CMIS 351 Lesson 12 Managing Information Security and Privacy

Description

Training and Development Manager CMIS 351 Flashcards on CMIS 351 Lesson 12 Managing Information Security and Privacy, created by Adriana Vincelli-Joma on 12/06/2020.
Adriana Vincelli-Joma
Flashcards by Adriana Vincelli-Joma, updated more than 1 year ago
Adriana Vincelli-Joma
Created by Adriana Vincelli-Joma over 4 years ago
4
0

Resource summary

Question Answer
identity theft -stealing, misrepresenting, or hijacking identity of another person or business
How to protect yourself from identity theft 1. ask why someone needs info. and what they will use it for before providing it 2. shred personal/financial info. 3. carry only ID and credit cards you will need that day 4. cut up expired and unused credit cards 5. do not give personal info. to anyone who phones/emails unless you know them
Personal Info. Protection and Electronic Documents Act (PIPEDA) -individuals have right to know why org. collects, uses, or discloses personal info. -governs how data are collected and used
Why Canadian business profs. need to be aware of PIPEDA -orgs. should not be able to use info. collected for any purpose other than what org. agreed to use it for -duty of org. to protect info. they collect
Sources of Security Threats -human errors and mistakes -malicious human activity -natural events and disasters
Elements of Security Program -senior management involvement -safeguards -incident response
Technical Safeguards -identification and authentication -encryption and firewalls malware protection -malware safeguards
Data Safeguards -encryption keys -backup copies -physical security -third party contracts
Human Safeguards (Employees) -user accounts considerations -hiring and screening employees -dissemination -enforcement of policies -termination
Human Safeguards (temporary personnel and vendors) -screen personnel -training/compliance -contract include specific security provisions -provide accounts and passwords with least privileges
Human Safeguards (public users) -harden web site and facility -(take extraordinary measures to reduce system's vulnerability)
Human Safeguards (partners and public) -protect from internal company security problems
Disaster Preparedness Guidelines -locate infrastructure in safe location -identify mission-critical systems -identify resources needed to run those systems -prepare remote backup facilities -train and rehearse
Response to Security Incidents -org. must have plan -centralized reporting of incidents -speed is of essence -preparation pays off -practice incidence response
Show full summary Hide full summary

Similar

Criminal Law
jesusreyes88
General Knowledge Quiz
Andrea Leyden
A Christmas Carol Quotes
0serenityrose0
HRCI Glossary of Terms O-Z
Sandra Reed
Romeo and Juliet: Key Points
mbennett
Unit 1 flashcards
C R
Plant Anatomy Quiz
Kit Sinclair
Performance y Planificación de Vuelo
Adriana Forero
1PR101 2.test - Část 8.
Nikola Truong
SFDC App Builder 1 (126-150)
Connie Woolard
PSBD/PSCOD/ASSD-New
Yuvraj Sunar