CYB 650 Information security depends on one's ability to know how to secure an asset using compliance driven directives. This means that there is a need to implement rules and regulations surrounding

CYB 650

Information security depends on one's ability to know how to secure an asset using compliance driven directives. This means that there is a need to implement rules and regulations surrounding the protection of important information that, through ownership, carries with it inherent consequences if compromised. Research and discuss the ways in which you might secure such information, and how you would assure a given client that their information would be protected using need-to-know security practices. (2para)

Attempt Start Date: 08-Oct-2020 at 12:00:00 AM

Due Date: 12-Oct-2020 at 11:59:59 PM

2) Respond to this post (1paragraph)Once an organization has taking the time to identify critical information and assigned it a classification based on their business model, the next step is to ensure it remains protected from external individuals and internal employees, especially if they do not have a business need to be accessing/reviewing the content. One thing I believe people tend to forget or overlook, securing/protecting data takes more than a technological solution, employees need to know the type of data that is being collected, its designated classification and the ramifications if that data is not handled properly.

The following are examples of steps that an organization can take to ensure data privacy within their organization:

1. Limit and protect the information you collect on customers.
2. Use state-of-the-art encryption methods
3. Focus on building trust for the long-term
4. Be transparent regarding data privacy
5. Make it convenient for your customers
6. Train employees regarding data privacy
7. Update data protection programs as instructed.

In looks at this steps/processes, all can be used to showcase to a new or potentially new client that the organization views security and privacy as a core practice and as I mentioned above it touches on both technical and human aspects for keeping data safe.

3) Respond to this post (1paragraph)

Once an organization has taking the time to identify critical information and assigned it a classification based on their business model, the next step is to ensure it remains protected from external individuals and internal employees, especially if they do not have a business need to be accessing/reviewing the content. One thing I believe people tend to forget or overlook, securing/protecting data takes more than a technological solution, employees need to know the type of data that is being collected, its designated classification and the ramifications if that data is not handled properly.

The following are examples of steps that an organization can take to ensure data privacy within their organization:

1. Limit and protect the information you collect on customers.
2. Use state-of-the-art encryption methods
3. Focus on building trust for the long-term
4. Be transparent regarding data privacy
5. Make it convenient for your customers
6. Train employees regarding data privacy
7. Update data protection programs as instructed.

In looks at this steps/processes, all can be used to showcase to a new or potentially new client that the organization views security and privacy as a core practice and as I mentioned above it touches on both technical and human aspects for keeping data safe.