MKTwain - CMGTCB-559 - Comp 1 Reflection

docx

School

University of Phoenix *

*We aren’t endorsed by this school

Course

559

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by PrivateOtterPerson4789

Report
Mark Twain December 5, 2023 CMGTCB/559 – Competency 1 Reflection Our society is advancing in a technological perspective at an exponential rate, this aided by app capabilities, interconnectivity of our mobile devices with everything in our lives from fitness trackers, smart-watches, AI assistants such as Alexa, Google Home, Siri, and even our cars. This makes life easier and, in some cases, allows us to be more efficient in our day-to-day routines. However, all this information sharing with apps, devices, and our interconnected lives, we also run the risk of this information being used by bad actors to pose as us for malicious purposes or especially financial gain through stolen identities and even human trafficking. Now let us think, if we each run risks of our information being accessed from what we thought were secure apps on our phones that safeguard our meta-data, health records, financial information and daily routines, imagine if a company such as Apple or Samsung had a breach and millions of their customers data such as this was compromised. What if these organizations didn’t put an emphasis on effective information security governance? A breach as such would be detrimental to an organization and to all the customers whose data was stolen. These breaches can happen in any industry from communications, educational, financial, healthcare, governmental, social media, and many others. This is why it is important for organizations to have these risk mitigation processes in place, but also effective enforcement of these processes and policies by executive leadership. Breaches that happen due to ineffective implementation of information security governance can open up executives to possible incarceration, fines, civil suits by those affected by their negligence, and most likely will lead to their termination from their organization or industry altogether. An organization should be driven to have effective information security governance in order to mitigate risks that would result in these consequences of customer information being lost and misused to cause greater harm, as well as preventing employees who have access to this information from using it for their own gains. These are factors that executive leadership should always keep in mind, keeping effective methods in place. I work for a high school district just outside of Chicago, we’ve been implementing multi-factor authentication on our Microsoft and Google platforms for all staff and faculty. Our student data must be safeguarded and be made a priority because the majority of them are minors, and if their data was compromised and used by bad actors, they can cause damage to student identities years before anyone would even detect it. As an IT leader, it is important to be aware of the risks and the future implications of such a breach. This way when we have to explain to the executive leadership and school board why we are spending money on these resources and deploying these security measurers that may seem inconvenient to most because of the extra step in verifying their credentials, we can have a reasonable explanation as to why we are doing this. The important goal in my position is to safeguard student and employee data, through effective implementation of information security governance procedures. Following the steps outlined by the
Charter of Information Security Governance is a great way to set this up and follow it as well as presenting it to executive leadership. The way that personal student data is classified can designate its importance of how to safeguard it in our environment and at what encryption level. The way we classify student grades and class schedules may not be at the same level of encryption as personal data because this data is not likely to be used for identity theft purposes or to access financial information and create false financial accounts under the student’s names. We keep identifiers of student grades and classes separate from their personal data such as date of birth, home address, social security numbers, etc. So, this information is in separate classification levels and protected as such.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

part2.docx
Project Two.docx
MKTwain - CMGTCB-555 - Competency 2 - Reflection.docx
MKTwain - CMGTCB-582 - Competency 1 Reflection.docx
MKTwain - CMGTCB-582 - Competency 2 Reflection.docx
MKTwain - CMGTCB-559 - Final Reflection 02.08.24.docx
MKTwain - CMGTCB-559 - Comp 2 Reflection.docx
MKTwain - CMGTCB-559 - Comp 3 Reflection.docx
Unit 6 Risk Management .docx
QSO 640 MODULE 4 PRE-TEST .docx
QSO 640 Module 6 - Pre-Test.docx
final project 3.docx