Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of cyber-attacks, which are growing by the day. The companies usually implement measures that primarily focus on the deployment of technologies for suppressing the attacks. They do not consider user policies as essential elements that help curb the vulnerabilities. The policies put in place have a low level of enforceability, which lowers the impact of the plans. The research project will determine the relationship between policy enforceability and the vulnerabilities posed to a system by the internal and external users.
INTRODUCTION
Business companies in the financial sector have the responsibility of ensuring the data that belong to the customers are fully protected. Cyber-crimes are on the rise, and the approaches employed today are not entirely practical. Technological tools and measures are not efficient. They should be complemented by the behavioral standards that suppress the vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker, 2015). Enforceable policies will ensure there is an integration of behavioral and technological measures for promoting data security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the collection of customer and storage as well as access to the data by the internal and external users. These policies are relevant as they promote best practices at both levels. The companies have a belief that these are the areas that need closer monitoring and evaluation. However, the policies put in place are not always enforceable. A lack of enforceability creates a situation where the desired outcomes are not realized (Yeganeh, 2019). It explains why data breaches are still experienced even after such policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the policies and the vulnerabilities that business organizations are exposed to, a case study method will be used. It is an essential tool that helps determine a causal relationship (White & McBurney, 2012). Also, it will provide insights that will inform the recommendations that need to be considered by the multiple business organizations in the financial sector. Credible data that are free of confounding variables must be collected, analyzed, and inferences drawn. Two data collection procedures will be utilized as follows.
i. Semi-structured interviews will be conducted to collect diverse data on the design and implementation of user and online policies. The interviewees will offer data that expound on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the behaviors of the users, both internally and externally. The observation ...
A Research Project PresentationOnline Policies for Enabling Fi.docxmakdul
A Research Project Presentation
Online Policies for Enabling Financial Companies to Manage Privacy Issues
NAME:
Course:
1
Introduction
Companies in the financial sector handle data that are priority for hackers.
Organizations invest in vast technologies for protecting the data from unauthorized access.
However, they do not adequately invest in behavioral measures for safeguarding the data.
Companies in the financial sector face numerous attempts by the cybercriminals who target stealing data stored in the systems. The corporations handle confidential data that could be used for committing crimes, such as impersonation and illegal transfer of money (Noor & Hassan, 2019). It is a major concern whether financial institutions have effective policies that ensure the data are properly secured from both internal and external threats. Financial companies, especially those that spread across the country have always focused on investing in technologies that promote the privacy of the data and the systems. They are deploying technologies, such as cloud computing, which promote the privacy of the data. Also, they use Bcrypt technologies to encrypt data via algorithms that will take hackers decades to decrypt a single password. Though they invest in such technologies that cost millions of dollars, there are questions whether they invest in behavioral measures to protect the data systems (Noor & Hassan, 2019). Such measures require the use of online policies that will ensure that internal and the external users can adhere to best practices that make them less vulnerable to attacks, especially the social engineering attacks that target unsuspecting users.
2
Literature Review
Financial companies have implemented policies for promoting desirable user behaviors.
They provide guidelines on how to use the networks.
They do not require the users to follow strict rules, which indicates the inefficiency of the policies.
Financial companies have implemented policies on how customers access their data remotely. Such policies outline the standards that customers must follow such as the multi-factor authentication, which aims at ensuring that no unauthorized users access the data (Suchitra &Vandana, 2016). The policies are communicated to the customers when they provide their data. It is an effective approach that mainly ensures that customer must follow certain guidelines that promote the overall security of the data. However, Timothy Toohey (2014) questions whether the policies apply to the side of the users who are very likely to exhibit behaviors that expose data to threats. For instance, the customers may use devices that have weak antimalware tools. Such devices create an avenue that a hacker can use and access the system.
3
Research Method
The researcher will employ a case-study design.
It means that the researcher will focus on individual cases and analyze them.
Interviews and observation will be the primary tools of data.
The da.
MITS Advanced Research TechniquesResearch ProposalStudent’s NaEvonCanales257
MITS Advanced Research Techniques
Research Proposal
Student’s Name
Higher Education Department
Victorian Institute of Technology
Proposed Title: Data Integrity Threats to Organizations
Abstract
Data integrity, an integral aspect of cyber security, is identified as the consistence and accuracy that is assured of data in its life cycle, and is an imperative aspect of implementation, design, and utilization of systems which processes, stores, and retrieves data (Graham, 2017). It is estimated that almost 90 percent of the world’s data was generated in the last two year, and this goes to show the rate at which data is being availed. There are various threats associated with data integrity, for example, security, human, and transfer errors, cyber-attacks and malware just to name a few. The purpose of examination of data integrity in the context of organizations and business is due to the impact that it has on the latter’s operations and eventual success.
Data integrity is important when it comes to the productivity and operations of an organization, because management make decisions based on real-time data that is offered to them. If the data presented to management is inaccurate due to lack of proper data integrity, then the decisions that they make might have an adverse effect on an organization. For example, if data related to last year’s projections and profits in the finance department is altered in any way, then the decision of making plans in relation to an organization’s financial position might be lead to further losses. Organizations ought to prioritize security measures through there various Information Systems departments or by seeking third party cyber security specialties to protect and mitigate against the threats related to data integrity.
Outline of the Proposed Research
What are the threats associated with data integrity and the impact they have on organizational productivity and operations?
Background
Data plays an integral role in today’s business environment especially when most organizations are harnessing the benefits of data to facilitate their decision-making processes. It is through understanding why and how data is important in business that one may also comprehend the importance of ensuring the integrity of this same data is upheld. Most individual think that data security and integrity are one and the same thing, which is not true, as security refers to leaking of information such as intellectual property and healthcare documents, whereas data integrity refers to the process of ensuring whether data is trustworthy to facilitate the decision-making process.
Due to the lack of proper systems and structures to ensure that data integrity is at the helm of an organization’s priorities, management has found it difficult to solely rely on data and analytics to facilitate their decision-making process. What this means is that a significant number of businesses are missing out on the advantages accorded through aspects such ...
Big data analytics and its impact on internet usersStruggler Ever
Big Data Analytic tools are promising techniques for a future prediction in many aspects of our life. The need for such predictive techniques has been exponentially increasing. even though, there are many challenges and risks are still of concern of researchers and decision makers, the outcome from the use of these techniques will considerable revolutionize our world to a new era of technology.
Included
SLEPT FACTORS
Social and legal factors
Economic and competitive factors
Political factors
E-government
Technological innovation and technology assessment
E-commerce and globalization
SHORT TERMS RELATED TO ECOMMERCE
REFERENCES: E-Business and E-Commerce Management Strategy, Implementation and Practice by Dave Chaffey
A Research Project PresentationOnline Policies for Enabling Fi.docxmakdul
A Research Project Presentation
Online Policies for Enabling Financial Companies to Manage Privacy Issues
NAME:
Course:
1
Introduction
Companies in the financial sector handle data that are priority for hackers.
Organizations invest in vast technologies for protecting the data from unauthorized access.
However, they do not adequately invest in behavioral measures for safeguarding the data.
Companies in the financial sector face numerous attempts by the cybercriminals who target stealing data stored in the systems. The corporations handle confidential data that could be used for committing crimes, such as impersonation and illegal transfer of money (Noor & Hassan, 2019). It is a major concern whether financial institutions have effective policies that ensure the data are properly secured from both internal and external threats. Financial companies, especially those that spread across the country have always focused on investing in technologies that promote the privacy of the data and the systems. They are deploying technologies, such as cloud computing, which promote the privacy of the data. Also, they use Bcrypt technologies to encrypt data via algorithms that will take hackers decades to decrypt a single password. Though they invest in such technologies that cost millions of dollars, there are questions whether they invest in behavioral measures to protect the data systems (Noor & Hassan, 2019). Such measures require the use of online policies that will ensure that internal and the external users can adhere to best practices that make them less vulnerable to attacks, especially the social engineering attacks that target unsuspecting users.
2
Literature Review
Financial companies have implemented policies for promoting desirable user behaviors.
They provide guidelines on how to use the networks.
They do not require the users to follow strict rules, which indicates the inefficiency of the policies.
Financial companies have implemented policies on how customers access their data remotely. Such policies outline the standards that customers must follow such as the multi-factor authentication, which aims at ensuring that no unauthorized users access the data (Suchitra &Vandana, 2016). The policies are communicated to the customers when they provide their data. It is an effective approach that mainly ensures that customer must follow certain guidelines that promote the overall security of the data. However, Timothy Toohey (2014) questions whether the policies apply to the side of the users who are very likely to exhibit behaviors that expose data to threats. For instance, the customers may use devices that have weak antimalware tools. Such devices create an avenue that a hacker can use and access the system.
3
Research Method
The researcher will employ a case-study design.
It means that the researcher will focus on individual cases and analyze them.
Interviews and observation will be the primary tools of data.
The da.
MITS Advanced Research TechniquesResearch ProposalStudent’s NaEvonCanales257
MITS Advanced Research Techniques
Research Proposal
Student’s Name
Higher Education Department
Victorian Institute of Technology
Proposed Title: Data Integrity Threats to Organizations
Abstract
Data integrity, an integral aspect of cyber security, is identified as the consistence and accuracy that is assured of data in its life cycle, and is an imperative aspect of implementation, design, and utilization of systems which processes, stores, and retrieves data (Graham, 2017). It is estimated that almost 90 percent of the world’s data was generated in the last two year, and this goes to show the rate at which data is being availed. There are various threats associated with data integrity, for example, security, human, and transfer errors, cyber-attacks and malware just to name a few. The purpose of examination of data integrity in the context of organizations and business is due to the impact that it has on the latter’s operations and eventual success.
