Unit_4_WorkSheet_1

docx

School

Lone Star College, CyFair *

*We aren’t endorsed by this school

Course

2279

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

2

Uploaded by EarlBear1147

Report
Unit 4 Privacy Data Security Gaps Instructions: Review the description of the Request for Proposal (RFP) about the client’s current information technology (IT) security policy framework, privacy data legal requirements, and the security gap analysis from the previous unit. Identify each of the security gaps that relate to protecting privacy data and describe each gap. Provide a narrative explaining the exposure each privacy data gap represents to the client’s organization . Privacy Data Security Gap Exposure Explanation Personnel Background Investigation Ensuring that personnel with access to sensitive data receive appropriate background checks helps prevent internal threats and unauthorized access. Segregation of Duties Lack of segregation of duties can lead to conflicts of interest and unauthorized access, potentially compromising data security. Separation of Development and Production Facilities Maintaining a clear separation between development and production environments is essential to prevent security vulnerabilities introduced during development from affecting production data. Production Environment Access Control Controlling access to the production environment is crucial to prevent unauthorized users from accessing sensitive data. Application Control Proper control over applications is necessary to ensure that they don't introduce vulnerabilities or unauthorized access points. Operating System Access Control Controlling access to the operating system is essential for preventing unauthorized users from gaining control of the underlying infrastructure. Session Timeouts Implementing session timeouts helps protect sensitive data by automatically logging users out after a period of inactivity. Password Management A robust password management system is vital for maintaining the security of user credentials and preventing unauthorized access. Use of Shared Technology Resources Sharing technology resources without ample controls can lead to security risks and potential data breaches. Monitoring System Access and Use Continuous monitoring of system access and usage is necessary for detecting and responding to security incidents and privacy breaches. Event Logging Proper event logging is essential for tracking system activities and identifying security incidents or data breaches. System Development and Maintenance Control Having a policy for controlling systems development and maintenance is critical to prevent the introduction of security vulnerabilities. User Registration and Authorization Controlling who can register and access the system and ensuring that they have appropriate permissions is fundamental to data security and privacy. Loss of User Privilege Unauthorized loss of user privileges can lead to security breaches, so controlling and monitoring privilege changes is important.
Unit 4 Privacy Data Security Gaps User Privilege Control Managing user privileges and permissions is essential to prevent unauthorized access to sensitive data.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Unit_4_WorkSheet_3.docx
Unit_4_Technical_Assessment.docx
Unit_4_WorkSheet_2.docx
Unit_5_WorkSheet_2.docx
Unit_3_Security_Gap_Analysis_Recommendations_Worksheet_2_.docx
Unit_5_WorkSheet_1.docx
Dillard Case 1 cf_incident-report_template (1).docx
hand in assessment (1) (1).docx
Code Methods.docx
2-2 Applied Activity-Website Evaluation SSGB.docx
ELM-361 tech.pptx
DQ1.docx