Q6B
What type of cognitive biometric “memorable event” do you think would be effective? Design your own example that is different from those provided in Chapter 12 of the text. There should be five steps, and each step should have seven options. The final step should be a fill-in-the-blank user response. Compare your steps with another student’s response. Which do you think would be easiest for the user?
REPLY TO RESPONSES
Janet
I’d rank them in order of effectiveness: implicit deny, least privilege, job rotation, and separation of duties. The most successful tactic is implicit deny since if someone doesn’t have access, they don’t need it. Employees with the least privilege have fewer privileges, but as they progress in the firm, they will get more. We will have to relocate staff and retrain them due to job rotation, which will result in mistakes. Finally, because some organizations don’t have many employees, each employee may have several duties that are difficult to divide, which is why it is the least effective.
Least Privilege: Sage, a UK-based accounting and HR software company, was attacked by an insider data hack in 2016 that affected 280 of its corporate clients. A firm employee utilized unlawful access to get access to confidential client information, such as salary and bank account information. Despite the fact that the breach was minor, it highlighted the risk of insiders gaining access to extremely sensitive consumer information. Employees who don’t require access to the data to accomplish their jobs may be able to get in with relative ease if access is not appropriately restricted utilizing the principle of least privilege.Implicit Deny: The CRA confirmed that employees of the Canada Revenue Agency improperly accessed the personal information of thousands of Canadians. A total of 41,361 Canadians were affected, and information such as a person’s income, TIN, and DOB was improperly accessed by staff who didn’t have access or authorization to this data.
Job Rotation: A security engineer at Facebook, failed to follow the idea of work rotation, resulting in him abusing his credentials. The employee utilized his position to become a snooper, basically compromising Facebook users’ privacy to stalk women online. Several Facebook workers were dismissed as a result of the event for misusing their access to users’ personal information.Separation of Duties: ABB, a European power and robotics business suffered a pre-tax loss of $100 million in 2016 as a result of an employee exploiting corporate mismanagement — particularly, a breakdown of segregation of responsibilities laws. Managers failed to maintain adequate Segregation of Duties (SoD) in the treasury unit of its South Korean subsidiary and failed to provide enough control of local treasury activities.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