Data integrity is important when it comes to the productivity and operations of an organization, because management make decisions based on real-time data that is offered to them. If the data presented to management is inaccurate due to lack of proper data integrity, then the decisions that they make might have an adverse effect on an organization. For example, if data related to last year’s projections and profits in the finance department is altered in any way, then the decision of making plans in relation to an organization’s financial position might be lead to further losses. Organizations ought to prioritize security measures through there various Information Systems departments or by seeking third party cyber security specialties to protect and mitigate against the threats related to data integrity.
Outline of the Proposed Research
What are the threats associated with data integrity and the impact they have on organizational productivity and operations?
Background
Data plays an integral role in today’s business environment especially when most organizations are harnessing the benefits of data to facilitate their decision-making processes. It is through understanding why and how data is important in business that one may also comprehend the importance of ensuring the integrity of this same data is upheld. Most individual think that data security and integrity are one and the same thing, which is not true, as security refers to leaking of information such as intellectual property and healthcare documents, whereas data integrity refers to the process of ensuring whether data is trustworthy to facilitate the decision-making process.
Due to the lack of proper systems and structures to ensure that data integrity is at the helm of an organization’s priorities, management has found it difficult to solely rely on data and analytics to facilitate their decision-making process. What this means is that a significant number of businesses are missing out on the advantages accorded through aspects such ...
Big data analytics and its impact on internet usersStruggler Ever
Big Data Analytic tools are promising techniques for a future prediction in many aspects of our life. The need for such predictive techniques has been exponentially increasing. even though, there are many challenges and risks are still of concern of researchers and decision makers, the outcome from the use of these techniques will considerable revolutionize our world to a new era of technology.
Included
SLEPT FACTORS
Social and legal factors
Economic and competitive factors
Political factors
E-government
Technological innovation and technology assessment
E-commerce and globalization
SHORT TERMS RELATED TO ECOMMERCE
REFERENCES: E-Business and E-Commerce Management Strategy, Implementation and Practice by Dave Chaffey
Replies Required for below Posting 1 user security awarene.docxsodhi3
Replies Required for below :
Posting 1 : user security awareness is the most important element of an organization as we know a single email can result in a multi-million dollar loss through a breach in very short time. that is the primary reason many large organizations have a specific division who deal with the security whose prime task is it identify and prevent security breaches and most interestingly companies like Facebook have one million dollar price reward for ethically breaching their security which helps them identify more ways and prevent them before they occur. speaking of which user security deals with various levels of users as mentioned below.
1. New employees
2. Company executives
3. Traveling Employees
4. IT Employees
5. For all employees
Security awareness should be covered focusing the four above mentioned categories using real-world examples like classroom training, and circulating latest updates in security patches and also articles or suggestions as well as visual examples about security awareness. Training employees by pasting most important security preventions every employee must consider in order to prevent security breach and pasting lastest updates about security measurements in common areas across office space and conduct brainstorm sessions with individual senior staff members to understand their needs and how to apply security awareness across teams.
and second thing is to secure customers who are the core revenue generating people to an organization and its organization's duty to secure customers. The customer is the benefit of any organization. At the present time, where online security turns into an essential, the association must view client's profitable data that movements between the server and the site. By building security culture, the association can spur clients, contractual workers, representatives. A fulfilled client dependably functions as a mouth exposure and will fill in as an advantage of the organization. The association can guarantee their clients that the amount they think about their web assurance. The association ought to likewise distribute a note of wellbeing safety measure on the site for clients while collaborating with the web world.
Posting 2:
Security is a key human thought that has ended up being harder to portray and approve in the Information Age. In rough social requests, security was compelled to ensuring the prosperity of the get-together's people and guaranteeing physical resources. As society has grown more mind-boggling, the centrality of sharing and securing the fundamental resource of data has extended. Before the extension of present-day trades, data security was confined to controlling physical access to oral or created correspondences. The essentials of data security drove social requests to make innovative techniques for guaranteeing their data.
Changes in security systems can be direct. Society needs to execute any new security innovation as a get-together, whic ...
Discussion 1 Importance of Technology Security EducationToday t.docxcuddietheresa
Discussion 1: Importance of Technology Security Education
Today the world is being changed by the tremendous technological and innovative changes that are being made a day in day out. Organizations, societies, humanity, and governments have all embraced these new technologies to incorporate efficient, effective and transparent ways of doing things (Bajgoric, 2015). In the same vein, people have to learn how to use these new technologies with great care since it comes along with its demerits.
The following are the importance of why people ought to be educated and trained in adopting better technological security measures and frameworks in organizations (Judges and Lee, 2018). First intense training and education about cybersecurity will ensure that risks and loopholes associated with end-users in the systems are significantly reduced or minimized. The training will significantly help people to adopt the safest methods to use the technology around the organization without exposing it to any danger.
Secondly, the training and education about technological security usually help people in the organization to be IT experts hence can help the organization in coming up with better systems. The practice also allows individuals in the organization to modify systems and come up with better ways of doing things in the organization.
Organizations need to invest heavily in these training and education on how to implement better ways of handling technology in the organization. This will help the organization in handling cases of hacking, cyber-crimes, data, among other things. When the employees are appropriately trained, then the organization can be confident that its systems are safe from any external attacks.
It is of paramount importance for organizations to have a proper way of handling their technologies and essential software to avoid hacking cases (Judges and Lee, 2018). An organization should provide a robust framework and security measures to be used to prevent small mistakes being made that can cost the organization. These little mistakes include employees sharing information concerning the organization’s IT infrastructure, sharing their passwords with other people or even leaving their computers without logging out. These mistakes expose the organization to hackers and other cybercriminals that can hack into the organization.
Today almost all organizations are digitalized and use these modern ways of doing activities and transactions (Bajgoric, 2015). It is, therefore, imperative for an organization to invest in training their employees about the importance of ITB security. Thorough training and regular training can help improve the level of understanding among the employees too. The organization ought to have proper methods of ensuring that this happens since if the employees do not comply, then it means that the organization will have a weakness.
If the employees are not willing to comply with the rules firing them is not a solution. Instead, ...
Posting 1 Reply required for belowBusiness costs or risks of p.docxharrisonhoward80223
Posting 1 : Reply required for below
Business costs or risks of poof data quality:
Poor data quality may lead chiefs to not have the capacity to settle on poor choices or not have the capacity to settle on choices by any stretch of the imagination. Poor data may prompt lost deals and different opportunities, misallocation of assets, defective methodologies, and orders might not be right, inventory levels perhaps incorrect, and clients may wind up noticeably disappointed and headed out. The cost of poor quality data spreads all through the organization influencing frameworks from transportation and accepting to bookkeeping and client administrations. Extra costs are acquired when representatives must set aside opportunity to chase down and correct data errors.
The improvement of information innovation amid the most recent decades has empowered organizations to gather and store enormous measures of data. Nonetheless, as the data volumes increment, so does the multifaceted nature of overseeing them. Since bigger and more unpredictable information assets are being gathered and overseen in organizations today, this implies the danger of poor data quality builds (Watts and Shankaranarayanan, 2009). Another often specified data related issue is that organizations often oversee data at a nearby level (e.g. division or area).
Data mining:
Data mining, likewise called learning disclosure in databases, in software engineering, the way toward finding intriguing and valuable examples and connections in extensive volumes of data. The field consolidates apparatuses from insights and counterfeit consciousness, (for example, neural networks and machine learning) with database administration to examine substantial computerized accumulations, known as data sets. Data mining is broadly utilized as a part of business (protection, saving money, retail), science inquire about (space science, prescription), and government security (location of hoodlums and terrorists).
Text mining:
Text Analytics, otherwise called text mining, is the way toward examining extensive accumulations of composed assets to create new information, and to transform the unstructured text into organized data for use in assist examination. Text mining distinguishes actualities, connections and statements that would somehow stay covered in the mass of textual huge data. These realities are removed and transformed into organized data, for investigation, perception (e.g. by means of html tables, mind maps, graphs), mix with organized data in databases or distribution centers, and further refinement utilizing machine learning (ML) frameworks.
Posting 2 : Reply required for below
What Are The Business Costs Or Risks Of Poor Data Quality?
Financial effect – Poor data quality impacts organizations negatively regarding finances by raising the cost of operations which in turn reduces the revenue as well as the profit realized by the company over a given period. Also, poor data quality results in inapp.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
DOES DIGITAL NATIVE STATUS IMPACT END-USER ANTIVIRUS USAGE?IJCNCJournal
Due to the increasingly online nature of business (e-commerce), it is essential to understand how end-users can be protected from malicious online activities such as malware. Several factors have been examined in the research on this topic. Digital native status was identified as a factor that has not been investigated thoroughly. This study examined how the security decision-making process is impacted by digital native status by looking at Protection Motivation Theory. Digital Native Status was investigated as a mediating factor in the PMT model. Intent to use antivirus was utilized as the protective measure. The findings indicate that digital native status does not mediate Fear. However, other factors, such as Fear, selfefficacy, and response efficacy, play a part in the intent to use antivirus. Conversely, the other constructs in the model, response-costs and maladaptive rewards, did not have a relationship with antivirus usage. Practically speaking, employers and eCommerce businesses could use these findings to identify factors that play into their end-user behaviors. These findings can be utilized to help guide training programs and professionals researching end-user behavior. These findings also suggest that future research should focus on factors other than age.
