Managing Information Resources: Ensuring Data Security
|
|
ICMR HOME | Case Studies Collection
Case Details:
Case Code : ITSY057
Case Length : 13 Pages
Period : 2002-2007
Pub Date : 2007
Teaching Note :Not Available
Organization : -
Industry : Miscellaneous
Countries : Global
To download Managing Information Resources: Ensuring Data Security case study
(Case Code: ITSY057) click on the button below, and select the case from the list of available cases:
Price:
For delivery in electronic format: Rs. 300;
For delivery through courier (within India): Rs. 300 + Shipping & Handling Charges extra » IT & Systems Case Studies Collection
» IT and Systems Short Case Studies
» View Detailed Pricing Info
» How To Order This Case
» Business Case Studies
» Case Studies by Area
» Case Studies by Industry
» Case Studies by Company 
Please note:
This case study was compiled from published sources, and is intended to be used as a basis for class discussion. It is not intended to illustrate either effective or ineffective handling of a management situation. Nor is it a primary information source.
Chat with us
Please leave your feedback
|
|
<< Previous
Excerpts Contd...
A Serious Threat or Just Hype?
While the debate continued on the dangers of pod slurping, there were some who
argued that it was more of hype than a real threat. Though there was every
possibility of the data getting stolen and used for malicious purposes, some
experts opined that the threat had been over-publicized in the media. Vladimir
Chrenavsky (Chrenavsky), CEO of Advanced Force, a maker of security software,
remarked that the threat was "overblown"...
Mitigating the Threat
|
As the debate continued on the potential threats posed by pod slurping, many
companies looked to identify and implement steps to mitigate the risk of data
theft. It was relatively easy for the companies to check the threat of data
theft by people from outside the organization. Proper checks could be enforced
when a non-employee entered the organization, and they could prevent the visitor
from carrying any electronic equipment. However, the real problem arose when the
companies had to deal with their own employees.
Security experts suggested various measures to control the theft of data by
insiders. Usher suggested two main methods to prevent data theft.
|
|
First, policy-based security measures where the employees were restricted
from bringing any electronic devices to their place of work and ensuring
strict physical measures that prevented intruders from gaining access to the
information. Second, technological measures like disabling the USBs on the
network, encrypting the data, using third party software to protect the
data, not allowing data other than what was connected to the network to be
stored on the individual computers of employees, like salespersons, etc...
|
|
Outlook
As the companies initiated steps to tackle data theft, the costs
pertaining to these in the IT budgets of organizations were adding up.
Companies had to bear the costs if they wanted to win the confidence of
their stakeholders.
At a time when all the companies (mostly banks and governments) were
encouraging the customers to transact online, a considerable amount of
confidential customer data was stored in the company's database; and
there could not be any question of complacency on the part of the
organizations in safeguarding this data... |
Exhibits
Exhibit I: A Note on Data Theft
Exhibit II: Some Instances of Data Thefts
|
|
