MKTwain - CMGTCB-554 - Competency 2 Reflection
docx
keyboard_arrow_up
School
University of Phoenix *
*We aren’t endorsed by this school
Course
554
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
2
Uploaded by PrivateOtterPerson4789
Mark Twain
CMGTCB/554 – Competency 2 – Reflection
Current trends in technology advancement are great for everyone, especially with cloud-based offerings from many providers. However, with the increase in availability to network services and content, risks to the network have also advanced and requires constant monitoring in order to mitigate these risks. Network risk assessment is a must to protect one’s network and network resources to keep the network performing at full scale.
In our current environment, a high school district with three main campuses and two satellite campuses spread across 3 cities, it has become apparent that risk mitigation is a priority. Two major risks, among many others we have, are threats to our firewall by bad actors trying to gain access via emails that look like they are sent from our own administrators to staff members, and also phishing.
As an IT manager, what can be done to protect the network is to closely monitor the firewall and
what sites are blocked or unblocked for staff and students to access. Verifying that these sites are not hosted from countries that have a higher likelihood of risk to our environment will aid in mitigating this risk. Making sure our firewall settings are finely tuned and software is up to date will help us protect our
student data from being compromised. Mitigating the risk of phishing has been an ongoing project due to the emails appearing more legitimate in nature and having the sender’s name appear as one of our own administration members. As an IT manager, it has been communicated to staff to pay close attention to the sender’s name AND address, also to not click on any links in an email that appear to be sketchy. There have been some staff members that have fallen victim to these phishing emails, this has resulted in mandatory phishing awareness training, as well as mock phishing attempts to many in order to test their understanding of the awareness training.
In recent years organizations have been collecting data on consumer’s spending habits, their internet search history, as well as social media activity. This is being done on a larger scale than before, in part to target customers with advertising that fits their purchasing habits or lifestyle. All of this data can be utilized in algorithms that will make it easier for an organization to predict what a customer will be looking for next, and in doing so, the organization can “plant” this in the customer’s path via targeted
advertising or social media content.
An ethical consideration in the CRM system regarding this data collection is that the customer’s privacy is nearly being violated. The organization does have a relationship with the customer, but to what extent is this relationship allowed in terms of privacy? With an organization compiling all this data on a customer, it can predict or steer a customer’s decision-making process. This can become a legal issue if the privacy of the customer’s habits is shared with other organizations without the customer’s consent. The legal consideration here is that if a customer isn’t fully aware of the privacy policy of what an organization has provided, the customer may unknowingly have agreed to sharing this information without further consent.
This is similar to the data breach of a certain cell phone service provider and the location data they had on customers when using specific apps, because when someone downloads an app to their phone and in doing so, they may automatically give consent to use their location while using the app. However, the app is running in the background on their phone, therefore giving constant location access
to the app provider. The legal consideration here is the privacy of the customer and availability to the location of the customer at all times while the app is running in the background on their phone. The customer didn’t knowingly provide constant tracking permission when downloading the app. The ethical consideration is, are you allowed to track someone without their consent or without disclosing that the app will continue to run in the background unless you turn it off or close the app?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help