23639995
Description
Flashcards by Adriana Vincelli-Joma, updated more than 1 year ago
|
Created by Adriana Vincelli-Joma
about 4 years ago
|
|
| Question | Answer |
| identity theft | -stealing, misrepresenting, or hijacking identity of another person or business |
| How to protect yourself from identity theft | 1. ask why someone needs info. and what they will use it for before providing it 2. shred personal/financial info. 3. carry only ID and credit cards you will need that day 4. cut up expired and unused credit cards 5. do not give personal info. to anyone who phones/emails unless you know them |
| Personal Info. Protection and Electronic Documents Act (PIPEDA) | -individuals have right to know why org. collects, uses, or discloses personal info. -governs how data are collected and used |
| Why Canadian business profs. need to be aware of PIPEDA | -orgs. should not be able to use info. collected for any purpose other than what org. agreed to use it for -duty of org. to protect info. they collect |
| Sources of Security Threats | -human errors and mistakes -malicious human activity -natural events and disasters |
| Elements of Security Program | -senior management involvement -safeguards -incident response |
| Technical Safeguards | -identification and authentication -encryption and firewalls malware protection -malware safeguards |
| Data Safeguards | -encryption keys -backup copies -physical security -third party contracts |
| Human Safeguards (Employees) | -user accounts considerations -hiring and screening employees -dissemination -enforcement of policies -termination |
| Human Safeguards (temporary personnel and vendors) | -screen personnel -training/compliance -contract include specific security provisions -provide accounts and passwords with least privileges |
| Human Safeguards (public users) | -harden web site and facility -(take extraordinary measures to reduce system's vulnerability) |
| Human Safeguards (partners and public) | -protect from internal company security problems |
| Disaster Preparedness Guidelines | -locate infrastructure in safe location -identify mission-critical systems -identify resources needed to run those systems -prepare remote backup facilities -train and rehearse |
| Response to Security Incidents | -org. must have plan -centralized reporting of incidents -speed is of essence -preparation pays off -practice incidence response |
Want to create your own Flashcards for free with GoConqr? Learn more.