Respond to two or more of your colleagues in one or more of the following ways:
Compare your findings to the list of security trends your colleague identified. Look for similarities and differences. Share the insights you gained.
Offer additional ideas or recommendations about how the security issues your colleague identified could potentially affect business or the organization your colleague discussed. Provide examples or observations from your experience or readings from the week.
Offer your thoughts about potential ways that business or the organization identified by you colleague could mitigate or eliminate the risks posed.
Share how the trends identified by your colleague could impact or potentially impact your organization or one with which you are familiar. Discuss how your organization could mitigate or eliminate the risks posed.
POST1
Data security tends to be an area of growing concern for companies both large and small (Phan, Flo, Patel, 2016). It goes without saying that it is very important for companies to keep their information safe, secure, and out of the wrong hands. Through my research, I have found that some current trends related to data security. One trend that I located is the focus of the FTC (Federal Trade Commission) over the last year. One of the additional areas that they have been focusing on is taking action against companies that use technology to take control of or collect information from consumers without their knowledge (Phan, Flo, Patel, 2016). This is an effective trend because it further protects customers and customer’s information, which should be the goal of every company.
Another trend that I found upon research is the amount of time that it can take for a security breach to be noticed and responded to. Believe it or not, the average amount of time for a breach to be detected and those effected notified is one hundred and thirty-four days (Maloni,2015). That is quite some time for a business to realize that their information has been hacked and that is even longer for customers to be made aware of the issue as well. Due to the issue being a time-sensitive one, companies need to find ways to react quicker when classified information is compromised (Maloni,2015). By enabling a smarter and faster detection and response process, liabilities can be lessened and well as other damages.
I work with a lot of confidential and customer-sensitive information in my current workplace. One practice that we have in use is the limit of cell phone usage at our desks. While, we understand that most employees are not going to purposely take their phone in order to steal, record, or even possibly sell customer information, the practice is actually put in place to prevent accidentally exposure of customer information. For example, say I am taking the typical, “busy at work” selfie that I plan to post to Instagram or some other social media site. I do not realize that my computer was on in the background and now all of the sudden Mr. Smith’s information that I had pulled up is visible for all of my followers to see. There is no need to say that this simple, unintentional error could lead to much damage and liabilities for the company.
As a manager, I will make sure that I am my employees aware of both intentional and unintentional data breaches such as the one that I described above. I will educate them on best practices such as limited cell phone usage and to always be aware of their surroundings as well. I previously worked at a bank and I had a customer that distracted me and was able to steal customer information. I will train employees on some common things that criminals try to do in order to get information so they will be aware of what to look for.
POST2
Two trends related to data information, information systems, or information technology, security are context-aware security and information security outsourcing. Context-aware security is used for situational information like identity, location, time of day, device type, business value of data and reputation to make more effective, efficient and accurate information security decisions (Ashford, 2013).Information Security outsourcing is having security standards and in order to meet the standards organizations outsource security protection to a managed security service provider (MSSP) (Hui & Yue, 2013).
These security issues are challenging businesses because maintaining a great level of security is a necessity within an organization. It is how the business aspect of an organization is made to function for accurately. With context-aware security an organization has to be able to understand how and what the security can do to support current and future business (Hui & Yue, 2013). And with information security outsourcing organization have to be aware of security risks for clients (Ashford, 2013). With my organization there is a great deal of valuable information that is needed and being able to have the right security is essential because not all trends are needed for all organizations.
As a manager I would protect data and information used by making sure that personal and valuable information needed is not being exposed to others and that when it comes to patient information it is kept every secure and guidelines and policies are being followed in order to maintain privacy.