Unit 7- Information security and Ethics Flashcards
confidentiality
prevents unauthorized use or disclosure of info.
integrity
safeguards the accuracy and completeness of information
availability
authorized users have reliable and timely access to the resources
areas of risk
- environmental- (hurricane, flood, etc.)
- organizational- (reputational)
- technology
calculating loss
- lost resources:system is down need back up
- lost revenue:estimating the lost gross revenue
- lost personnel: today’s growing mobile workforce; time theft is big issue for employers, talent demands mobility
top targeted industries for hacks
- Government/military
- Education
- healthcare
- banking/financial
phishing
the fraudulent practice of sending emails pretending to be from a reputable company in order to induce the individual to reveal personal info
pharming
fraudulent practice of directing internet users to a bogus (fake) website in order to obtain personal info
hackers- white hack
an authorized and ethical computer hacker
gray hat
hacker with the skills and intent to help a company but whose service comes with a price
black hat
hacker who violates computer security for personal gain.
HIPAA-
health insurance portability and accountability.
takes care of information from going out.
sarbanes Oxley 2002
oversee financial reporting, covers public accounting oversight auditor, corporate responsibility
FERPA
Family education rights and privacy- governs the access to educational information and records by public entities.
Gramm Leach Bliley act
requires organizations and individuals to adhere to rules and procedures for storing and transferring financial info
