Ch 16 Security and Privacy Flashcards
Why is privacy critically important?
HRIS data collected is confidential personal data
Places where files are stored need different types of security depending on where it’s stored.
Strong security plans and procedures are needed.
How has the face of privacy changed?
- More ppl aware of privacy issues and how data is used
- more data collected, stored, and used
- more legislative requirements
How many records have been breeched between 2005-2010?
500 million
What are the risks employees pose to security?
Unauthorized access unauthorized disclosure unauthorized disclosure of data accuracy Data entry error Use of data in unauthorized way No org created policies and procedures
What type of privacy policies must companies create?
clear reasonable that are revised and reviewed annually and signed off on by employees.
What is the name of the cube that allows analysts to identify the info flows within an HRIS?
McCumber Cube
What are the 3 sides of the cube?
What you are protecting - Confidentiality, Integrity, Availability
When data needs to be protected - transmission, storages, processing
How to protect - Human factors, Policies & procedures, technology.
What are the security threats that are posed to the system?
Human error Disgruntled employees & ex-ees Other internal attackers external hackers natural disasters Back-ups
What are potential uses of inappropriately acquired info?
extortion theft computer-based fraud cyber terrorism phishing denial of service software threats
What are the types of software threats?
Computer virus worms spyware blended threats trojans
What are some best practices security practices?
- comprehensive info security and privacy policy
- store sensitive data in secure and appropriately encrypted way
- properly dispose of documents
- build document destruction into office
- implement and update all measures
- conduct walkthroughs to identify previously unidentified gaps.