Risks Flashcards

1
Q

Unauthorized access to data - Confidentiality

what are the 2 reasons data can be viewed by someone? What does it mean?

A

Data can be viewed because of espionage and poor information management
Espionage is when information is collected and used against the organization
if a company has poor information = data is insecurely stored or too many people have access to sensitive information
competitors would benefit from unauthorized access and DPA will be broken if personal data is accessed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Accidental loss of data

  1. What is data loss?
  2. What is the reason of accidental loss?
  3. What would happen if data is lost?
A
  1. Information that is irretrievably lost = original data cannot be accessed in any format.
  2. Equipment failure or technical error = data corruption such as data crash and hardware failure
    Human error = employees might accidentally delete a file or discard an important document without realizing.
  3. Hours of data collection and entry will have been for nothing and might delay dependent processes such as analysis and trend recognition.
    Security principle of availability has been broken and data protection has been breached
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Intentional destruction of data

  1. What is it? Examples?
  2. What is the job of ransomware?
  3. What can happen if data is intentionally deleted?
A
  1. This is the act of purposely damaging an organization by deleting or denying any access to data. Examples include viruses that corrupt data so that it can no longer be used and targeted malicious attacks such as DDOS attacks or ransomware.
  2. Encrypts files so that they can be accessed again when certain criteria have been met, usually the affected will have to pay an extortionate fee
  3. When data is intentionally deleted the organization in question can respond by replacing the data and any infected systems by ignoring the loss and not making the breach public.
    Data destruction = to a loss of reputation as customers won’t want to have their information stored in a system that is seen as unreliable and insufficiently protected. Loss of reputation = to customer loss and a decrease in profits. If the loss is ignored and unreported, it = to a huge loss in trust when it is eventually revealed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Intentional tempering with data

  1. What does it mean?
  2. When does it occur?
  3. What can data tempering lead ?
A
  1. This is when data is changed and no longer accurate.
  2. this occurs through fraudulent activity like hacking to change information displayed on a webpage.
  3. If data temper is found out, it can result in loss of reputation as that organization cannot be trusted to report data accurately. If personal data has been altered, then the security principle of integrity will have been broken as data is no longer accurate.
    Data security principles and protection methods will also need to be reviewed if data has been tempered with, especially if it was an external individual that accessed and changed the data.
    Employees that temper with data will be fired and face legal action.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly