90.2K

Verified Solution

Link Copied!

After read the article. Answer the questions:

- What kinds of collaboration tools have vou used to complete class assignments and proiects? Could these collaboration tools pose a risk to you? How?

- How do vou feel about the trend of companies

using new technologies to monitor their employees? Would you want to work for a company that uses monitoring technologies? Why or why not?

- Monitoring digital activity is not exclusive to the workplace. Internet service providers monitor vour Web traftic, and many Web sites monitor everything that vou do while interacting with their site. What does this mean for users working from home? How might an ISP's monitoring activities be a threat to corporations?

Security Guide EVOLVING SECURITY devices operating systems, and applications being used. It's a daunting task The loss of physical boundaries and the proliferation of devices mean that information security professionals need to be more careful about controlling access to tesources. They ako have to monitor user behavior much more closely than bciare. Not everyone in the city can be trustent. Vetting Insiders Employees acting maliciously within an organization are often viewed as one of the biggest concerns of information security professionals remember Edward Snowden and the NSA). Employers try to reduce the risk of rogue employees by conducting thorough background checks before hiring, They conduct interviews, run credit reports and adminis ter persenalty surveys. But what happens when a company In the past, protecting an organization's information systems and data was often equated to protecting a castle. Castles used defenses like moats, large walls, and towers to protect inhabitants from enemies lurking outside their walls. Information security professionals used the castle model as a metaphor to describe how security measures such as firewalls and intrusion detection systems IDS) could be used to create a barrier between internal information systems and hackers working to compromise them. However, the castle model is no longer feasible for most organizations. The rapid spread of smartphones, laptops, and other network-enabled devices has completely transformed organi zations' network architecture. Physical boundaries are nearly enc. Organizations now have hundreds, and in some cases thousands of devices (eg, laptops, tablets, and phones) that are used by employees both inside and outside the company Employees can use these devices to access corporate servers remotely and store corporate data locally Information security profes slonals now use a city mile to describe their efforts to secure corporate information systems. In the city model, authorized us ers, as well as visitors, are free to roam the digital city with any de vice they'd like. But access to indi vidual building servers and data is restricted. Users can access re- sources only if they're authorized But the city model isn't per fect. If users' devices are compro mised, hackers could use them to access remote corporate networks or steal data directly from the de vice's local hard drive. Trying to secure this type of digital environ ment is even more challenging when you consider the diversity of Sturce: Tim Robberto The Image BankGetty Images 104 engages in a collaborative project with another firm? How can team leaders be sure their corporate partners have been evaluated with the same level of scrutiny? The hard truth is that these types of assurances can- not be made in most cases. Granting network access to outside collaborators can pose a considerable threat. A tem- porary collaborator granted access to an internal network could steal corporate data more easily than a cybercriminal attacking it from the outside. In a way, it's similar to trusting your siblings. You may trust your brother or sister, but do you trust their friends many or all of these activities are permitted in most states. Monitoring activities can be used to provide a fairly robust picture of employee behavior. They can also be used to iden- tify risk levels for each employee within the organization. For example, in a recent study by Paul Taylor at Lancaster University, researchers found that employees who were planning to act maliciously changed the way they interacted with their coworkers. They started to use singu- lar pronouns (like I. me.or my) rather than plural pronouns (like us, we, or our). They became more negative, and their language became more nuanced and error-prone. Researchers are also developing new technologies that can be used to monitor and interpret not only what users are typing or clicking on but also how they are typing and how they are moving their mouse. These measurements can then be used for any number of applications like making sure you are not reusing corporate passwords or identifying stress or anxiety while you are writing an email. By the time you enter the workforce, almost everything you do for your company has the potential to be monitored and analyzed! Employee Monitoring You may be wondering if there is anything employers can do to mitigate the risks of an insider threat or a sketchy corporate partner. Employers are increasingly monitoring Internet usage, tracking GPS information on vehicles and mobile devices, recording keystrokes, monitoring social media activity, and reviewing emails. While some of these activities are illegal for employers to conduct in some states. QUESTIONS 1. This guide emphasizes how information security strat- egy has changed over the past two decades due to ad- vancements in technology. What do these changes mean for you personally in managing and securing your own personal systems and data? 2. Take a few minutes to conduct an Internet search on insider threats. Besides some of the high-profile cases of employees stealing and selling or distributing corporate data, what other examples can you find? 3. What kinds of collaboration tools have you used to com- plete class assignments and projects? Could these col- laboration tools pose a risk to you? How? 4. How do you feel about the trend of companies using new technologies to monitor their employees? Would you want to work for a company that uses monitoring technologies? Why