An Improved Method for Preventing Data Leakage in an OrganizationIJERA Editor
Data is one of the most important assets an organisation has since it denes each organisations unique- ness.It
includes data on members and prospects, their inter- ests and purchases, your events, speakers, your content,
social media, press, your staff, budget, strategic plan, and much more. As organizations open their doors to
employees, part- ners, customers and suppliers to provide deeper access to sensitive information, the risk
sassociated with business increase. Now, more than ever, within creasing threats of cyber terrorism, cor- porate
governance issues, fraud, and identity theft, the need for securing corporate information has become paramount.
Informa- tion theft is not just about external hackers and unauthorized external users stealing your data, it is also
about managing internal employees and even contractors who may be working within your organization for
short periods of time. Adding to the challenge of securing information is the increasing push for corporate
governance and adherence to legislative or regulatory requirements. Failure to comply and provide privacy,
audit and internal controls could result in penalties ranging from large nes to jail terms. Non-compliance can
result in not only potential implications for executives, but also possible threats to the viability of a corporation.
Insiders too represent a sign cant risk to data security. The task of detecting malicious insiders is very
challenging as the methods of deception become more and more sophisticated. There are various solutions
present to avoid data leakage. Data leakage detection, prevention (DLPM) and monitoring solutions became an
inherent component of the organizations security suite.DLP solutions monitors sensitive data when at rest, in
motion, or in use and enforce the organizational data protection policy.These solutions focus mainly on the data
and its sensitivity level, and on preventing it from reaching an unauthorized person. They ignore the fact that an
insider is gradually exposed to more and more sensitive data,to which she is authorized to access. Such data
may cause great damage to the organization when leaked or misused. Data can be leaked via emails, instant
messaging, le transfer etc. This research is focusing on email data leakage monitoring, detection and
prevention. It is proposed to be carried out in two phases: leakage detection through mining and prevention
through encryption of email content.
Over the past several years, companies are pairing diversity efforts with inclusion initiatives and roles
surrounding innovations that promote diversity of thought [13]. However, much return on investment (ROI) focus
has been on business and corporate functioning in general, but not on specifics related to information governance
(IG). We address this research gap byconsidering various return on investment (ROI) metrics and what might
ground the benefits of diversity and inclusion initiatives related to IG policy. Then, wesuggest what the results
mean in terms of changing and influencing current industry practices.:
A SYSTEMATIC REVIEW ON MACHINE LEARNING INSIDER THREAT DETECTION MODELS, DATA...IJNSA Journal
Computers are crucial instruments providing a competitive edge to organizations that have adopted them. Their pervasive presence has presented a novel challenge to information security, specifically threats emanating from privileged employees. Various solutions have been tried to address the vice, but no exhaustive solution has been found. Due to their elusive nature, proactive strategies have been proposed of which detection using Machine Learning models has been favoured. The choice of algorithm, datasets and metrics are cornerstones of model performance and hence, need to be addressed. Although multiple studies on ML for insider threat detection have been done, none has provided a comprehensive analysis of algorithms, datasets and metrics for development of Insider Threat Detection models. This study conducts a comprehensive systematic literature review using reputable databases to answer the research questions posed. Search strings, inclusion and exclusion criteria were set for eligibility of articles published in the last decade.
Running head THE COST OF INADEQUATE CONTROLS .docxtodd521
Running head: THE COST OF INADEQUATE CONTROLS 1
THE COST OF INADEQUATE CONTROLS 7
Assignment 2
The Cost Of Inadequate Controls
i) The annual loss of revenue
Investing in data security is an important function of LOTR Experience. There is a need to ensure that the company has adequate controls in terms of IT personnel as well as IT equipment. This will save the company from incurring losses in multiple areas that are a concern of the business. If data is stolen irrespective of the exposure the whole company will lose money as well as the whole business (Meyer, 2017). In a recent study by CISCO, a highly reputable company that has invested in information and data security reveal that thousands of companies are losing billions of their revenue as indicated below.
Image sourced from: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
It was also established that the majority of the companies that lost revenue was due to cutting off their budget expenditure on data security as it has been indicated below:
Image sourced form: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
Looking at the above table, it is the same scenario that is likely to happen in the company if budget cuts are implemented. The worst part is how the company will be affected in case of a data breach. The same study revealed how much the majority of the victim companies were affected negatively as indicated below.
Image sourced from: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
It is hence risky to not implement the recommendations that I had earlier on started. I have reviewed the LOTR Network Design artifacts and the critical areas of concern that are related to access control are as follows:
a) Secure configuration
There are no corporate policies that can update as well as patch the systems. There is a need to establish and also maintain policies that explain the priorities as well as the timescales for which updates can be applied and also patches. Here, there us need to make and take care of hardware as well as software inventories whereby a there is the need for automatic tools that can be used to create as well as maintains the inventories of all the devices and the applications that the company uses (Antón & United States, 2003). There is a need to lock down the operating systems as well as software, here there is the need to have a baseline security build which brings together workstations, the servers, the firewalls, and the routers. Also, I found out that there are no regular vulnerability scans. Here the company needs to acquire vulnerability scanning tools which can run automatically on a weekly basis to remedy .
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
The explosion of data and the increasing capabilities of data analysis have transformed various aspects of our lives. From healthcare and finance to marketing and law enforcement, data analysis has become an essential tool for decision-making and problem-solving. However, with great power comes great responsibility. Ethical considerations in data analysis are more critical than ever as data professionals grapple with questions related to privacy, fairness, transparency, and accountability. In this article, we will delve into the ethical challenges that data analysts and organizations face and explore strategies to address them.
The dynamic nature of Information security scenario these days due to the popularity of online
businesses has posed a daunting challenge to the organizations security paradigm. Organizations are
looking for new policies to be implemented to provide the best possible security mechanism. However,
they tend to ignore the human side of the security compliance measures. Every piece of information that
has been secured using various technologically advanced policies has to be accessed ultimately by the
employees of the organization. Their attitude and commitment to safeguard the interests of the
organization plays a significant role in all measures being taken for information security. Humans and
technology has to play an integrative part in order to guarantee the safety of information assets. This paper
reviews the existing literature of information security management in a comprehensive manner focusing
on the role of top management and employers for effective security measures.
250-500 words APA format cite references Check this scenario out.docxjeanettehully
250-500 words APA format cite references
Check this scenario out. Long term care can consists of servicing patients need at a patient's home, providing meals, transportation and in home therapy. Some long term care is within the home and some can be rehab. Lets say there is a growing need to extend those services to our growing need in elderly population. Part of that need is a demand for servicing the increasing population of the Hispanic community. We as a team need to meet with a cross- functional management team that can relay the need and services outside of the facility. We need hired people who are bilingual that can work the call center, deliver food, offer in home therapy, and provide transportation.
Our audience will be the new management team. Each member of the coordination of care team of management will cover or be responsible for one of those areas. Our standpoint will be that we are the board of directors that would be talking with them.
Giving the above screnario my part of assignment is to come up with strategies of the transition and what methods may be needed?
.
2 DQ’s need to be answers with Zero plagiarism and 250 word count fo.docxjeanettehully
2 DQ’s need to be answers with Zero plagiarism and 250 word count for each question. Due in 6 hours TODAY! Please include all references if necessary.
Week One DQ1
Week One DQ3
To clarify... these ratios are part of the DuPont model, and the DuPont model considers liquidity as one of the factors to be evaluated, but at the end of the day, the DuPont model is all about return on equity... basically getting your money's worth. Given that, what are the elements of liquidity and how do they lead us into the discussion on equity? Why is this important to understand?
.
270w3Respond to the followingStress can be the root cause of ps.docxjeanettehully
270w3
Respond to the following:
Stress can be the root cause of psychological disorders. Name four symptoms shared by acute and posttraumatic stress disorders.
What life events are most likely to trigger a stress disorder?
Traumatic events do not always result in a diagnosable
PSYCHOLOGICAL
disorder. What factors determine how a person may be affected by one such event?
What is the link between
PERSONALITY
styles and heart disease?
List and briefly describe four psychological treatments for physical disorders.
.
250 word response. Chicago Style citingAccording to Kluver, what.docxjeanettehully
250 word response. Chicago Style citing
According to Kluver, what are the ramifications of technology and globalization on global communication?
Compare Kluver’s arguments with endangered languages, and with the readings about the Digital Divide. How do they compare? From these readings, what are the general trends of communication?
Readings
Jandt, Fred E. (editor) Intercultural Communication: A Global Reader. Thousand Oaks, CA: Sage. 2004
“Globalization, Informatization, and Intercultural Communication,” Kluver, Jandt pages 425-437
“Part II: Language,” Introduction, Jandt pages 99-102
“Babel Revisited,” Mühlhäusler, Jandt pages 103-107
“Africa: The Power of Speech,” Bâ, Jandt pages 108-111
http://en.wikipedia.org/wiki/Digital_divide
http://www.endangeredlanguages.com/
.
