The case study presented here underlines the policies that are in general desecrated and address the policies which need to prevent the violations from occurring in future events.
A part time contractor was able to gain unauthorized access to sensitive and confidential material due to the lax security policies and controls. Hence it is very important that a policy is developed to overcome the issue presented. The employees presented should be known to the employer. They should closely be monitored. It is important that there are frequent background checks on the employee.
For example, Snowden had access which was excessive and was granted access which trespassed the requirements of the job. He also did identity theft while using other people’s usernames and passwords. Authenticating is an important step and should be implemented. It is important that people are educated and are monitored on daily basis.
We can see that Snowden accessed information, by using software he electronically crawled inside the networks of the agency. If the perimeter was secure, we would have been able to secure the data inside of it. We can use firewalls and passwords from getting it into wrong hands. We understand that things are not “hacker proof”, but if we ensure layer of protected data the information would be in safe hands.
The document here is establishing the policy which the organization used to reflect about the issues which are critically caused by Edward Snowden. The critical security breaches should be avoided by important policies. They help us to reinforce the expectations of employees and keep the data well hidden.
The discussion is about Edward Snowden who while being employed by National Security Agency or the NSA was responsible for a major breach in security. There were thousands of documents leaked which contained details about USA conducting intelligence surveillance.
The policy is for the use to safeguard legal abilities, the regulatory requirements of the sensitive data important to cyber security.
Section 1: The important problem here is that a part time contractor could gain access to confidential data. This calls for different development in policy to overcome the issue. It is an important note to have knowledge about the employees and the employer should be alert for potential fraud. It is highly important that an employee should undergo an extensive background check.
Section 2: As Snowden had used other usernames and passwords, it is highly useful that everything is authenticated.
We have plethora of hacker who need to enter into business ready to steal personal information to transfer secure data which is a tremendous loss for the company. It is necessary that employees are educated to maintain password security and policies.
Section 3: We can observe that he accessed the information. This could have been avoided by using security amongst the perimeter.
Roles and Responsibilities
The Manager of the Organization is deeply responsible to oversee the implementation of the Policies. If we ensure clear strategy and the daily operations are checked, this is important to implement a clear strategic policy for the growth of the business. The violations in policies are costly for the leaders of the origination. If the polices fail and there is no adherence to guidelines, it puts the existence to risk.
- Effective Dates: It refers to the effective date of the policy. It is signed by the Chief Information Officer, also it is in effect until officially cancelled by the CIO.
- Information and Assistance: It is the Contact Manager for further information regarding this policy.
- Approved: Date of Issuance – The day from which the use of policy started.
The case presented above was highly important for my understanding about forgery and security breach caused by Edward Snowden. They proposed the policy to be prevented from occurring in the future.