Data Security Essay

1110 words - 5 pages

Lara Ramey
Southern New Hampshire University
OL 442 – Professor David Miller
April 25, 2015
Final Paper: Data Security

With technology taking over businesses and costs rising higher by the year, having a solid data security policy in place is an extremely beneficial and important part of protecting an organization. Sinrod (2010) discusses how financially damaging data breaches can be for an organization, with an average cost of $6.75 million per incident in 2009.
Breaches can be expressed both in and out of the organization, with especially staggering statistics on employee theft. Dwyer (2014) states, “39 percent of data theft from businesses comes from company insiders. Even more ...view middle of the document...

If I were the Human Resources Manager of a bank, I would communicate the policy through a few different methods. First, similar to Spherion’s method, I would present the document(s) to employees upon onboarding for review and signature, and store the files in our employee file database (Jackson et al., 2014). Furthermore, it would be valuable to train new hires on data security for additional protection (Hass, 2010). If it were a brand new or amended policy, I would initiate a company-wide meeting to discuss its details and request both a written and verbal agreement. This would give employees an opportunity to ask questions, voice their concerns, and truly feel like they are being communicated to effectively.
A data security policy for a bank should be extremely detailed, and include well thought out procedures for protecting such at-risk organizations. With overwhelming statistics on the high amount of data theft caused by a business’ very own staff, banks need to be especially careful on how they implement their policies. Morgan Stanley is the perfect example of how a single employee alone can cause an overwhelming amount of damage. Earlier this year, the financial services corporation terminated one of their own for stealing account names and numbers from about 10% of their clients (Gara, 2015).
Bank employees can breach data security through a number of methods and the company policy should take action to eliminate as many of these portals as possible (Hass, 2010). Some policies should include the inability to process family/friends’ transactions and disabling cell phone and personal email use during work hours (except for emergencies). I would also enable supervisory programs that can track employee work history and set web portal controls through organizational databases. Video surveillance would be an important addition to the physical security plan in order to conduct investigations in the event of an actual incident. Hard drives and USB sticks should be banned unless they are considered company property and used appropriately. Since email monitoring tends to be controversial, it might be beneficial to look into software programs that can trace anything communicated through company technology that would be considered a threat instead of monitoring every keystroke.
It is important to note new employees and existing employees can be handled a bit differently when issues of data security arise. As with any data breach, investigation should be done and causation should be identified (Snider, 2013). It’s...

Other Papers Like Data Security

Course Discription Essay

968 words - 4 pages evaluation should provide details, examples and/or reasons for your viewpoint. 8/19/13 15 Week Three: Data Security Issues and Considerations Details Due Points Objectives 3.1 Identify components of data security. 3.2 Distinguish the differences among the various data security methodologies. 3.3 Begin to apply data security methodologies in situational cases. Reading Read Ch. 11, “Buffer Overflow,” of Computer Security Principles and

Global Security Policy - Week 5 - Cmgt-400

969 words - 4 pages consistency and local relevance. They can quickly be adapted to meet local market requirements. Diageo, a global premium beverage company with offices in 80 countries uses this model. They have created a knowledge repository that helps them standardize functions and materials. An electronic filing system has been created that provides greater data security that meets compliance and privacy laws for multiple countries (Gartside, Griccioli, &amp

Data Management

632 words - 3 pages Data Management Data management is the development, execution and supervision of plans, policies, programs and practices that control, protect, deliver and enhance the value of data and information assets Primary data management functions include: 1. Data Governance Data 2. Data Architecture Management 3. Data Development 4. Database Operations Management 5. Data Security Management 6. Reference & Master Data Management 7

Chapter 1-Introduction to Information Security: Principles of Information Security

979 words - 4 pages transport the data and provides interfaces for the entry and removal od the info form the system. - Physical security polices that deal with hardware a physical assets and with the protection of physical assets from harm and theft. Data: Data stared, processed and transmitted by a computer system must be protected - often the most valuable asset processed by the organization and is the main target of internal attacks. - By the use of

