooters' control systems. Implementing ISO/IEC 27001 standards would help address these risks and maintain information security. The company aims to grow by improving its app and adding features while protecting personal data. It works with Amazon Web Services for storage and a bank for payments. Key information assets include blockchain and developer servers storing user data.

Uploaded by

Dalia Alkhateeb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

‫بسم هللا الرحمن الرحيم‬

Assessment two
SYBER CESURITY TRAINING/COMPLIANCE
DEPARTMENT
BY:DALIA ALKHATEEB

Exercise one:
There are many reasons to adopt ISO / IEC27001 in the e-
scooter company, including we found that its mobile
applications contain security flaws that put users' personal and
financial data at risk, therefore controls must be implemented
that address the specific risks they face to maintain the
confidentiality, integrity and availability of information assets.
Hackers can steal electric scooters and modifying the main
panels of bicycles by changing their custom programs and
preventing servers from connecting to bicycles, which made
these scooters their own, which leads to huge financial losses.
Hacker can modify the information to harm the company's
reputation when a strong security system is implemented that
makes us avoid many of the risks mentioned.

Exercise two: scope ISMS


Mark developed the application and coded it himself from its
initial development until version 1.3, after the company grew,
contracting with new developers to develop new features.
App versions:
1.Google play store
2. IOS APPSTORE
The companies that deal with it:
1.Amazone web service: that worked to provide data storage
service
2. Bank IT : a company that provides an electronic payment
service, worked to put all the services it provides in one
platform.
Design:
Designed a safer enclosure for the motherboard without visible
screws, and more sensors were added to detect theft and
damage to motorbikes.
The network has two servers in the internal network
infrastructure:
1. a database server that stores company data such as
information stored by the human resources department and the
accounting department
2. Another server is used by the software development team.
There are also two main cloud servers that handle the back-end
operations of their application and a server. Their cloud
blockchain that stores all the information transmitted by the
sensors.

Exercise three:
The main goal of the company e-Scooter is the development
and growth in the work by creating their own application that is
easy to use and simplified, improving the user interface and
providing new features. Therefore, there must be instructions
for information security controls and the protection of
personally identifiable information by using the ISO / IEC27001
standard, and dealing with companies Reliable and eliminate
some features that could be exploited to cause harm and set
rules to prevent unauthorized access to data and develop
electronic payment services to expand their services throughout
the continental United States.
There are two sources for the company's compliance
requirements: 1. The Quality Assurance Team that reviews
application codes 2. The software development team that
accesses the basic code for previous versions of the application
as well as the current version code to review the old code when
adding new features.
The most important information assets for the company are
1. the blockchain server because it contains many important
information such as location, battery level, time, end user, etc.
2. Developers to improve the user interface in the application
and create a smooth and easy experience for end users and
provide them with many new features for the special
application Company

You might also like