Q1-2 Data Breach
Q1-2 Data Breach
data代写 There are a variety of ways to breach employee data. One of them is the use of the internet to access data remotely ...
There are a variety of ways to breach employee data. One of them is the use of the internet to access data remotely (“Legal Workspace,” 2016). Employees are tricked using emails with malicious software to harvest computer data. The information harvested through the software is then used to gain remote access to office computers. The attacker can then infect other computers to gain access to confidential information.data代写
The use of weak IDs and passwords also increase vulnerability.
An attacker can easily crack the ID and password to gain access (“Legal Workspace,” 2016). A security analysis found that weak ID and passwords contribute to more than 90 percent of the data breach. Therefore, strong IDs and password are needed for security.
Besides, attackers can use a phone scam to access computers. A scammer may call an employee pretending to be software support (“Legal Workspace,” 2016). The employee is then tricked into sending the access credentials to the caller pretending to correct software problems.data代写
Also, unrestricted access to administration rights is a threat to security.
Access privileges can be risky because anyone can install programs or applications. Also, an employee or another person can enter into the administration room and install software or device that gain access to private data. Unrestricted access to administration rights is security loophole that can be exploited by attackers.data代写
The policy of Bring Your Device also expose the firms to security breaches. The devices used in the shared network might be vulnerable (“Legal Workspace,” 2016). Some employees may be lacking knowledge on how to secure their computers. Other might use external drives that have been injected with malicious programs. BYOD is a security threat to a firm if not well controlled.
How to Address After Occurrence and Preventive Measuresdata代写
How to Address Threats
When a breach occurs, further damage should be controlled. Other steps need to be taken according to Brandon (2014) include the firm needs to determine what was stolen. Also, all the systems need fresh security measures like a change of passwords and programs. The administration then determines and evaluate the cause of the breach and try to seal the loopholes. It is also important to have outside help in solving security issues.
The firm needs to utilize the General Data Protection Regulation (GDPR) approaches. Each employee should be educated on security measures. Systems need updated security provided by reputable third parties. The administration should provide work policy on the stations for data security. Finally, access to the premises should have privileges for easier controls.data代写
Brandon, J. (2014). Steps to Take When a Data Breach Hits. Retrieved from https://www.cio.com/article/2692972/data-breach/5-steps-to-take-when-a-data-breach-hits.html
Legal Workspace. (2016). Ways employees accidentally threaten data security. Retrieved from https://legal-workspace.com/5-ways-employees-accidentally-threaten-data-security/