ANSWER ALL THE PARTS. NEED DETAILED EXPLANATIONS Problem 7-1A Sally Green has re

Question

ANSWER ALL THE PARTS. NEED DETAILED EXPLANATIONS

Problem 7-1A Sally Green has recently been hired as the CEO for a startup Internet-based retail store, ShopCan.ca. Her main job duties include responsibility for the information technology and computer systems of the business. Sally was reviewing the security of customer data and realized that customer service representatives had access to all customer data, including credit card information and billing addresses. Safeg Required 1. What should Sally do? 2. Can you think of any real-world breaches that happened to retail chains where customer data was stolen or released? What were the consequences to the company?

Explanation / Answer

Aa a CEO and person in charge for security of the confidential data, Sally Green has to ensure following;

1. Having an effective endpoint, network and email protection that filters out spam, malware,ransomware and dangerous file types.

2. Train customer represntative employees to be suspicious of emails, especially those that contain attachments, and to report any unusual emails or attachment behaviour to appropriate team.

3. Implement full disk protection and encrypt sensitive data stored on servers or removable media for sharing with business partners.

4. Implement a data protection policy which guides employees on how to keep personal data secure.

5. if the data is on cloud make sure that the ability to encrypt the data – both in the cloud and also when being transferred – is on the requirement list.

6. Regular informative sessions on information security to the core data protection IT team and customer representatives to keep them abreast on cyber world happenings.

REAL WORLD DATA BREACH

In September 2016, the once dominant Internet giant, while in negotiations to sell itself to Verizon, announced it had been the victim of the biggest data breach in history, likely by “a state-sponsored actor,” in 2014. The attack compromised the real names, email addresses, dates of birth and telephone numbers of 500 million users. The company said the "vast majority" of the passwords involved had been hashed using the robust bcrypt algorithm.

A couple of months later, in December, it buried that earlier record with the disclosure that a breach in 2013, by a different group of hackers had compromised 1 billion accounts. Besides names, dates of birth, email addresses and passwords that were not as well protected as those involved in 2014, security questions and answers were also compromised. In October of 2017, Yahoo revised that estimate, saying that, in fact, all 3 billion user accounts had been compromised. The breaches knocked an estimated $350 million off Yahoo’s sale price. Verizon eventually paid $4.48 billion for Yahoo’s core Internet business. Yahoo, founded in 1994, had once been valued at $100 billion. After the sale, the company changed its name to Altaba, Inc.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.