Chapter 1 Review Questions

870 words - 4 pages protection (assuring the security of utility services) related to information security? A. Both infrastructure protection and information security share the same overall goal, which is to ensure that data is available when, where and how it is needed. 4. What type of security was dominant in the early years of computing? A. Early security was entirely physical security. 5. What are the three components of the C.I.A. Triangle? What are they used

Principles of Security 5th Edition Chapter 1 Review Questions

844 words - 4 pages to keep information secured. 7. Describe the critical characteristics of information. How are they used in the study of computer security? Availability ensures that only authorized user have access to information. Accuracy makes sure that the date it has no errors. Authenticity ensures that the data is genuine. Prevents unauthorized user from have access to information. Integrity ensures that information is not damaged or change by

Tjx Technology

580 words - 3 pages . The first security control used in TJX is the Wired Equivalent Privacy (WEP). WEP is a security algorithm for IEEE 802.11 wireless networks. Its intention is to provide data confidentiality comparable to tat f a traditional wired network. WEP is widely in use. There are two methods of authentication for WEP, Open authentication and Shared Key authentication. WEP shares one single WEP key between every node on the network. That means the WEP key

Introduction to Information Security Student

1249 words - 5 pages mainframes and maintain the integrity of their data. 嗗 Access to sensitive military locations was controlled by means of badges, keys, and the facial recognition of authorized personnel by security guards. 嗗 The growing need to maintain national security eventually led to more complex and more technologically sophisticated computer security safeguards. The History of Information Security During these early years, information security was a

Cmgt400 Week 4 Individual

1359 words - 6 pages , and Robert (2006) stated that, “There are many viruses, malware, and hackers that can compromise the security and integrity of an information system. Many remedies that are available for protecting IT systems cannot guarantee security that ensures data protection.” Therefore, deploying protective measures can help lower the level of risks. Implementing organizational tactics, modernized technologies, and processes can help close the gap by

Linux Security

448 words - 2 pages Data Security Standard (PCI DSS), Federal Information Security Management Act of 2002, Control Objectives for Information and Related Technology (COBIT). Many or part of these and more must be taken into consideration while putting this project in play. There are a couple of documents: ISO\IEC 17799 and ISO\IEC 27001. The ISO\IEC 17799 IT security technique is the policy for information security management, guidelines, principles for implementing

Computer Security In Education

330 words - 2 pages university at risk for lawsuits if the information is exposed. Student’s internet use on campus daily comes in contact with social network targeting, malicious software, infrastructure attacks, phishing, and peer-to-peer file transfers (Rasmussen, 2011). These dangers put not only the students’ computers at risk for security breaches, but the universities’ network as well. The damages resulting from data breaches in college networks are numerous. Not only

Related Essays

Data Security Essay

1089 words - 5 pages Lonnie Virgil Week Seven Case Study Data security is a critical factor that all individuals and organizations should be concern about. When taking into consideration sensitive data that businesses and individuals hold from financial information to personal information such as social security numbers, any breach in security could be damaging. Data security are methods used to protect data and sensitive information from unauthorized users by

Computer Data Security Essay

838 words - 4 pages Every business from the small auto shop in our neighborhood to a big national corporations are worried about the same thing, keeping sensitive data safe, either by storing the physical paper work in a secure room or by strengthening computer security measures. Data needs to be handling with care and monitored all the time to make sure that the integrity of files has not been corrupted. Plus, data collected and stored in serves needs to be

Data Management Policy Essay

2611 words - 11 pages which covers the collection, storage, security, maintenance and dissemination of administrative data throughout the University. Roles responsible and accountable for data collection, storage, security, maintenance, dissemination and data quality. Scope: This Policy provides a comprehensive data management framework which is consistent across all of the University’s major Information Systems (Finance, Student, HR and Course Information – see

Impact Of Data Classification Standard Essay

596 words - 3 pages Impact of Data Classification Standard and Internal Use Only Data classification standard provides the means of how the business should handle and secure different types of data. Through security controls different data types can be protected. All these security controls should apply to each of every IT infrastructure in which it will state how the procedures and guidelines will guarantee the organization’s infrastructures security. This