Scribd Logo
Upload

Welcome to Scribd!

  • Case Study #2: Data Security & Data Loss Prevention: UMUC CSIA 300 7380 Cybersecurity For Leaders and Managers

    Uploaded by

    jasmine prudence
    14 views6 pages

    Original Title

    Untitled

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views6 pages

    Case Study #2: Data Security & Data Loss Prevention: UMUC CSIA 300 7380 Cybersecurity For Leaders and Managers

    Uploaded by

    jasmine prudence

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Running Head: Case Study #2: Data Security & Data Loss Prevention 1

    Case Study #2: Data Security & Data Loss Prevention

    UMUC CSIA 300 7380 Cybersecurity for Leaders and Managers

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Running Head: Case Study #2: Data Security & Data Loss Prevention 2

    Introduction

    As a new management intern at Padgett-Beale, I have been assigned to work with the Training

    Team in the Office of Human Resources (T2) to help develop an internal training program for the

    employees and managers. My second assignment is to develop a training module for data

    security and data loss prevention that will be included in the training program for new hires and

    apart of the employee Lunch and Learn seminars. My assigned topic for this training module is

    “Data Security & Data Loss Prevention.” The topic was selected by several members of the

    Padgett-Beale’s leadership team after some employees had confidential corporate data and logon

    credentials stolen from their mobile devices while venturing outside of the network. Today, I will

    be identifying and discussing five major issues that employees need to be aware of when it

    comes to data security and data loss prevention.

    Data Security & Data Loss Prevention

    Today, there are tons of ways that cyber adversaries can attack their victim but one way that

    businesses tend to miss is attacks on their business through employees while they are away from

    the office or while traveling. After working a long shift the last thing employees are worried

    about is protecting the company’s confidential data while at a bar, sipping a cocktail and surfing

    the internet. A lot of company give their employees company phones and computer that they use

    when they are out of the office to give the employee mobility which adds an another way for

    hackers to do what they do best. However, employees can face bigger threats when traveling to

    other states and countries as some company’s fail to set up protocols and procedures to protect

    confidential data while traveling outside of the office .Data security and data loss prevention play

    a major in protecting valuable company data while traveling outside of the company network.

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Running Head: Case Study #2: Data Security & Data Loss Prevention 3

    Using the Company’s Virtual Private Network (VPN)

    While venturing outside of the office it is important that employees only use the

    company’s VPN to prevent access to the company’s confidential information. VPN provides an

    encrypted, secure connection between any number of computers located anywhere in the world.

    (Robinson, 2018) Implementing VPN technology will protect users from traffic interception

    resulting in malicious attacks against the user or the company. Unlike public Wireless Fidelity

    Alliance Inc. (Wi-Fi), VPN provides a secure tunnel that encrypts traffic making every

    interaction unreadable to cyber adversaries.

    Storing Mobile Devices

    It is easy to tell employees to never leave their mobile devices unsecured but companies

    have to be a bit some specific to help prevent data loss due to lost or stolen devices. Employers

    must remind the employees to never leave devices in plain view in a car and hat a better practice

    is to keep it with you but if you have to leave it in the car the trunk is a better option. Employees

    should try to never let their mobile devices leave their sight and even at while working in the

    office employees should keep their devices either lock away in their desk or office and should

    not be left out in the open when they’re not in their workspace.

    Lost or Stolen Devices

    Mobile Device Management (MDM) plays an important role in securing data when

    devices are lost or stolen. MDM is a security software that is used to manage and secure

    employee’s mobile devices. (Beal, 2014) Employers must employ MDM solutions that will lock

    and wipe devices when reported lost or stolen to prevent data theft. (Beal, 2014) Employees need

    to be trained to use the various feature of such location tracking technology to keep track of their

    mobile devices at all time.

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Running Head: Case Study #2: Data Security & Data Loss Prevention 4

    Location trackers may need to be downloaded and activated on the device so businesses

    can locate and recover missing devices. Tracking technology can help both the employee and the

    company in their efforts to protect valuable data from adversaries.

    Access Controls

    Implementing role-based access control (RBAC) is important when trying to protect data

    and prevent loss. RBAC acts as another layer of security to prevent unauthorized access to

    business data. Employers have to decide which type of users need access to certain information

    so they can assign roles and access permissions for each employees in the organization. All

    businesses need to protect their investment by creating permissions that are allocated with just

    enough access needed for employees to do their jobs because too much access to confidential

    information has the potential to cause problems for the organization in the future. (Stor-Guard,

    LLC, 2015)

    Limit Personal Use

    Most companies have strict mobile use policies in order to prevent data loss and increase

    productivity. Employees should only be allowed to use their corporate devices to make business

    calls, check business emails or messages, and downloading productive apps that are approved by

    the company. If employees are allowed to use their devices away from work they should use

    secure tunnels like the VPN. It is important that employee understand that surf the internet or

    social media accounts pose a major threat to data security and should be done on their own

    personal devices. Some social media accounts like Facebook, Instagram and YouTube collect

    personal information as the users provides them with or without their knowledge so users should

    always limit personal use to prevent company data from being stored, shared or used by cyber

    adversaries.

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Running Head: Case Study #2: Data Security & Data Loss Prevention 5

    Conclusion

    Overall, I have recommend five major issues that employees need to be aware of when it

    comes to data security and data loss prevention. Today, protecting data is near impossible and

    many large corporations with huge budgets for cyber security still fail at keep all corporate data

    safe. Businesses need all the help they can get to keep confidential information safe from

    adversaries and that includes soliciting the help of their employees. The employee have their own

    responsibility to make sure they are not unintentionally putting the company at risk for attacks.

    User carelessness result in hacker’s ability to commit fraud with stolen data so it is important for

    employees to know how they can apply data security to prevent data loss. (Wolfberry, 2016)

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Running Head: Case Study #2: Data Security & Data Loss Prevention 6

    References

    Beal, V. (2014). MDM - mobile device management. Retrieved July 8, 2018, from

    https://www.webopedia.com/TERM/M/mobile_device_management.html

    Robinson, K. (2018, April 13). How Much Does a VPN Solution Cost? | AVOXI Cloud

    Communications. Retrieved June 30, 2018, from https://www.avoxi.com/blog/vpn-solution-cost/

    Stor-Guard, LLC. (2015). Types of Access Control Systems for Effective Personnel Security.

    Retrieved July 8, 2018, from https://www.stor-guard.com/article/types-of-access-control-

    systems-for-effective-personnel-security-43

    Wolfberry. (2016). Digital foot printing. Retrieved June 30, 2018, from

    https://www.wolfberrycs.com/digital-foot-printing/

    This study source was downloaded by 100000847738536 from CourseHero.com on 06-06-2022 09:53:36 GMT -05:00

    https://www.coursehero.com/file/35567323/Case-Study-2-Data-Security-Data-Loss-Preventiondocx/
    Powered by TCPDF (www.tcpdf.org)

    You might also like