How Businesses manage Information and Data and why these Methods are used Flashcards
10.1 Key Requirements of Legislation relating to the Security of Information and Data. (17 cards)
What are the two categories on the behaviours of organisations and business?
- Imperatives
- Incentives
What is imperatives?
Result from legislation or regulation and force organisations and businesses to act e.g. an employer’s responsibilities under health and safety legislation.
What is Incentives?
Come from the benefits organisations gain from taking action e.g. changes to tax rules.
What are some examples of consequences for an organisation/business not manageing info and data properly?
- financial penalties,
- reputational damage
- loss of clients
- customers.
What are some of the techniques that can be applied to minimise the risk of things going wrong?
- Staff Training
- Version Control
- Access Controls
- Indexing
- Cyber Security
What does Staff Training help employees to understand?
The organisation’s current policies and procedures as well as their individual responsibilities to ensure they protect personal data and business info.
What should staff training raise awareness to?
The ongoing risk to data security from hacking and other cybercriminal activity.
What is version control used to do?
ensure accuracy of info and establish that employees are working with the most up-to-date info.
What does version control help to do?
ensure that personal data is kept up to date and managers make informed decisions based on the latest info.
Why do access controls need to be put in place?
Some data may be confidential or sensitive. This means managers may restrict the number of people that need access to this type of data, to reduce the potential for data breaches.
What ways can data be protected on electric devices?
- Password protection
- Stored in a secure drive that only certain people can open.
What ways can data be protected on paper?
Keep it in a locked filing cabinet or storage room which only certain people have access to.
how can data be protected without having access controls?
Records can have personal data removed so that staff can access any data they need without compromising access to data they do not need to view.
What is Indexing?
Data is usually stored or catalogued in a way that allows it be searched efficiently and effectively. This will help managers make informed decisions and work out any data breaches and the extent of them quickly and respond to request for info.
How can you protect your data from hackers (cyber security)?
- use reputable ant-virus software which is regularly updated to detect and then delete suspicious code or software.
- set up and use a firewall. – regular checks or audits to proactively identify any potential security vulnerabilities and take action quickly.
What is a Firewall?
A specialist Security feature that selectively manages the communication of data into, within or out of a network.
What is a firewall intended to do?
It is intended to block data that is considered potentially dangerous or is not trusted.
