CompTIA CASP+ Practice Test

What is the best method to balance security and usability when considering personal electronic devices on a company network?

• A. Implement strict user access control
• B. Review the security policy and perform a risk evaluation
• C. Ban all personal devices
• D. Allow all smartphones to connect without restrictions

The correct answer is: Review the security policy and perform a risk evaluation

The most effective method to balance security and usability concerning personal electronic devices on a company network is to review the security policy and perform a risk evaluation. This approach allows organizations to assess the current security posture and identify potential risks associated with allowing personal devices on the network. By thoroughly evaluating these risks, companies can develop tailored policies that address specific concerns while still enabling employees to use their personal devices effectively. Conducting a risk evaluation provides valuable insights into the types of devices that may pose security threats as well as the specific vulnerabilities inherent in the network environment. It enables organizations to implement targeted controls that enhance security – such as device management solutions, access controls, or security training – without compromising usability. In contrast, implementing strict user access control may focus too heavily on restrictions and risk alienating users by hindering their ability to work efficiently. Banning all personal devices removes flexibility and can impact employee satisfaction and productivity. Allowing unlimited access without restrictions would likely lead to significant security vulnerabilities, exposing company data to various risks, including malware and unauthorized access. Therefore, a balanced approach that arises from reviewing policy and assessing risk is essential for both security and usability.