Where the company has to take any measures that the company can afford to take when it comes to protecting the customers’ data there are limitations
Where the company has to take any measures that the company can afford to take when it comes to protecting the customers’ data there are limitations. Where I can understand limiting the employee’s ability to bring in any of their own devices to work there comes a point when you put so many restrictions on your employees that no one is going to want to work there. I haven’t worked in a job since I was in high school where I was allowed to have my personal phone or other devices within the property of the job. So when I hear of people complaining about their employers not allowing them to have cell phones on them I feel they need to suck it up. I’ve gone 14 years with out being allowed to have my own cell device on me and it wasn’t until March of this year that I moved to a position where I was given a work phone, so up until March I had no contact to the outside world for 12-16.5 hours of the day while at work. Trust me it sucks but it is more then doable. It is my opinion that if someone wants your data they will find a way to get it you just have to make sure that isn’t easily accessible and that they get tired of trying and move on to easier targets.
Feedback 2
Data breaches range from phishing attacks to more sophisticated methods like malware injections by hackers who actively exploit vulnerabilities. Organizations implement multi-layered approaches to data security, including access controls, software updates, encryption, and employee training. However, striking a balance between employee data utilization, customer protection, and integrity is crucial.
The user’s habits and behavior can contribute to data breaches (Kaspersky, 2023). Extreme measures like completely halting BYOD or banning cell phone usage may not be practical or necessary. Instead, organizations should focus on educating users about best practices, such as utilizing strong passwords, not sharing them, and securing devices with encryption software.
Certain organizations must comply with specific regulatory standards when handling customer data. For example, the Sarbanes–Oxley Act (SOX) imposes requirements on electronic record keeping, including record integrity, retention periods, and storage methods (Andress, 2019). Additionally, organizations should consider the principles of Information Security, including confidentiality, integrity, and availability (Kim & Solomon, 2021).
References:
Andress, J. (2019). Foundations of information security: A straightforward introduction. No Starch Press, Incorporated.
How data breaches happen. usa.Kaspersky.com. (2023, May 18). https://usa.kaspersky.com/resource-center/definitions/data-breach
Kim, D., & Solomon, M. G. (2021). Fundamentals of information systems security. Jones & Bartlett Learning, LLC.
Answer preview to where the company has to take any measures that the company can afford to take when it comes to protecting the customers’ data there are limitations
APA
339 words