250+ Words – Strategic Intelligence CollectionChoose one of th.docxjeanettehully
250+ Words – Strategic Intelligence Collection
Choose one of the following topics and respond per the Forum guidance:
1) What is the role of the Collection Management function? Does the CIA model work, given that analysts are separated from the National Clandestine Service
--or--
2) Why are some collection methods considered principally strategic, supporting the strategic analysis process? How would you define "strategic intelligence collection?"
.
More Related Content
Similar to Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
Replies Required for below :
Posting 1 : user security awareness is the most important element of an organization as we know a single email can result in a multi-million dollar loss through a breach in very short time. that is the primary reason many large organizations have a specific division who deal with the security whose prime task is it identify and prevent security breaches and most interestingly companies like Facebook have one million dollar price reward for ethically breaching their security which helps them identify more ways and prevent them before they occur. speaking of which user security deals with various levels of users as mentioned below.
1. New employees
2. Company executives
3. Traveling Employees
4. IT Employees
5. For all employees
Security awareness should be covered focusing the four above mentioned categories using real-world examples like classroom training, and circulating latest updates in security patches and also articles or suggestions as well as visual examples about security awareness. Training employees by pasting most important security preventions every employee must consider in order to prevent security breach and pasting lastest updates about security measurements in common areas across office space and conduct brainstorm sessions with individual senior staff members to understand their needs and how to apply security awareness across teams.
and second thing is to secure customers who are the core revenue generating people to an organization and its organization's duty to secure customers. The customer is the benefit of any organization. At the present time, where online security turns into an essential, the association must view client's profitable data that movements between the server and the site. By building security culture, the association can spur clients, contractual workers, representatives. A fulfilled client dependably functions as a mouth exposure and will fill in as an advantage of the organization. The association can guarantee their clients that the amount they think about their web assurance. The association ought to likewise distribute a note of wellbeing safety measure on the site for clients while collaborating with the web world.
Posting 2:
Security is a key human thought that has ended up being harder to portray and approve in the Information Age. In rough social requests, security was compelled to ensuring the prosperity of the get-together's people and guaranteeing physical resources. As society has grown more mind-boggling, the centrality of sharing and securing the fundamental resource of data has extended. Before the extension of present-day trades, data security was confined to controlling physical access to oral or created correspondences. The essentials of data security drove social requests to make innovative techniques for guaranteeing their data.
Changes in security systems can be direct. Society needs to execute any new security innovation as a get-together, whic ...
Discussion 1 Importance of Technology Security EducationToday t.docxcuddietheresa
Discussion 1: Importance of Technology Security Education
Today the world is being changed by the tremendous technological and innovative changes that are being made a day in day out. Organizations, societies, humanity, and governments have all embraced these new technologies to incorporate efficient, effective and transparent ways of doing things (Bajgoric, 2015). In the same vein, people have to learn how to use these new technologies with great care since it comes along with its demerits.
The following are the importance of why people ought to be educated and trained in adopting better technological security measures and frameworks in organizations (Judges and Lee, 2018). First intense training and education about cybersecurity will ensure that risks and loopholes associated with end-users in the systems are significantly reduced or minimized. The training will significantly help people to adopt the safest methods to use the technology around the organization without exposing it to any danger.
Secondly, the training and education about technological security usually help people in the organization to be IT experts hence can help the organization in coming up with better systems. The practice also allows individuals in the organization to modify systems and come up with better ways of doing things in the organization.
Organizations need to invest heavily in these training and education on how to implement better ways of handling technology in the organization. This will help the organization in handling cases of hacking, cyber-crimes, data, among other things. When the employees are appropriately trained, then the organization can be confident that its systems are safe from any external attacks.
It is of paramount importance for organizations to have a proper way of handling their technologies and essential software to avoid hacking cases (Judges and Lee, 2018). An organization should provide a robust framework and security measures to be used to prevent small mistakes being made that can cost the organization. These little mistakes include employees sharing information concerning the organization’s IT infrastructure, sharing their passwords with other people or even leaving their computers without logging out. These mistakes expose the organization to hackers and other cybercriminals that can hack into the organization.
Today almost all organizations are digitalized and use these modern ways of doing activities and transactions (Bajgoric, 2015). It is, therefore, imperative for an organization to invest in training their employees about the importance of ITB security. Thorough training and regular training can help improve the level of understanding among the employees too. The organization ought to have proper methods of ensuring that this happens since if the employees do not comply, then it means that the organization will have a weakness.
If the employees are not willing to comply with the rules firing them is not a solution. Instead, ...
Posting 1 Reply required for belowBusiness costs or risks of p.docxharrisonhoward80223
Posting 1 : Reply required for below
Business costs or risks of poof data quality:
Poor data quality may lead chiefs to not have the capacity to settle on poor choices or not have the capacity to settle on choices by any stretch of the imagination. Poor data may prompt lost deals and different opportunities, misallocation of assets, defective methodologies, and orders might not be right, inventory levels perhaps incorrect, and clients may wind up noticeably disappointed and headed out. The cost of poor quality data spreads all through the organization influencing frameworks from transportation and accepting to bookkeeping and client administrations. Extra costs are acquired when representatives must set aside opportunity to chase down and correct data errors.
The improvement of information innovation amid the most recent decades has empowered organizations to gather and store enormous measures of data. Nonetheless, as the data volumes increment, so does the multifaceted nature of overseeing them. Since bigger and more unpredictable information assets are being gathered and overseen in organizations today, this implies the danger of poor data quality builds (Watts and Shankaranarayanan, 2009). Another often specified data related issue is that organizations often oversee data at a nearby level (e.g. division or area).
Data mining:
Data mining, likewise called learning disclosure in databases, in software engineering, the way toward finding intriguing and valuable examples and connections in extensive volumes of data. The field consolidates apparatuses from insights and counterfeit consciousness, (for example, neural networks and machine learning) with database administration to examine substantial computerized accumulations, known as data sets. Data mining is broadly utilized as a part of business (protection, saving money, retail), science inquire about (space science, prescription), and government security (location of hoodlums and terrorists).
Text mining:
Text Analytics, otherwise called text mining, is the way toward examining extensive accumulations of composed assets to create new information, and to transform the unstructured text into organized data for use in assist examination. Text mining distinguishes actualities, connections and statements that would somehow stay covered in the mass of textual huge data. These realities are removed and transformed into organized data, for investigation, perception (e.g. by means of html tables, mind maps, graphs), mix with organized data in databases or distribution centers, and further refinement utilizing machine learning (ML) frameworks.
Posting 2 : Reply required for below
What Are The Business Costs Or Risks Of Poor Data Quality?
Financial effect – Poor data quality impacts organizations negatively regarding finances by raising the cost of operations which in turn reduces the revenue as well as the profit realized by the company over a given period. Also, poor data quality results in inapp.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
DOES DIGITAL NATIVE STATUS IMPACT END-USER ANTIVIRUS USAGE?IJCNCJournal
Due to the increasingly online nature of business (e-commerce), it is essential to understand how end-users can be protected from malicious online activities such as malware. Several factors have been examined in the research on this topic. Digital native status was identified as a factor that has not been investigated thoroughly. This study examined how the security decision-making process is impacted by digital native status by looking at Protection Motivation Theory. Digital Native Status was investigated as a mediating factor in the PMT model. Intent to use antivirus was utilized as the protective measure. The findings indicate that digital native status does not mediate Fear. However, other factors, such as Fear, selfefficacy, and response efficacy, play a part in the intent to use antivirus. Conversely, the other constructs in the model, response-costs and maladaptive rewards, did not have a relationship with antivirus usage. Practically speaking, employers and eCommerce businesses could use these findings to identify factors that play into their end-user behaviors. These findings can be utilized to help guide training programs and professionals researching end-user behavior. These findings also suggest that future research should focus on factors other than age.
An Improved Method for Preventing Data Leakage in an OrganizationIJERA Editor
Data is one of the most important assets an organisation has since it denes each organisations unique- ness.It
includes data on members and prospects, their inter- ests and purchases, your events, speakers, your content,
social media, press, your staff, budget, strategic plan, and much more. As organizations open their doors to
employees, part- ners, customers and suppliers to provide deeper access to sensitive information, the risk
sassociated with business increase. Now, more than ever, within creasing threats of cyber terrorism, cor- porate
governance issues, fraud, and identity theft, the need for securing corporate information has become paramount.
Informa- tion theft is not just about external hackers and unauthorized external users stealing your data, it is also
about managing internal employees and even contractors who may be working within your organization for
short periods of time. Adding to the challenge of securing information is the increasing push for corporate
governance and adherence to legislative or regulatory requirements. Failure to comply and provide privacy,
audit and internal controls could result in penalties ranging from large nes to jail terms. Non-compliance can
result in not only potential implications for executives, but also possible threats to the viability of a corporation.
Insiders too represent a sign cant risk to data security. The task of detecting malicious insiders is very
challenging as the methods of deception become more and more sophisticated. There are various solutions
present to avoid data leakage. Data leakage detection, prevention (DLPM) and monitoring solutions became an
inherent component of the organizations security suite.DLP solutions monitors sensitive data when at rest, in
motion, or in use and enforce the organizational data protection policy.These solutions focus mainly on the data
and its sensitivity level, and on preventing it from reaching an unauthorized person. They ignore the fact that an
insider is gradually exposed to more and more sensitive data,to which she is authorized to access. Such data
may cause great damage to the organization when leaked or misused. Data can be leaked via emails, instant
messaging, le transfer etc. This research is focusing on email data leakage monitoring, detection and
prevention. It is proposed to be carried out in two phases: leakage detection through mining and prevention
through encryption of email content.
