COMM 226 Lecture Notes - Lecture 12: Social Insurance Number, Personal Information Protection And Electronic Documents Act, Information Security

How should organizations respond to security incidents: understanding and managing security threats to organizations, understanding threats to your own privacy will help make you more sensitive to the importance of security and privacy. Three sources of security threats are: human errors and mistakes, accidental problems, poorly written programs, poorly designed procedures, physical accidents, malicious human activity. Intentional destruction of data: destroying system components, hackers, virus and worm writers, criminals, terrorists, natural events and disasters, fires, floods, hurricanes, earthquakes, tsunamis, avalanches, tornados, and other acts of nature. Initial losses of capability and service: plus losses from recovery actions. Five types of security problems are: unauthorized data disclosure, incorrect data modification, faulty service, denial of service, loss of infrastructure. Involves hardware and software components: user names and passwords. Identification: authentication, smart cards, personal identification number (pin, biometric authentication, fingerprints, facial scans, retina scans, single sign-on for multiple systems, encryption and firewalls, malware protection, viruses, worms, spyware, adware, malware safeguards.