- Privacy Issues: Consists of the interest of the business for keeping valuable information away from the public. This relates to confidentiality. This is kept in mind when a company has valuable infromation which is wanted to be kept private. The risk of being released in the public could result to the company 'sinking'.
- Data Accuracy: It is important that data is keep up to date and is as accurate as possible. Constant checks must be made to ensure that no 'suspicious' activity has occured. Data must also be limited to who can access it to decrease amounts of malicious activity.
- Property Issues: Issues with who owns information in companies is a problem. It is shown that most companies are montioring employees' emails as they are misusing them with the information which is being issued out to peole outside of the company.
2. Describe a situation involving technology that is ethical but illegal
Employees search organisational database for sensitive and personal information. This is an example of bank employees who have access to customers' bank details and use it against their will to trace their bank details, which could lead to fraudulent activity such as taking money out of their accounts.
3. Describe and explain one of the computer use policies that a company might employee
Internet use policy- Consists of generalpriciples which guide the correct use of the internet in the workplace. The policy:
- Describes available internet services.
- Defines the purpose and restriction of internet access.
- Describes user responsibilities.
- Shows the consiquential result for violations.
4. What are the 5 main technology security risks
1)Human Error
2)Natural Disasters
3)Technical Failures
4)Deliberate Acts
5)Management Failure
5. Outline one way to reduce each risk
1) Human error: Strong passwords which consists of some letters and numbers make it harder to guess the password and prevent people guessing passwords.
2) Natural disaster: Retaining offsite backups which are kept outside of the premises and are kept in the exact same order as on premises.
3)Techinical Failures: Network rights and permissions correctly assigned reduce the risk of employees accessing parts of the system which could result to failures.
4)Deliberate Acts- Passwords: Changing passwords on a regular basis with a secure password reset,will decrease the prevention of external parties hacking into systems.
5) Management Failure: Training employees on the job helps employees to develop the correct skills needed to perform their tasts with minimal risks involved.
The link above describes how security online has changed in today's world.
6. What is a disaster recovery plan, what strategies might a firm employee?
The process of regaining information and data after a disaster has taken place. It is a form of Off Site Backups- This involves saving information and data outside of the workplace, so there will be a copy available if something goes wrong in the workplace.
The link above desribes ways which disaster recovery plans could be implemented
No comments:
Post a Comment