Over the past several years, companies are pairing diversity efforts with inclusion initiatives and roles
surrounding innovations that promote diversity of thought [13]. However, much return on investment (ROI) focus
has been on business and corporate functioning in general, but not on specifics related to information governance
(IG). We address this research gap byconsidering various return on investment (ROI) metrics and what might
ground the benefits of diversity and inclusion initiatives related to IG policy. Then, wesuggest what the results
mean in terms of changing and influencing current industry practices.:
A SYSTEMATIC REVIEW ON MACHINE LEARNING INSIDER THREAT DETECTION MODELS, DATA...IJNSA Journal
Computers are crucial instruments providing a competitive edge to organizations that have adopted them. Their pervasive presence has presented a novel challenge to information security, specifically threats emanating from privileged employees. Various solutions have been tried to address the vice, but no exhaustive solution has been found. Due to their elusive nature, proactive strategies have been proposed of which detection using Machine Learning models has been favoured. The choice of algorithm, datasets and metrics are cornerstones of model performance and hence, need to be addressed. Although multiple studies on ML for insider threat detection have been done, none has provided a comprehensive analysis of algorithms, datasets and metrics for development of Insider Threat Detection models. This study conducts a comprehensive systematic literature review using reputable databases to answer the research questions posed. Search strings, inclusion and exclusion criteria were set for eligibility of articles published in the last decade.
Running head THE COST OF INADEQUATE CONTROLS .docxtodd521
Running head: THE COST OF INADEQUATE CONTROLS 1
THE COST OF INADEQUATE CONTROLS 7
Assignment 2
The Cost Of Inadequate Controls
i) The annual loss of revenue
Investing in data security is an important function of LOTR Experience. There is a need to ensure that the company has adequate controls in terms of IT personnel as well as IT equipment. This will save the company from incurring losses in multiple areas that are a concern of the business. If data is stolen irrespective of the exposure the whole company will lose money as well as the whole business (Meyer, 2017). In a recent study by CISCO, a highly reputable company that has invested in information and data security reveal that thousands of companies are losing billions of their revenue as indicated below.
Image sourced from: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
It was also established that the majority of the companies that lost revenue was due to cutting off their budget expenditure on data security as it has been indicated below:
Image sourced form: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
Looking at the above table, it is the same scenario that is likely to happen in the company if budget cuts are implemented. The worst part is how the company will be affected in case of a data breach. The same study revealed how much the majority of the victim companies were affected negatively as indicated below.
Image sourced from: https://www.securitymagazine.com/articles/87778-measuring-the-impact-of-cyberattacks-lost-revenue-reputation-customers
It is hence risky to not implement the recommendations that I had earlier on started. I have reviewed the LOTR Network Design artifacts and the critical areas of concern that are related to access control are as follows:
a) Secure configuration
There are no corporate policies that can update as well as patch the systems. There is a need to establish and also maintain policies that explain the priorities as well as the timescales for which updates can be applied and also patches. Here, there us need to make and take care of hardware as well as software inventories whereby a there is the need for automatic tools that can be used to create as well as maintains the inventories of all the devices and the applications that the company uses (Antón & United States, 2003). There is a need to lock down the operating systems as well as software, here there is the need to have a baseline security build which brings together workstations, the servers, the firewalls, and the routers. Also, I found out that there are no regular vulnerability scans. Here the company needs to acquire vulnerability scanning tools which can run automatically on a weekly basis to remedy .
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
The explosion of data and the increasing capabilities of data analysis have transformed various aspects of our lives. From healthcare and finance to marketing and law enforcement, data analysis has become an essential tool for decision-making and problem-solving. However, with great power comes great responsibility. Ethical considerations in data analysis are more critical than ever as data professionals grapple with questions related to privacy, fairness, transparency, and accountability. In this article, we will delve into the ethical challenges that data analysts and organizations face and explore strategies to address them.
The dynamic nature of Information security scenario these days due to the popularity of online
businesses has posed a daunting challenge to the organizations security paradigm. Organizations are
looking for new policies to be implemented to provide the best possible security mechanism. However,
they tend to ignore the human side of the security compliance measures. Every piece of information that
has been secured using various technologically advanced policies has to be accessed ultimately by the
employees of the organization. Their attitude and commitment to safeguard the interests of the
organization plays a significant role in all measures being taken for information security. Humans and
technology has to play an integrative part in order to guarantee the safety of information assets. This paper
reviews the existing literature of information security management in a comprehensive manner focusing
on the role of top management and employers for effective security measures.
250-500 words APA format cite references Check this scenario out.docxjeanettehully
250-500 words APA format cite references
Check this scenario out. Long term care can consists of servicing patients need at a patient's home, providing meals, transportation and in home therapy. Some long term care is within the home and some can be rehab. Lets say there is a growing need to extend those services to our growing need in elderly population. Part of that need is a demand for servicing the increasing population of the Hispanic community. We as a team need to meet with a cross- functional management team that can relay the need and services outside of the facility. We need hired people who are bilingual that can work the call center, deliver food, offer in home therapy, and provide transportation.
Our audience will be the new management team. Each member of the coordination of care team of management will cover or be responsible for one of those areas. Our standpoint will be that we are the board of directors that would be talking with them.
Giving the above screnario my part of assignment is to come up with strategies of the transition and what methods may be needed?
.
2 DQ’s need to be answers with Zero plagiarism and 250 word count fo.docxjeanettehully
2 DQ’s need to be answers with Zero plagiarism and 250 word count for each question. Due in 6 hours TODAY! Please include all references if necessary.
Week One DQ1
Week One DQ3
To clarify... these ratios are part of the DuPont model, and the DuPont model considers liquidity as one of the factors to be evaluated, but at the end of the day, the DuPont model is all about return on equity... basically getting your money's worth. Given that, what are the elements of liquidity and how do they lead us into the discussion on equity? Why is this important to understand?
.
270w3Respond to the followingStress can be the root cause of ps.docxjeanettehully
270w3
Respond to the following:
Stress can be the root cause of psychological disorders. Name four symptoms shared by acute and posttraumatic stress disorders.
What life events are most likely to trigger a stress disorder?
Traumatic events do not always result in a diagnosable
PSYCHOLOGICAL
disorder. What factors determine how a person may be affected by one such event?
What is the link between
PERSONALITY
styles and heart disease?
List and briefly describe four psychological treatments for physical disorders.
.
250 word response. Chicago Style citingAccording to Kluver, what.docxjeanettehully
250 word response. Chicago Style citing
According to Kluver, what are the ramifications of technology and globalization on global communication?
Compare Kluver’s arguments with endangered languages, and with the readings about the Digital Divide. How do they compare? From these readings, what are the general trends of communication?
Readings
Jandt, Fred E. (editor) Intercultural Communication: A Global Reader. Thousand Oaks, CA: Sage. 2004
“Globalization, Informatization, and Intercultural Communication,” Kluver, Jandt pages 425-437
“Part II: Language,” Introduction, Jandt pages 99-102
“Babel Revisited,” Mühlhäusler, Jandt pages 103-107
“Africa: The Power of Speech,” Bâ, Jandt pages 108-111
http://en.wikipedia.org/wiki/Digital_divide
http://www.endangeredlanguages.com/
.
250+ Words – Strategic Intelligence CollectionChoose one of th.docxjeanettehully
250+ Words – Strategic Intelligence Collection
Choose one of the following topics and respond per the Forum guidance:
1) What is the role of the Collection Management function? Does the CIA model work, given that analysts are separated from the National Clandestine Service
--or--
2) Why are some collection methods considered principally strategic, supporting the strategic analysis process? How would you define "strategic intelligence collection?"
.
2–3 pages; APA formatDetailsThere are several steps to take w.docxjeanettehully
2–3 pages; APA format
Details:
There are several steps to take when submitting a claim form to the insurance company for reimbursement. The result of a
clean claim
is proper reimbursement for the services the facility has provided.
In this assignment, you will be addressing the claims submission process and the follow-up.
Include the following in your submission:
List all of the information that is important before the claim can be submitted.
Discuss some of the reasons why a claim may be rejected.
What steps should be taken to check the claim status?
.
250 Word Resoponse. Chicago Style Citing.According to Kluver, .docxjeanettehully
250 Word Resoponse. Chicago Style Citing.
According to Kluver, what are the ramifications of technology and globalization on global communication?
Compare Kluver’s arguments with our readings last week on endangered languages, and with our readings about the Digital Divide.
How do they compare?
From these readings, what are the general trends of communication?
Readings:
http://en.wikipedia.org/wiki/Digital_divide
“Globalization, Informatization, and Intercultural Communication,” Kluver, Jandt pages 425-437
Jandt, Fred E. (editor) Intercultural Communication: A Global Reader. Thousand Oaks, CA: Sage. 2004
Last weeks reading:
“Part II: Language,” Introduction, Jandt pages 99-102
“Babel Revisited,” Mühlhäusler, Jandt pages 103-107
“Africa: The Power of Speech,” Bâ, Jandt pages 108-111
“Research and Context for a Theory of Maori Schooling,” Penetito, Jandt pages 173-188
Explore www.endangeredlanguages.com and watch the video at
http://youtu.be/Bn2QbwcjmOI
.
