Respond to the following in a minimum of 175 words:
Organizations need to know the value of their data to find the best way to protect it. The data must be categorized according to the organization’s level of concern for confidentiality, integrity, and availability. The potential impact on assets and operations should be known in case data, systems, and/or networks are compromised (through unauthorized access, use, disclosure, disruption, modification, or destruction).
Choose an organization from the Health Care, Finance, or Education sector to study throughout this course.
Based on your chosen organization, ensure you:
Discuss the organization’s data.
Discuss the organization’s categorization of the data based on the Standards for Security Categorization of Federal Information and Information Systems. (SEE ATTACHMENT)
Note: You will use information from this discussion in this week’s assignment Encryption Methodologies to Protect an Organization’s Data.
AND
In 100 words, reply to one of the post below. Be constructive and professional in your responses.
Craig
The organization that I would like to take a look at would be that of a local school system. Now a days, most information is stored in some way or shape of digital format, where as it used to be primarily hard copies that would require physical access to in order to steal it. With all the information being digital, it is all about how well you can protect the information being stored from those whom would seek to take it. In this instance of looking at a local school system, the type of data that could be collected would be names, addresses, contact information, and potentially financial information if the parents pay with card information rather than check or cash. There could also be the need for a school system to store more sensitive information such as social security numbers as well in order for them to have full student profiles built, and they may keep this information on record for an extended time period in case individuals need to be able to receive verification that they did attend and or graduate from said school. I would say a good starting point when talking about a security categorization on this information would be a confidentiality of moderate, integrity of moderate, and availability of low. I came to this conclusion based on the idea that identity theft, falsifying information or grades, and overall accountability of securing this information should be taken seriously and cared for accordingly.
Raya
I have chosen the popular health care insurance company in my state it is called United Health Care or UHC for short. It follows all of the rules and regulations of the HIPAA act. It also follows all of the rules and regulations of a copyright infringement act. Today it is pretty simple to make something up and scam someone but with UHC you don’t need to worry because they strive to make sure you get good health insurance for a fair price with good health care benefits.UnitedHealthcare is focused on protecting customer information in light of how the world has changed from a cyber and privacy risk perspective, and increased data security issues within all industries. They developed a new, required online questionnaire and certification process to document your security controls, as it relates to sharing of data and information during the sales, implementation and service of UnitedHealthcare customers. UnitedHealthcare manages and supports a robust information security program with protocols that are based on industry practices, applicable regulatory obligations, defense industry practices, and customer considerations. Policy, standards and guidelines, reviewed on a frequent basis, are used to manage the specific requirements of general computing, audit and security controls. Regulatory requirements, including the HIPAA Security Rule, are also reflected in their information security program.
Trent
Hello, the organization I have chosen is Fidelity Investments. Fidelity Investments Inc., commonly referred to as Fidelity, is an American multinational financial services corporation based in Boston, Massachusetts.
It is one of the largest asset managers in the world with $2.46 trillion in assets under management as of March 2018 and a combined total customer asset value number of $6.7 trillion. Fidelity Investments operates a brokerage firm, manages a large family of mutual funds, provides fund distribution and investment advice, retirement services, Index funds, wealth management, cryptocurrency, securities execution and clearance, and life insurance. Fidelity’s data involves user’s cash and securities in the form of retirement and non-retirement accounts with Fidelity Brokerage Services LLC, as well as individual workplace retirement accounts under a 401(k), profit sharing, 403(b), or 457 plan for which Fidelity is the record keeper.