U13 - Ch.12 - Managing Information Security and Privacy

Question 1

What is identity theft?

Answer 1

Vital information is stolen to create new (fake) identity. All that is needed is name, address, birthdate, SIN, and mother’s maiden name.

Thief can take over victim’s financial accounts and worse.

Question 2

What is PIPEDA?

Answer 2

Personal Information Protection and Electronic Documents Act is intended to balance an individual’s right to the privacy of his or her personal information (that organizations collect/use/share for business purposes).

Overseen by privacy commissioner of Canada.

Question 3

What are examples of security threats to organizations?

Answer 3

1. Human errors and mistakes (i.e. deleting a customer’s record by accident). Result of poorly written programs and procedures or simply physical accidents.
2. Malicious human activity (hackers)
3. Natural Events and disasters (floods)

Question 4

What are five types of security problems?

Answer 4

1. Unauthorized data disclosure
2. Incorrect data modification
3. Faulty Service
4. DDOS
5. Loss of infrastructure

Question 5

What are data safeguards?

Answer 5

They protect databases and other organizational data. E.g. encryption keys and backup copies (to check validity), physical locks and the right to inspect premises of third parties.

Question 6

What is disaster preparedness?

Answer 6

Figuring out what’s crucial for a business to continue running no matter what, and making sure that, in disasters, those systems get replaced/fixed ASAP.