250 word mini essay question.Textbook is Getlein, Mark. Living wi.docxjeanettehully
250 word mini essay question.
Textbook is: Getlein, Mark. Living with Art, 9th Ed., New York: McGraw-Hill, 2010.
Please Cite in MLA format.
1. Distinguish between the Paleolithic and Neolithic Periods in terms of time and cultural developments.
2. Compare and contrast specific examples of artifacts, practices, and systems of belief.
3.Discuss why art survives or does not. Include the four reasons Getlein cites for how art survives, giving an example of art work from both the Paleolithic and Neolithic Periods that meet one of these requirements.
4. What types of art work or materials would not likely survive?
5. How might this affect our opinion of a culture?
.
250 word discussion post--today please. Make sure you put in the dq .docxjeanettehully
250 word discussion post--today please. Make sure you put in the dq that the research paper focused around recent Civil Rights in the Mississppi Area
How do you define Mississippi?
In your post, identify your thesis and the sources you used to prove your argument. Discuss how you came to define Mississippi and what conclusions you made about the state. Make sure to point out the general areas of History that you discuss and what events, people, or ideas were especially important to your interpretation of Mississippi History. What readings, from Bond, Busbee, or another source you found, profoundly influenced your view of the state? Overall, has your view of Mississippi changed or mostly stayed the same? What can we learn about Mississippi today from your paper? Is Mississippi as a "closed society" (Silver, 1964) an accurate way to look at the state? Has this been true at some point in the past, but is no longer true? What time period is most crucial to understanding Mississippi and best defines it?
Some examples of different periods in Mississippi History are:
pre-European Mississippi
colonial Mississippi
territorial Mississippi
antebellum Mississippi
Civil War/Reconstruction Mississippi
Jim Crow Mississippi
Mississippi during the Civil Rights Movement
Post Civil Rights Mississippi
.
2By 2015, projections indicate that the largest category of househ.docxjeanettehully
2
By 2015, projections indicate that the largest category of households will be composed of
·
[removed]
childless married couples and empty nesters
·
[removed]
married couples with children
·
[removed]
single-parent families
·
[removed]
singles living with nonrelatives
3
Which of the following elements of sociocultural environment can be associated with the growing demand for social surrogates like social networking sites, television, and so on?
·
[removed]
Views of nature
·
[removed]
Views of others
·
[removed]
Views of ourselves
·
[removed]
Views of organizations
Wabash Bank would like to understand if there is a relationship between the advertising or promotion it does and the number of new customers the bank gets each quarter. What type of research is this an example of?
·
[removed]
Secondary
·
[removed]
Exploratory
·
[removed]
Causal
·
[removed]
Qualitative
5
Which strategy does this exemplify? Kayak and Orbitz provide their customers with a variety of travel options including flight reservations, vacation packages, flight and hotel options with or without car rentals, and cruise offerings.
·
[removed]
Diversification
·
[removed]
Promotional
·
[removed]
Differentiation
·
[removed]
Focus
A company's sales potential would be equal to market potential when which situations exists?
·
[removed]
The marketing expenditure of the company is reduced to zero.
·
[removed]
The company gets 100 percent share of the market.
·
[removed]
Industry marketing expenditures approach infinity for a given marketing environment.
·
[removed]
The market is nonexpandable.
Marketing is considered both an art and a science. How do the 4Ps, or marketing mix, help us bridge the gap between art and science?
·
[removed]
Marketing focuses on sales as the primary goal.
·
[removed]
Marketing is involved with price as the major factor.
·
[removed]
Marketing is about advertising.
·
[removed]
Marketing balances the need for data with that of creativity.
In the U.S., consumer expenditures on homes and other large purchases tend to slow down during a recession because
·
[removed]
of steady supply of loanable funds in the economy during recession
·
[removed]
consumer borrowing increases during recession
·
[removed]
of stringent credit policies adopted by the Fed before the onset of recession
·
[removed]
the consumers have a high debt-to-income ratio
Which of the following statements demonstrates behavioral loyalty towards a brand?
·
[removed]
Myfavorite Laundry detergent is so easy to use.
·
[removed]
I always buy Myfavorite Laundry detergent when purchasing laundry detergent.
·
[removed]
My friends agree Myfavorite Laundry detergent is the best.
·
[removed]
Myfavorite Laundry detergent smells good.
When Apple introduced iTunes, a new market was opened. Which of the following describes this type of innovation?
·
[removed]
Operational excellence
·
[removed]
Value capture
·
[removed]
Presence
·
[removed]
Value chain
11
Which of.
29Answer[removed] That is the house whe.docxjeanettehully
29
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
The doctor examined a man whose hands were colder than the rest of
his body.
30
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
Mrs. Carnack has a cousin whom she would like us to meet.
31
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
Who was the person who won the track meet?
32
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
The restaurant where there was music was almost deserted.
33
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
Find a boy whose eyes are green.
34
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose. Type the first word
followed by a space and the last word of the adjective clause in the
following sentence:
The tale that was told that night was never forgotten.
35
Answer:
[removed]
That is the house "where I grew up."
The words in quotes make up an adjective clause. An adjective clause does
what an adjective does: it modifies the noun "house." Adjective clauses
begin with that, which, where, who, whom, or whose..
250 words discussion not an assignementThe purpose of this discuss.docxjeanettehully
250 words discussion not an assignement
The purpose of this discussion is to gain a more complete awareness of the extent of socio-environmental influences impacting the development of adolescents. Triandis (as cited in Coon and Kemmelmeier, 2001) states, "Individualism and collectivism are broadly defined cultural syndromes that encompass a number of elements, including values, norms, goals, and behaviors" (Coon and Kemmelmeier, 2001, p. 348).
Consider the audio piece in this unit's studies (also linked in the Resources) that compares two teens' viewpoints of life within their cultural domains. This piece highlights the impact of family, community, and cultural beliefs and values on an individual's development. For your initial post in this discussion, explore these influences by addressing the following questions:
How does exposure to media influence the manner in which adolescents develop?
How does exposure to peers influence development in both systems?
Using the reading from the textbook on risky behaviors, how might adolescents' influences and understanding of risk be different, based on their culture and expectations of self?
The optional reading in this unit's studies may provide additional information to support your post, if you choose to use it.
Response Guidelines
Respond to one learner by supporting his or her analysis of the two teens with additional information you have acquired outside of the textbook. Cite and reference your source with proper APA formatting. Be sure to address concepts in the post and find any similarities in your thinking as well.
Reference
Coon, H. M., Kemmelmeier, M. (2001). Cultural orientations in the United States: (Re)Examining differences among ethnic groups.
Journal of Cross-Cultural Psychology, 32
(3), 348–364. Thousand Oaks, CA: Sage.
.
25. For each of the transactions listed below, indicate whether it.docxjeanettehully
25. For each of the transactions listed below, indicate whether it is an operating (O), investing (I) or financing (F) activity on the statement of cash flows. Also, indicate if the transaction increases (+) or decreases (-) cash. 12 points
Transaction Type of Activity Effect on Cash
A) Paid dividends to the owners
B) Purchased equipment by paying cash
C) Issued stock for cash
D) Paid wages to employees
E) Repaid the bank loan
F) Collected cash on account from customers
.
250-word minimum. Must use textbook Jandt, Fred E. (editor) Intercu.docxjeanettehully
250-word minimum. Must use textbook: Jandt, Fred E. (editor) Intercultural Communication: A Global Reader. Thousand Oaks, CA: Sage. 2004 and articles provided. MLA citation.
Levi-Strauss and Hofstede portray culture as a dichotomy. What are the implications of such a dichotomy? How do these variants affect you when you attempt to communicate with other cultures? Likewise, how do these variants affect your audience when you attempt to communicate with them?
.
250-500 words APA format cite references Check this scenario o.docxjeanettehully
250-500 words APA format cite references
Check this scenario out. Long term care can consists of servicing patients need at a patient's home, providing meals, transportation and in home therapy. Some long term care is within the home and some can be rehab. Lets say there is a growing need to extend those services to our growing need in elderly population. Part of that need is a demand for servicing the increasing population of the Hispanic community. We as a team need to meet with a cross- functional management team that can relay the need and services outside of the facility. We need hired people who are bilingual that can work the call center, deliver food, offer in home therapy, and provide transportation.
Our audience will be the new management team. Each member of the coordination of care team of management will cover or be responsible for one of those areas. Our standpoint will be that we are the board of directors that would be talking with them.
Giving the above screnario my part of assignment is to come up with strategies of the transition and what methods may be needed?
.
250+ Words – Insider Threat Analysis Penetration AnalysisCho.docxjeanettehully
250+ Words – Insider Threat Analysis / Penetration Analysis
Choose one of the following. The first is insider threat analysis and the other is the threat presented by hostile intelligence operations. Be challenging and show what you know.
Topic 1
Insider threats come from individuals who operate inside friendly intelligence and national security organizations who purposefully set out to cause disruption, destruction, and commit crimes to those ends. Please read
Insider Threat IPT
and
Solving Insider Threat
in the Course Materials Folder. Using the web or the online library choose a high profile case of insider threat (cyber, intelligence, military) and draft a 350 word summary of the case highlighting successes or failures of
analysis
in bringing resolution to the case. What analysis methods can you discern? What do think could have been done differently to improve the analysis?
