I have one question and need a response to the other part. It needs to be at least two paragraphs with intext references and the other response need to be at least one paragraph and no references.
1. "Security Threats to Employee Information" Please answer the following:
Cybersecurity threats have been on the rise over the last few decades. With more advanced technology, hackers have found ways to break through security defenses and haul away employee information. The headlines are filled with news on security breaches on very well-known organizations. First, watch the video “Massive cyberattack strikes Anthem” (1 min 43 s), located at below url:
https://www.reuters.com/video/2015/02/05/massive-cyberattack-strikes-anthem?videoId=363104985&mod=related channelName=cybersecurity, and then answer the following question:
Q1: Describe two ways a hacker can gain access to employee information. Recommend the steps an organization could take to address these security breaches after the fact. Then, outline a plan for preventing these breaches from occurring, and specify the legal requirements you would structure around information security in an HRIS.
Two ways that hacker can steal the employee's confidential information from an HRIS system are a phishing scam and buffer overflow. A phishing scam is when the hacker sent out a fake email that looks authentic to all users of the HRIS system asking them to verify their information by clicking on a special link. Then the hackers use the information to promote their illegal activities. The best way to fight this type of hacking is to provide training and education to the users to what to look for to ensure that they are on the real site; to educate them to never give their personal information without asking HR first.
Buffer Overflow is a software bug that cause the written data code to buffer which make it to overrun it designated boundary. This overrunning allows the hacker to be able to overwrite the coding and to extract information for the protected data. The best way to eliminate this problem is to hire an unified threat management team that will monitor the system, identify the breach and stop it before any confidential information is breach.
An organization has legal responsibility to ensure that their employees' personal information is safe from unauthorized individual therefore, they need to establish an unified threat management team to handle security