Data security in companies

Privacy and Security Policy

Privacy is critical for any company, especially when it comes to staff or clients. Since any employee enjoys secrecy, it is difficult for them to exchange emails or other personal information. As a result, communicating a program that allows algorithms to search employees' emails is very difficult. The ethical issues surrounding this project make it difficult to persuade the workforce to have entry. Maybe they have sensitive details in their emails, including most work applications and deals. In this respect, I will discuss the workers in person and explain the significance of the policy. While in the meeting, I will enlighten the workforce regarding the vitality of the policy and then invite them to share their concerns. If it is the only option, I will highlight the issues mandating the initiation of the security policy and address their concerns in the best way possible. After deep discussions, I will ask the employees to sign an acknowledgment document granting access to their emails. Also, the document will illustrate that they have understood the significance of the policy and are ready to comply with the same. After that, the new policy will be published in newsletters and updated on the company website. It will also be available on the various social media platforms involving only the workforce. The changes will be available in all avenues accessed by the workers.

Qn. 2

Part I: Elements Included in a Bank’s Data Security Policy

Even though banks may vary regarding the aspects of data security, there are several key constituents within the system. They include; security accountability; network service procedures; incident control and response; account monitoring and management; physical security; managing patches; system data policies; acceptable use policies; and monitoring and compliance. Security accountability mandates all stakeholders of the bank to adhere to the company regulations regarding security. For instance, customers should not share confidential information like pins. Employees must also not share private information such as customer details to other individuals not associated with the firm. Physical security is also crucial and may be provided by well-known security firms and even the police. It serves to prevent thugs from easily accessing the premises. Procedures also ensure the due process associated with the bank is followed. All these facets of the bank sought to ensure that the security, privacy, and confidentiality of the bank’s data are maintained. Moreover, employees, customers, as well as, the top management is mandated to stick to the prescribed guidelines.

Part II: Employee Data Theft

Evidently, employee data theft tends to occur when new employees join the organization or when a worker is leaving. In the contemporary globe, technology-savvy individuals utilize their knowledge to either cause harm or improve their respective organizations. Since the advent of technology, various progressive things have been experienced. However, unethical issues such as employee data theft have also increased. In this cases, some of the stolen things include financial records, customer data, research ideas, strategic plans, software codes, databases, and future anticipations of the market structure among others. In both cases, the employees will be terminated from their respective contracts. For the one leaving, the recommendation will illustrate the crime committed. Also, I will seek legal actions to penalize the individuals. On the other hand, the incoming employee will not be allowed into the firm. Both employees will receive punishment to the extent that other workers will not be tempted to follow the same route. Apart from that, I will initiate the necessary steps to prevent future issues revolving around the same. For example, sensitive data will be secured, encrypting data, preventing malware and training the workforce.

References

Robert L. Mathis, & John H. Jackson (2010). Human Resource Management (13 ed.). Cengage Learning.