--or--
Topic 2
Complete reading
Foreign Espionage Threat
and
Observations on the Double Agent
and
Social Courtesy
. In the penetration of a hostile intelligence service analysis is central to identifying, pursuing, and preparing the recruitment of an agent. In 350 words please research the Oleg Penkovsky, Aldritch Ames, or Jonathan Pollard cases. Provide a summary of the role of analysis in the recruitment and running of these agents from the perspective of their handlers (the US/British, Soviet Union, and Israel, respectively). You'll need to conduct additional research on the web or in the online library to help you develop a factual understanding of the case you choose.
.
250 wordsUsing the same company (Bank of America) that you have .docxjeanettehully
250 words
Using the same company (Bank of America) that you have using in previous weeks, please review its cashflow sheet The statement of cash flows is divided into three parts: (1) operational cash flows, (2) financing cash flows, and (3) investment cash flows. Discuss the primary components of each of these sections of the cash flow statement:
Operational cash flows:
Use the direct method, which focuses on the sources of cash and the uses of operating cash such as cash from customers minus cash payment for expenses and payments to creditors.
Financing cash flows:
This should include cash received as the owner’s investment and cash withdrawals by owners.
Investing cash flows:
These include cash from investing activities (in other companies or securities) and any cash paid to make these investments.
.
250 mini essay questiontextbook Getlein, Mark. Living with Art, 9.docxjeanettehully
250 mini essay question
textbook: Getlein, Mark. Living with Art, 9th Ed., New York: McGraw-Hill, 2010 Please include citations in MLA format.
First, describe the shift in the Roman Empire that created Byzantium in the East and what would eventually become Europe in the West and explain the impact of this political, religious, and social split on the art produced in these regions in this era. Provide specific examples of particular works of art or architecture to illustrate your points.
Second, trace the subsequent development of art in the East and the West from the Early through the High and Late Middle Ages by citing specific works of art or architecture and describing characteristic features these works exemplify. Be sure to include the each of the following terms in your discussion:
-animal style
-Carolingian
-Romanesque
-Gothic
.
22.¿Saber o conocer… With a partner, tell what thes.docxjeanettehully
22.
¿
Saber
o
conocer
…?
With a partner, tell what these people know, using
saber
or
conocer
.
Natalia [removed] al suegro de Mirta. Ella [removed] dónde vive él, pero no [removed] su número de teléfono.
David [removed] muchas ciudades de España, pero no [removed] hablar español.
Estela [removed] muchos poemas de ese poeta, pero no [removed] ninguno de memoria.
Roberto [removed] a la familia que da la fiesta de Año Nuevo, pero no [removed] dónde es la fiesta.
Yo [removed] que Lorca es un poeta español.
.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docx
1. Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage
Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of
cyber-attacks, which are growing by the day. The companies
usually implement measures that primarily focus on the
deployment of technologies for suppressing the attacks. They do
not consider user policies as essential elements that help curb
the vulnerabilities. The policies put in place have a low level of
enforceability, which lowers the impact of the plans. The
research project will determine the relationship between policy
enforceability and the vulnerabilities posed to a system by the
internal and external users.
INTRODUCTION
Business companies in the financial sector have the
responsibility of ensuring the data that belong to the customers
are fully protected. Cyber-crimes are on the rise, and the
approaches employed today are not entirely practical.
Technological tools and measures are not efficient. They should
be complemented by the behavioral standards that suppress the
vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker,
2015). Enforceable policies will ensure there is an integration
of behavioral and technological measures for promoting data
2. security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the
collection of customer and storage as well as access to the data
by the internal and external users. These policies are relevant as
they promote best practices at both levels. The companies have
a belief that these are the areas that need closer monitoring and
evaluation. However, the policies put in place are not always
enforceable. A lack of enforceability creates a situation where
the desired outcomes are not realized (Yeganeh, 2019). It
explains why data breaches are still experienced even after such
policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the
policies and the vulnerabilities that business organizations are
exposed to, a case study method will be used. It is an essential
tool that helps determine a causal relationship (White &
McBurney, 2012). Also, it will provide insights that will inform
the recommendations that need to be considered by the multiple
business organizations in the financial sector. Credible data that
are free of confounding variables must be collected, analyzed,
and inferences drawn. Two data collection procedures will be
utilized as follows.
i. Semi-structured interviews will be conducted to collect
diverse data on the design and implementation of user and
online policies. The interviewees will offer data that expound
on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the
behaviors of the users, both internally and externally. The
observations will collect insightful data that provide details on
the user behaviors and enforceability of the policies.
CONCLUSION
The business organizations in the finance industry do not
exploit user policies that should promote their data security.
3. They do not consider the policies as crucial elements, which
exposes them to cyber threats that mainly exploit user behaviors
such as social engineering attacks. A case study approach will
be adopted as it allows a researcher to gain an in-depth
understanding of a particular problem. The trend will be
thoroughly examined by the data that will be collected,
analyzed, and a determination made. The insights from the data
will inform the recommendations made, which the various
business organizations, especially those in the financial sector,
should consider.
References
Vincent, N. E., Higgs, J. L., & Pinsker, R. (2015). IT
Governance and the Maturity of IT Risk Management Practices.
Journal of Information Systems 31(1), 113-137.
White, T. L., & McBurney, D. H. (2012). Research Methods
(9th ed.). New York, NY: Cengage Learning.
Yeganeh, K. (2019). Major Business and Technology Trends
Shaping the Contemporary World (1st ed.). New York, NY:
Business Expert Press.
Certification of Authorship
Submitted to (Professor’s Name): Dr. Mary Cecil
Course: __ITS 833________________
Student’s Name: __Sunil Kumar Parisa____
Date of Submission_03/29/2020_____________________
Purpose and Title of Submission: __Research
Outline___________________
Certification of Authorship: I hereby certify that I am the author
4. of this document and that any assistance I received in its
preparation is fully acknowledged and disclosed in the
document. I have also cited all sources from which I obtained
data, ideas, or words that are copied directly or paraphrased in
the document. Sources are properly credited according to
accepted standards for professional publications. I also certify
that this paper was prepared by (me) for this purpose.
Students’ Signature:
___________Date____03/29/2020________
Grammarly Screenshot
Running head: A RESEARCH DRAFT
1
A RESEARCH DRAFT
11
Online Policies for Enabling Financial Companies to Manage
Privacy Issues
Name: Sunil Kumar Parisa
Date: 03/29/2020
University of Cumberland’s
Abstract
Data privacy issues are a top concern for all business
organizations that rely on digital technologies to meet the daily
functions, such as banks and health care institutions. These
corporations handle sensitive data that must be protected from
unauthorized access by third parties. Such an outcome could
lead to loss of data, which might be used to commit cyber-
crimes. The customers provide the organizations with their data
5. and expect them to fully uphold their privacy, indicating that
privacy should be guaranteed at all times, which also promotes
business continuity.
To achieve the goal, the companies put in place measures such
as investing in technologies and formulating policies for
promoting privacy. These measures apply to internal and
external parties. The aim is to encourage positive user behavior
that limits the vulnerabilities posed by the users. Most financial
companies do not prioritize the action as they consider
technologies as the primary measure that suppresses any
attempts to infiltrate a system or a network. However, studies
have shown that techniques are not enough. There should be
additional behavioral efforts that contain vulnerabilities in all
the IT domains. It notes the importance of positive behaviors
that are promoted by the formulation and implementation of
crucial user policies.
The user policies are as relevant as the technologies that are
integrated into the system. Users, especially the workers, are
vulnerable to social engineering attacks that lure them into
providing their details that are then used to access the system,
which makes the work easier for a hacker. The customers are
also vulnerable to such forms of attacks. When such is
successful, the attackers can bypass the security tools and
access the system without being detected. It is a clear indication
that user policies are essential. The majority of the users are not
aware of the dangers posed by their behaviors, such as
downloading files or clicking suspicious links on the internet.
Such practices can be suppressed through formulating user
policies that are communicated to the parties, both internal and
external.
The policies are supposed to promote positive user behavior.
However, there are concerns about whether the policies are
implemented as per the best standards. The procedures usually
focus on areas, such as the collection and storage of data and
6. access to data. The two are undertaken by both internal and
external parties, which pose a significant danger to the system.
The goal of the project is to determine the relationship between
the enforceability of the policies and the security and privacy of
the network system. A case study design will be used to provide
an in-depth investigation into the relationship. Interviews and
observations are the essential tools that will be used to collect
credible data while addressing all the confounding variables.
The analysis will unearth issues that hinder enforceability and
recommend policies that are easy to implement and enforce. The
objective is to find better strategies that can easily be
implemented and suppress negative behaviors that put the
system at risk of infiltration.
Introduction
It is public knowledge that business organizations, especially
those in the health care and financial sectors, face numerous
challenges when it comes to privacy issues. Companies in these
sectors face multiple attempts by the cybercriminals who target
stealing data stored in the systems. The corporations handle
confidential data that could be used for committing crimes, such
as impersonation and illegal transfer of money (Noor & Hassan,
2019). It is a significant concern whether financial institutions
have effective policies that ensure the data are adequately
secured from both internal and external threats.
Today, legislations are evolving, and companies in nearly all
sectors will be required to enforce data privacy laws that will
call for more to be done in terms of policies and investments.
States such as California have introduced data privacy laws that
transfer data ownership rights to the customers. It means that an
organization cannot use or transfer the data without exclusive
permission from the customer. It is one of the developments that
7. the companies have to deal with soon.
