Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

1. Identify appropriate security for digital devices
   • Create and maintain register of digital devices on organisation’s network
   • Confirm what information is held on the registered devices
   • Categorise level of risk associated with each device based on sensitivity of information stored
   • Select required security protocol to manage level of risk associated with each device
2. Apply protection strategies to digital devices
   • Install and run latest anti-malware on each device
   • Create strong passwords across personal and work accounts
   • Switch on two-factor authentication where available
   • Encrypt devices according to instructions
   • Develop associated physical security plan and communicate this to whole organisation
3. Evaluate effectiveness of applied protection strategies
   • Review number of breaches and business impact over review period
   • Monitor latest developments in digital security
   • Support organisation to select most appropriate security strategies
4. Patch software across multiple devices
   • Apply updates to software and applications across own desktop and mobile devices
   • Ensure that new devices are updated and configured correctly as part of initial start-up procedure

Performance Evidence

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

use best practice protection strategies to maintain the security of two different electronic devices over the life of a small project or work cycle

conduct gap analysis to evaluate effectiveness of all applied best practice strategies.

---

Knowledge Evidence

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

external party security risks and methods for mitigating risk

industry-accepted best practice protection strategies for improving security on digital devices:

password management

use of anti-virus software

virtual private network (VPN) use on public Wi-Fi

router settings

fundamentals of two-factor authentication

encryption

patching software applications

risk management methodologies

tools and techniques to conduct gap analysis of strategy performance

data protection requirements for:

stored data

data in transit

data in third party applications

mobile device security strategies.

---