Assignment Task:
Hi, I'm having a difficult time responding to the following paragraphs (1 and 2) based on this question.
- In your responses to your peers, answer this question: How would you handle the problems presented in the initial post?
1) A business with no clear boundaries defined or data and systems ownership can turn into a host of problems.
First of all, a business with no clear boundaries defined can be especially susceptible to malicious parties. Such a business would have no security safeguards in place in case somebody tries to steal sensitive information, such as personal information of the employees, or any business bank accounts. A greedy employee could gain access to the business bank account number, and then silently steal thousands of dollars from the company. Such data like a business bank account number, due to its high potential of abuse, should be closely guarded, confidential only to the trusted financial managers of the company.
In addition, a business with no clear boundaries defined for data can result in employees with low clearance levels accessing and modifying data they're not supposed to be accessing. For example, a brand new hire with full access to the accounts of all the other employees. With such information exposed to them, a bumbling employee could easily delete another employee's account, and with it, all of the hard work contained within the account. As a result, the victim would have all of their hard work wasted, and would likely be forced to work overtime to make up for it. Data that is normally only modifiable by the ones working with it, such as the employee's work saved to their account, would end up vulnerable to being modified by other parties.
2) Having boundaries is important when dealing with any business, how you may ask well simple the CIA triad relies heavily on proper handling of sensitive information and without these boundaries the likely hood of the network falling subject to viruses or misuse is highly likely in any business employees are the networks biggest threat when it comes to maintaining information security, as an example someone within a business may give their access codes out to a coworker to punch them in or something they don't see as risky however, This is a threat to that network as now if that access code gets into any information about that individual such as sensitive information or even worse classified information the coworker now has access to information in which they aren't authorized to see. This type of risk could mean doom for the network as it's a breach of the CIA triad within the networks security, due to the co worker having access to information which is normally only accessible by the authorized user, Unauthorized user viewing information in which they aren't authorized and information in which the individual has authorization to access might be unauthorized for the coworker but they are requesting under the account owners name.