Financial companies, especially those that spread across the
country, have always focused on investing in technologies that
promote the privacy of the data and the systems. They are
deploying technologies, such as cloud computing, which
improve the confidentiality of the data. Also, they use Bcrypt
technologies to encrypt data via algorithms that will take
hackers decades to decrypt a single password. Though they
invest in such technologies that cost millions of dollars, there
are questions whether they invest in behavioral measures to
protect the data systems (Noor & Hassan, 2019). Such actions
require the use of online policies that will ensure that internal
and external users can adhere to best practices that make them
less vulnerable to attacks, especially the social engineering
attacks that target unsuspecting users.
For best practices, online policies are considered essential to
every financial company. The internal users that are workers,
and the external one, that is, customers should be provided with
strategies that will guide how they interact with the system. The
organization has to enforce the policies and make follow-ups to
evaluate the level of compliance. In so doing, the vulnerability
that may be introduced by the two parties is significantly
reduced. Notably, even the top managers and executives should
comply with the policies for them to set a good example and
also establish a culture of positive user behaviors.
Literature Review
Data privacy will shape how business conduct their daily
activities and processes (Yeganeh, 2019). It is increasingly
becoming apparent that companies, especially those that handle
sensitive data, will be regulated to avoid the potential data
leakages that may expose customers to unauthorized third
parties. Financial companies are on the frontline when it comes
8. to this trend as they handle too sensitive information that is a
top priority for hackers (Yeganeh, 2019). To address the
challenge, most of the institutions have put in place policies for
lowering vulnerability in all the seven IT domains.
Customer information collection, use, and storage policies are
the most dominating policies. These policies focus on the
utilization of the best practices when any customer data are
being collected, used, stored, and transmitted (Smallwood,
2014). The reason for this is that most companies have a belief
that if the right methods are used during the collection of data,
it is easy to handle subsequent processes and tasks. Smallwood
adds that the view is not informed by best practices as there are
organizations that have experienced breaches even after
adopting standard procedures during the collection and storage
of data.
Policies on how the customer information is provided to third
parties are shared among the financial companies. The
procedures usually outline how the data are transferred from
one party to the other. A significant issue with these policies is
that they do not assess how the third party handles the data. As
such, there is a chance that data may be exposed. Under such
conditions, the company may not be held liable (Vincent, Higgs
& Pinsker, 2015). However, the organizations do not necessarily
protect the interests of the customers as their data should never
be exposed to any third parties.
Additionally, financial companies have implemented policies on
how customers access their data remotely. Such policies outline
the standards that customers must follow, such as the multi-
factor authentication, which aims at ensuring that no
unauthorized users access the data (Suchitra &Vandana, 2016).
The policies are communicated to the customers when they
provide their data. It is a practical approach that mainly ensures
that customers must follow specific guidelines that promote the
9. overall security of the data. However, Timothy Toohey (2014)
questions whether the policies apply to the side of the users who
are very likely to exhibit behaviors that expose data to threats.
For instance, customers may use devices that have weak
antimalware tools. Such devices create an avenue that a hacker
can use and access the system.
The use of the devices introduce a critical problem, that is, the
Internet of Things (IoT) and the security of the networks. IoT
refers to the billions of devices that can exchange data without
any human intervention. The devices are now used for various
purposes, such as accessing networks as well as sending and
receiving data (Suchitra & Vandana, 2016). Such devices are
also interconnected with a device that is used for accessing a
bank network. It indicates the extent of the entire issue where
the interconnection of devices poses a greater danger to the
existing systems. The financial organizations need to have clear
measures and policies that will ensure the users, especially the
customers, do not pose any threats to a network (Snedaker,
2014). While it appears a practical measure, it is challenging to
implement it, explaining why a good number of organizations
have experienced cyber-attacks despite putting in place strict
user policies.
Adam Shostack (2014) emphasizes that policies are not
necessary if they cannot be fully implemented. It explains the
situation that is faced by financial companies as they can
enforce policies internally but unable to do when it comes to
external parties. As a result, they opt for technologies, such as
cloud computing, that provide better in-built security tools that
minimize the vulnerabilities posed by the external parties. There
should be a practical approach to implementing and enforcing
policies. However, such efforts require investment in
technologies that will achieve feats, such as flagging IP
addresses that are considered a threat to the network (Yeganeh,
2019). Some systems can detect vulnerabilities on the side of
10. the users, but need more development for the desired goals to be
realized.
From the above, it is clear that policies are as relevant as the
implementation process. Without proper implementation, it is
unlikely the desired security and privacy goals will be attained.
The project will assess the policies that the organization can put
in place that are considered easy to implement and enforce.
Such systems will review the position and reputation of a
financial company, and how that can be leveraged in a bid to
promote compliance of both internal and external parties. The
external parties should be accorded priority as they pose an
even greater danger.
Research Method
The study will employ a case study design, which allows for the
exploration and understanding of a complex set of issues. It is
mainly a useful approach when a researcher needs to gain an in-
depth knowledge of a problem (White & McBurney, 2012). The
goal of the researcher is to find out the effectiveness of the user
and online policies that financial organizations put in place. It
will investigate whether the enforceability of the policies has a
direct impact on the security of the networks. The approach is a
multiple-case design that will utilize a longitudinal examination
of the selected case studies, which are financial organizations
that have implemented online policies to safeguard data. The
analysis will tell whether the policies help lower the levels of
vulnerability. The researcher will access descriptive case
studies and scrutinize the data at both deep and surface levels.
To gather the required data, interviews, and observations will be
conducted. The interviews will involve IT experts and
professionals who have been in the industry in the last three to
five years. Structured interviews will be scheduled and will be
11. requested to provide data on the vulnerability of the systems
concerning the online policies that have been put in place. To
avoid and suppress the presenting confounding variables, the
researcher will structure the interview questions in a manner
that will only provide information on the networks. The
questions will avoid any personal information as it might
introduce bias. Also, the interviews will centralize the data and
privacy position of the system and ask questions that closely
relate to it.
On the other hand, the researcher will make observations on two
levels. Permission to examine the system will be requested so
that the physical infrastructural design can be determined. The
goal of this is to ensure the system is designed in a manner that
suppresses any vulnerabilities, hence guarantee that other
parties typically introduce vulnerabilities, that is, the users.
Also, the user behaviors of both internal and external parties
will be assessed, and data were taken. The data will be
compared to that provided during the interviews. The researcher
expects to see a level of consistency and patterns that can help
decide whether the policies put in place are effective in
suppressing system vulnerabilities.
The analysis of the collected data will inform the new policies
that should be formulated and implemented. The new plans
should have a high level of enforceability as a measure of
minimizing the vulnerabilities posed by the internal and
external users. Also, they will indicate the user behaviors that
need to be observed in all the users. Failure to see the new
practices means that the desired goals and objectives are
unlikely to be realized within the stipulated time.
Conclusion
The user policies are essential elements in the promotion of data
privacy and security for financial organizations. The institutions
12. should not focus only on the data security technologies. Still,
they should also invest in the development of positive user
behaviors through formulating enforceable policies at both the
internal and external levels. The project will collect data that
will determine whether the enforceability of the policies
directly impact the vulnerability of a system. A case study
design will be adopted as it will enable the researcher to carry
out an in-depth analysis. Also, it will allow the researcher to
outline recommendations that can be considered by the
organizations in the finance industry.
References
Noor, M. M., & Hassan, W. H. (2019). Current research on
Internet of Things (IoT) security: A survey. Computer Networks
148(15), 283-294.
Sartor, M., & Orzes , G. (2019). Quality Management: Tools,
Methods and Standards. New York, NY: Emerald Publishing
Limited .
Shostack, A. (2014). Threat Modeling: Designing for Security .
New York, NY: Wiley.
Smallwood, R. F. (2014). Information Governance. New York,
NY: Wiley & Sons.
Snedaker, S. (2014). Business Continuity and Disaster Recovery
Planning for IT Professionals (2nd ed.). London, UK: Syngress.
Suchitra, C., & Vandana , C. P. (2016). Internet of Things and
Security Issues. International Journal of Computer Science and
Mobile Computing 5(1), 133-139.
Toohey, T. J. (2014). Understanding Privacy and Data
Protection. New York, NY: Thomson Reuters.
13. Vincent, N. E., Higgs, J. L., & Pinsker, R. (2015). IT
Governance and the Maturity of IT Risk Management Practices.
Journal of Information Systems 31(1), 113-137.
White, T. L., & McBurney, D. H. (2012). Research Methods
(9th ed.). New York, NY: Cengage Learning.
Yeganeh, K. (2019). Major Business and Technology Trends
Shaping the Contemporary World (1st ed.). New York, NY:
Business Expert Press.
Certification of Authorship
Submitted to (Professor’s Name): Dr. Mary Cecil
Course: __ITS 833________________
Student’s Name: __Sunil Kumar Parisa____
Date of Submission_03/29/2020_____________________
Purpose and Title of Submission: __Research Paper First
Draft___________________
Certification of Authorship: I hereby certify that I am the author
of this document and that any assistance I received in its
preparation is fully acknowledged and disclosed in the
document. I have also cited all sources from which I obtained
data, ideas, or words that are copied directly or paraphrased in
the document. Sources are properly credited according to
accepted standards for professional publications. I also certify
that this paper was prepared by (me) for this purpose.
Students’ Signature:
___________Date____03/29/2020________
Grammarly Use Screenshot