Q1-2 Data Breach
Name
Institution
Q1-2 Data Breach
软件代写 数据分析代写 essay代写 paper代写 There are a variety of ways to breach employee data. One of them is the use of the internet to access data
Data Threats
There are a variety of ways to breach employee data. One of them is the use of the internet to access data remotely (“Legal Workspace,” 2016). Employees are tricked using emails with malicious software to harvest computer data. The information harvested through the software is then used to gain remote access to office computers. The attacker can then infect other computers to gain access to confidential information.软件代写 数据分析代写 essay代写 paper代写
The use of weak IDs and passwords also increase vulnerability. An attacker can easily crack the ID and password to gain access (“Legal Workspace,” 2016). A security analysis found that weak ID and passwords contribute to more than 90 percent of the data breach. Therefore, strong IDs and password are needed for security.
[caption id="attachment_18310" align="alignnone" width="1080"] 软件代写 数据分析代写 essay代写 paper代写[/caption]
Besides, attackers can use a phone scam to access computers. A scammer may call an employee pretending to be software support (“Legal Workspace,” 2016). The employee is then tricked into sending the access credentials to the caller pretending to correct software problems.软件代写 数据分析代写 essay代写 paper代写
Also, unrestricted access to administration rights is a threat to security. Access privileges can be risky because anyone can install programs or applications. Also, an employee or another person can enter into the administration room and install software or device that gain access to private data. Unrestricted access to administration rights is security loophole that can be exploited by attackers.
The policy of Bring Your Device also expose the firms to security breaches. The devices used in the shared network might be vulnerable (“Legal Workspace,” 2016). Some employees may be lacking knowledge on how to secure their computers. Other might use external drives that have been injected with malicious programs. BYOD is a security threat to a firm if not well controlled.软件代写 数据分析代写 essay代写 paper代写
How to Address After Occurrence and Preventive Measures
How to Address Threats
When a breach occurs, further damage should be controlled. Other steps need to be taken according to Brandon (2014) include the firm needs to determine what was stolen. Also, all the systems need fresh security measures like a change of passwords and programs. The administration then determines and evaluate the cause of the breach and try to seal the loopholes. It is also important to have outside help in solving security issues.软件代写 数据分析代写 essay代写 paper代写
Preventive Measures
[caption id="attachment_18311" align="alignnone" width="1920"] 软件代写 数据分析代写 essay代写 paper代写[/caption]
The firm needs to utilize the General Data Protection Regulation (GDPR) approaches. Each employee should be educated on security measures. Systems need updated security provided by reputable third parties. The administration should provide work policy on the stations for data security. Finally, access to the premises should have privileges for easier controls.
References软件代写 数据分析代写 essay代写 paper代写
Brandon, J. (2014). Steps to Take When a Data Breach Hits. Retrieved from https://www.cio.com/article/2692972/data-breach/5-steps-to-take-when-a-data-breach-hits.html
Legal Workspace. (2016). Ways employees accidentally threaten data security. Retrieved from https://legal-workspace.com/5-ways-employees-accidentally-threaten-data-security/
Q1-2数据泄露
数据威胁
有多种方式可以破坏员工数据。其中之一是使用互联网远程访问数据(“法律工作区”,2016年)。员工被诱骗使用带有恶意软件的电子邮件来收集计算机数据。然后,通过该软件收集的信息将用于远程访问办公计算机。然后,攻击者可以感染其他计算机以获得对机密信息的访问权。软件代写 数据分析代写 essay代写
使用弱ID和密码也会增加漏洞。攻击者可以轻松破解ID和密码以获得访问权限(“法律工作区”,2016年)。安全分析发现,弱的ID和密码造成了超过90%的数据泄露。因此,为了安全起见,需要强壮的ID和密码。
此外,攻击者可以使用电话骗局来访问计算机。诈骗者可能会假装称其为软件支持的员工(“法律工作区”,2016年)。然后,该员工被欺骗向假装纠正软件问题的呼叫者发送访问凭据。
同样,不受限制地访问管理权限也对安全构成了威胁。由于任何人都可以安装程序或应用程序,因此访问特权可能会带来风险。同样,员工或其他人也可以进入管理室并安装可以访问私有数据的软件或设备。对管理权限的无限制访问是安全漏洞,攻击者可以利用此漏洞。
携带设备的政策也使公司面临安全漏洞。共享网络中使用的设备可能容易受到攻击(“法律工作区”,2016年)。一些员工可能缺乏有关如何保护计算机的知识。其他人可能会使用已注入恶意程序的外部驱动器。如果控制不好,BYOD对公司的安全构成威胁。
发生后的处理方法及预防措施
如何解决威胁
发生违规时,应控制进一步的损坏。根据布兰登(Brandon,2014)的观点,还需要采取其他措施,包括确定公司被盗的内容。而且,所有系统都需要新的安全措施,例如更改密码和程序。然后,主管部门确定并评估破坏的原因,并设法弥补漏洞。在解决安全问题方面获得外部帮助也很重要。软件代写 数据分析代写 essay代写
预防措施
公司需要利用通用数据保护法规(GDPR)方法。每个员工都应接受有关安全措施的教育。系统需要由信誉良好的第三方提供的更新的安全性。主管部门应在台站上提供工作策略以确保数据安全。最后,进入场所应具有更轻松控制的特权。
References软件代写 数据分析代写
Brandon, J. (2014). Steps to Take When a Data Breach Hits. Retrieved from https://www.cio.com/article/2692972/data-breach/5-steps-to-take-when-a-data-breach-hits.html
Legal Workspace. (2016). Ways employees accidentally threaten data security. Retrieved from https://legal-workspace.com/5-ways-employees-accidentally-threaten-data-security/
发表回复
要发表评论,您必须先登录。