Saturday, May 2, 2020
Preventing Corporate Espionage
Questions: Complete the following projects from your textbook: Project 1: Preventing Corporate Espionage Write a brief essay comparing and contrasting those guidelines against the ones given in this chapter. Keep in mind that the guidelines in this chapter relate specifically to corporate espionage and not to general computer security. Project 2: Handling Employees Write a brief essay describing steps regarding the handling of employees. These steps should include all steps that you believe any organization should take to prevent corporate espionage. It is important that you support your opinions with sources and reasons. If possible, visit a company and talk with someone in either the IT or personnel departments to determine How that company handles issues such as employee termination, rotation of duties, control of access to data, and so forth. Compare and contrast your steps to those used by the company you visited. Project 3: Asset Identification in Your Organization Using the Asset Identif ication table found in this chapter or a similar table of your own design, identify the most valuable data in your organization (school or business) and what parties would most likely wish to access that data. Then write a brief guideline on how you might go about securing that data. In this project, you should tailor your security recommendations to the specific type of data you are trying to protect and against the most likely perpetrators of industrial espionage. Answers: Project 1 preventing corporate espionage Espionage is basically used to collect the important data and information. In an industrial espionage thief are stored the confidential data and information and used these data for their own purpose thus the industrial espionage are generally used for the commercial propose (Winkler, 1997). From the study of it is seen that the foreign adversaries is stored and accessed the US data and information and the expert used sensitive technology for the purpose of capturing those data. Thus in order to protect and prevent the corporate espionage organization should have to identify their own information and provides the effective corporate programs in electronics, oral and visuals to protect the information. It is observed that the all of the informing and data which is stolen by the hackers in physical form, thus the organization have to share all the data and information; thus the regular shredding methods is used to prevent the organization data and information (Icove, Seger VonStorch, 1 995). Apart from that organization needs to avoid the printing proprietary, provides the physical security, using the copy proof technology and also applied the enterprise right management techniques. However to protect the better security organization needs to used better monitoring polices by that they protect their efficient data and information because monitoring techniques works on the principle to see all the upcoming and outgoing data and information. Apart from that data deeding, data leakage, piggyback tracking, modeling and wire tapping also helps the organization to prevent the threat of corporate espionage. There are several steps are available that helps the organization to prevent the corporate espionage. To identify the risks assessment and potential risks To implement the safety procedure and polices in the organization database Control destruction and storage areas Project 2. handling employees Organization needs to used the access control techniques to control how system and users are communicate and intranet with each other and access the resources; access is also known as the flow of the information and data between the object and subject (Thompson Chadwick, 1999). Access control provides the facility to the organization to restrict, control, protect and monitor the resource integrity, confidentially and availability. Job rotations, separation of the duties are the best practices of security organization structure. Job rotation techniques are used by the management in which people or workers are moved from one assessment to another assignments or one place to another places. Separation is the techniques in which more than one individual are completed the tasks within the time frame also known as the separation of the power, political realm and segregation of the jobs. Custody, authorization, stored data and information and reconciliation are the four functions of segreg ation of the jobs or duties. In additions these methods helps the organization to reduce the damage and achieved the organization goals and objective in an organized or effective manner. Steps to visit the company Project 3. Asset identification in the organization For organization perspective and data and information are most important elements or assets. Apart from that employees are also play the critical role and treated as important resources. Stakeholders, management are also the asset used by the organization. Thus from above report and interview it is seen that the organization keep their report and all information in the database for future used. Data and information are used by the organization to take the decision in an critical situation; thus in order to conduct and secure the data and information organization needs to secure their database where they store all the information related to the organization and their workers data. Firstly organization needs to secure their network and provides the proxy server in the networks because transmission of the information and data are done through the Network. In addition organization needs to require identify the vulnerable areas and also required to classify the valuable and sensitive info rmation (O'Gara, 2004). Thus in order to secure the data and information organization needs to update their security approaches and polices and make strong password. Apart from that, training and development also required to protect and utilized their data and information in an effective and efficient manner. Apart from that organization has to implement the print encryption techniques in its database it helps the organization to protect their sensitive and valuable data, in techniques print the valuable data with encryption format and these data and information are decrypt by those persons who possess the permission or authority to access and view the data and information (Sun Hu, 2011). References Icove, D., Seger, K., VonStorch, W. (1995). Computer crime. Sebastopol, CA: O'Reilly Associates. O'Gara, J. (2004). Corporate fraud. Hoboken, N.J.: Wiley. Sun, J., Hu, Y. (2011). Identity-based Broadcast Encryption Scheme Using the New Techniques for Dual System Encryption. Journal Of Electronics Information Technology, 33(5), 1266-1270. doi:10.3724/sp.j.1146.2010.01017 Thompson, A., Chadwick, R. (1999). Genetic information. New York: Kluwer Academic/Plenum Publishers. Winkler, I. (1997). Corporate espionage. Rocklin, CA: Prima Pub.