Unit 1 LO3
3.1: Explain why security and confidentiality are important in a business environment?
A security program provides the framework for keeping Burger’s King at the desired security level by assessing the risks you face, deciding how Burger’s King will mitigate them, and planning for how Burger’s King keep the program and Burger’s King security practices up to date (Applied Trust, 2018). Burger’s King needs to employ security protocols on their networks and encryption on databases containing sensitive information, such as credit card or social security numbers, to limit external data breaches. Having a security program means that Burger’s King has taken steps to mitigate the risk of losing data in any one of a variety of ways, and have defined a life cycle for managing the security of information and technology within your organization. A good security program provides the big picture of how Burger’s King will keep its company’s data secure. It takes a holistic approach that describes how every part of Burger’s King is involved in the program (Barking Seal Issue, 2016).
Burger’s King Security program defines what data is covered and what is not. It assesses the risks its company faces, and how it plans to mitigate them. It indicates how often the program will be re-evaluated and updated, and when Burger’s King will assess compliance with the program. Physical security will protect data from unauthorized physical access. Authentication, authorization, and accountability establish procedures for issuing and revoking accounts. It specifies how users authenticate, password creation and aging requirements, and audit trail maintenance. Security awareness makes sure that all users have a copy of your acceptable use policy and know their responsibilities; it also makes sure that your IT employees are engaged in implementing your IT-specific policies. Virus protection outlines how businesses protect against viruses. This might include maintaining workstation-based products and scanning email, Web content, and file transfers for malicious content.
Confidentiality is the protection of personal information. information that is considered confidential can include: a) individual files are locked and secured; b) support workers do not tell other people what is in a client’s file unless they have permission from the client; c) information about clients is not told to people who do not need to know; d) clients’ medical details are not discussed without their consent; and e) adult clients have the right to keep any information about themselves confidential, which includes that information being kept from family and friends. Confidentiality is important for several reasons. One of the most important elements of confidentiality is that it helps to build and develop trust.
It potentially allows for the free flow of information between the client and worker and acknowledges that a client’s personal life and all the issues and problems that they have to belong to them. One of the major purposes for obtaining a client’s consent before speaking to a third party (such as another agency or a family member/carer) is to protect the confidentiality and privacy of the client. Informed consent (obtaining personal information with the formal permission of the client or a person who has the legal authority to provide permission on behalf of the client) is considered essential in maintaining the privacy of the client. It is important to keep your clients’ business as just that – their business. You should only discuss matters relating to your clients’ business with co-workers, and then only what needs to be discussed.
Our Recommended Resources:
3.2: Explain the Possible consequences of failing to maintain security and confidentiality in line with requirements.
Burger’s King may face a much more complex set of security challenges than ever before. Where the physical security of buildings once stood as the top concern, now businesses of all sizes must manage a host of data security risks, ranging from viruses on the Internet to the lax password habits of employees, without sacrificing customer service. Employee theft and fraud constitute a major source of revenue and inventory loss to businesses. According to data compiled by Statistics Brain, as of 2012, UK businesses lose approximately $50 billion annually to employee theft, and approximately 47 percent of inventory gets attributed to employee theft (Dontigney, 2018). Although financial need may drive some theft, many employees steal because the business places very few roadblocks to prevent theft. Even basic preventative actions, such as storing supplies in a locked closet and installing cameras where cash transactions occur, can deter theft. To prevent more sophisticated employee fraud, Burger’s King can initiate annual internal and external audits.
Burger’s King is often having a fear that exposing security weakness gives the opportunity for hackers to penetrate into business-sensitive information and do the damage. These concerns have shown to have a negative impact on consumer attitudes toward using the Internet to make purchases. (Koufaris, 2002) The outcome is a failure in doing business online. The losses can be divided into “direct” and “indirect losses”. The complete impact of identity theft is not completely understood so far, but the latest researches importance of fast development and major costs linked with the offense have discussed and looking to solve it. Near the beginning debate around identity theft relied on subjective proof which is mainly reported by the popular press. Identity theft is in many ways a more harmful activity that can have continuous effects on major financial effects on merchants as well as on customers. Recent studies have found that identity theft victims often suffer the same emotional consequences as victims of other crimes. The crime of identity theft can be difficult to track because it takes many forms and is used to facilitate other crimes, such as credit card fraud, immigration fraud, Internet scams, and terrorism.
Failure to protect Burger’s King data’s confidentiality might result in customer credit card numbers being stolen, with legal consequences and a loss of goodwill. Lose Burger’s King clients’ confidential information and Burger’s King may have fewer of them in the future. A data integrity failure might result in a Trojan horse being planted in your software, allowing an intruder to pass its corporate secrets on to its competitors. If an integrity failure affects your accounting records, you may no longer really know your company’s true financial status (Dontigney, 2018). Consumers always worry about their data confidentiality and privacy. Many researchers have found that a majority of internet users worry about spreading of personal data, because the person stealing someone’s data can use it to misuse the bank accounts, conduct a crime using the details of somebody else, can easily get away from worst situations or can even cross-countries borders using fake identities, all of the above can create a problem for the person whose identity has been used for all such crimes.
Confidentiality issues are always in concern when companies are dealing with trading partners or doing business within a country having strict laws for companies to be found liable if they do not protect their own and critical information of others. Theft of corporate identities may adversely affect the morale of third party employees as well as the competitive advantages that a company may have with its trading partners. Using a network perspective, concerning interrelationships between people and organizations, economic relationships between organizations embedded in networks of social relationships (Uzzi, 1997). Improper handling of information can also take companies to court where they can hold accountable for negligence and can face severe fines including imprisonments. Another aspect of indirect loss is the damage to the credit history of both customers and businesses. Businesses will no longer be able to obtain business loans to boost their business and also cannot obtain insurance benefits from insurance companies. Similar things happen to customers, once their history has been marked susceptible they cannot obtain bank loans, credit cards, health claims, and even a better carrier.