or why not? 5. Monitoring digital activity is not exclusive to the work- place. Internet service providers monitor your Web traf- fic, and many Web sites monitor everything that you do while interacting with their site. What does this mean for users working from home? How might an ISP's mon- itoring activities be a threat to corporations? Security Guide EVOLVING SECURITY devices operating systems, and applications being used. It's a daunting task The loss of physical boundaries and the proliferation of devices mean that information security professionals need to be more careful about controlling access to tesources. They ako have to monitor user behavior much more closely than bciare. Not everyone in the city can be trustent. Vetting Insiders Employees acting maliciously within an organization are often viewed as one of the biggest concerns of information security professionals remember Edward Snowden and the NSA). Employers try to reduce the risk of rogue employees by conducting thorough background checks before hiring, They conduct interviews, run credit reports and adminis ter persenalty surveys. But what happens when a company In the past, protecting an organization's information systems and data was often equated to protecting a castle. Castles used defenses like moats, large walls, and towers to protect inhabitants from enemies lurking outside their walls. Information security professionals used the castle model as a metaphor to describe how security measures such as firewalls and intrusion detection systems IDS) could be used to create a barrier between internal information systems and hackers working to compromise them. However, the castle model is no longer feasible for most organizations. The rapid spread of smartphones, laptops, and other network-enabled devices has completely transformed organi zations' network architecture. Physical boundaries are nearly enc. Organizations now have hundreds, and in some cases thousands of devices (eg, laptops, tablets, and phones) that are used by employees both inside and outside the company Employees can use these devices to access corporate servers remotely and store corporate data locally Information security profes slonals now use a city mile to describe their efforts to secure corporate information systems. In the city model, authorized us ers, as well as visitors, are free to roam the digital city with any de vice they'd like. But access to indi vidual building servers and data is restricted. Users can access re- sources only if they're authorized But the city model isn't per fect. If users' devices are compro mised, hackers could use them to access remote corporate networks or steal data directly from the de vice's local hard drive. Trying to secure this type of digital environ ment is even more challenging when you consider the diversity of Sturce: Tim Robberto The Image BankGetty Images 104 engages in a collaborative project with another firm? How can team leaders be sure their corporate partners have been evaluated with the same level of scrutiny? The hard truth is that these types of assurances can- not be made in most cases. Granting network access to outside collaborators can pose a considerable threat. A tem- porary collaborator granted access to an internal network could steal corporate data more easily than a cybercriminal attacking it from the outside. In a way, it's similar to trusting your siblings. You may trust your brother or sister, but do you trust their friends many or all of these activities are permitted in most states. Monitoring activities can be used to provide a fairly robust picture of employee behavior. They can also be used to iden- tify risk levels for each employee within the organization. For example, in a recent study by Paul Taylor at Lancaster University, researchers found that employees who were planning to act maliciously changed the way they interacted with their coworkers. They started to use singu- lar pronouns (like I. me.or my) rather than plural pronouns (like us, we, or our). They became more negative, and their language became more nuanced and error-prone. Researchers are also developing new technologies that can be used to monitor and interpret not only what users are typing or clicking on but also how they are typing and how they are moving their mouse. These measurements can then be used for any number of applications like making sure you are not reusing corporate passwords or identifying stress or anxiety while you are writing an email. By the time you enter the workforce, almost everything you do for your company has the potential to be monitored and analyzed! Employee Monitoring You may be wondering if there is anything employers can do to mitigate the risks of an insider threat or a sketchy corporate partner. Employers are increasingly monitoring Internet usage, tracking GPS information on vehicles and mobile devices, recording keystrokes, monitoring social media activity, and reviewing emails. While some of these activities are illegal for employers to conduct in some states. QUESTIONS 1. This guide emphasizes how information security strat- egy has changed over the past two decades due to ad- vancements in technology. What do these changes mean for you personally in managing and securing your own personal systems and data? 2. Take a few minutes to conduct an Internet search on insider threats. Besides some of the high-profile cases of employees stealing and selling or distributing corporate data, what other examples can you find? 3. What kinds of collaboration tools have you used to com- plete class assignments and projects? Could these col- laboration tools pose a risk to you? How? 4. How do you feel about the trend of companies using new technologies to monitor their employees? Would you want to work for a company that uses monitoring technologies? Why or why not? 5. Monitoring digital activity is not exclusive to the work- place. Internet service providers monitor your Web traf- fic, and many Web sites monitor everything that you do while interacting with their site. What does this mean for users working from home? How might an ISP's mon- itoring activities be a threat to corporations

Answer & Explanation Solved by verified expert

See Answer