As a bank the company collects customer information such as their financial information and personal information such an addresses, social security numbers, and place of employment among many other things. Because the bank has access to so much sensitive information that it is a bank priority to maintain confidentiality with the customer’s information. There are several policies and procedures to protect customer’s information from being exposed to anyone who does not need to know the information. All information is collected and stored on computers though a company wide network that can be accessed at any Wells Fargo branch at any time. Customers must be present in order to access the customer’s account and access to accounts is monitored.
A. Post-Event Evaluation of IT Staff A1. Nature of Incident The incident was conducted internally by an employee of the organization. The employee was able to spoof his/her Internet Protocol (IP) address in order to monitor the network. By monitoring the network, the employee was able to detect the location of the data store within the human resources record system. Once the location was found, the employee was able to modify the information in order to increase his/her paychecks.
Each location can also be linked to one another through the VPN. Logging in to the network is required by staff and employees in order to keep security maximal. Software Development Tests Kudler Fine Foods will be informed of the entire development process by Smith Consulting. Any risks or errors in the development process will be documented. Testing will be done throughout the development process, as well as testing done with consumers once the program is released.
Workplace confidentiality requires that this information be identified and secured to prevent unauthorised access or release of the information and includes everything from policies on workplace Internet usage to nondisclosure agreements in employee contracts. Breaches of workplace confidentiality can result in a range of problems. Customers tend not to work with companies they think are untrustworthy, and consumers may specifically warn people away from companies that have mishandled private information like addresses, purchasing records, and credit card numbers. Companies can also experience compromises in their long term business plans if information about products in development or ideas a company is considering are released
Individual login Ids and Passwords: every employee should have their own individual login Ids and passwords, to prevent other employees going on other employees work, and looking at their personal information. You also have to comply with the data protection act, crime and security act, and computer misuse act. Computer monitoring software: you may want to use computer monitoring software to monitor what your employees are going on, and to keep them on task. Just in case they get a virus on the devices and cause the systems to be breached and be down. Also you can find out what caused the problem.
As for the other departments in the company that use computers can create the interface that best suits their needs and their business type. The POS will allow the clerks to continue business as usual with the exception of customer basic information can now be accessed from the POS screen and an area for specific notes for each customer. Inventory, Suppliers, Customers, Employees, Departments, are managed and maintained through a series of powerful databases. All of the information entered into the system are integrated and managed by each database. For security reasons Managers can control who has access to the system and each user is assigned a unique security profile that determines exactly what features and functions can be accessed.
c) I don’t believe my organization complies with all of the requirements because I don’t work so this does not apply. d) No one is responsible in my organization to make sure these compliance laws are met because once again I do not work so this does not apply. Health Insurance Portability and Accountability Act (HIPAA): a) It is important because it helps everyone out in a time of need and also keeps personal information safe from the public unless authorized. b) It impacts your IT environment because it lets everyone know what is supposed to be private or what how they are protected in a time of need. c) I don’t believe my organization complies with all of the requirements because I don’t work so this does not apply.
The firm also has 12 minor customers. Each member of the sales force maintains their own set of customer records using a variety of tools. Tracking of customers records in this way will create some difficulties because each sales member is using a variety of personal tools that will not mix or be compatible with the rest of the sales team members if needed. Also management or any other staff would not be able to use the sales data from each sales member due to the different tools being used. There needs to be a standard operating procedure using a company policy approved Customer Relationship management system.
There is an emphasis on factual and numerical reporting on which we make decisions about how our company will be run. This is a seriously flawed method of management in that there is a complete lack of thought to the psychological impact of their decisions and management of the organization. The lack of empathy is palatable in the room during these meetings. My failure to elicit empathy for others and myself in the group creates a huge challenge for me. In order to more effectively contribute to the organization, I would like to spend some time researching techniques to connect on an emotional level with the team.
Some information that has been given within the business is stored in a computer and some are too personal and should be kept confidential these could be bank details, medical records and criminal records. In a business, there is lots of information which are stored in the computer and should be able to manage it. There are a number of employees that are hired within the business therefore they share their information to the college, only managers and suitable head dept. should be the only one who are able to get hold of information of an employee. Human