IS3230 Unit 1 Assignment 2 Chris Wigint

Satisfactory Essays
The U.S. Federal and State compliance laws in regards to data protection affect all financial institutions in that non-compliance will result in fines and penalties. ABS Financial Solutions handles sensitive data for many credit unions and without regulations governing data security there would be no repercussions when private information is mishandled, lost or stolen. ABS understands their responsibility for protecting their client’s data and the threat of the retribution both federal and civil for non-compliance ensures they take appropriate security precautions.
ABSs choice of a solution to the data protection and encryption problem is most likely directly related to the penalties that can be enforced against them for non-compliance of the laws. The Federal Trade Commission, state insurance authorities and other federal regulatory agencies have the power to enforce the Gramm-Leach-Bliley (GLB) Act which requires all financial, investment and insurance agencies to inform their customers of their information sharing procedures. The GLB Act also requires these agencies to safeguard their customer’s sensitive data and information. ABSs solution to safeguard their customer’s data and information is directly related to compliance of the GLB Act.
ABS would have done a Cost-Benefit Analysis (CBA) to determine the risk of potential loss if they had not implemented better security practices. The CBA would have shown them that the potential cost of fines, revenue loss form their customers, and credibility far outweighed the cost associated with taking the enhanced security steps they took. As with any risk, a company has to determine if they can afford the cost to mitigate it or accept the risk and suffer the consequences if something should go wrong.
ABSs customers will in the end pick up some of the cost of the solution, if not all of the cost of the solution. The cost most likely will be spread out to all of the credit unions in the form of increased fees for

You May Also Find These Documents Helpful

  • Satisfactory Essays

    IS3230 Unit 3 Assignment 1 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: David Marquez 7 April, 2014 The data classification policy is intended to provide a framework for classifying a company’s data based on its level of sensitivity. Data classification entails analyzing the data an organization retains, determining its importance and value, and then assigning it to a category. Data is classified to help determine baselines for security controls in that will be implemented…

    • 288 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    IS3230 Unit 4 Assignment 1 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: David Marquez 14 April, 2014 Access Control Plan INTRODUCTION This Dragon Net Solutions (DNS) Access Control and Account Management Plan details the access control and account management activities for Dragon Net Solutions. It facilitates compliance with the National Institute of Standards and Technology’s (NIST) Recommended Security Controls for Federal Information Systems (NIST 800-53) and the NIST Guide…

    • 1211 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    Segregation of Duties Matrix (System User-Rights and Permissions Department Jennifer Buster Bradley Lloyd LuEllen Robert Spare Sam Receiving RO RO RO RO RO F BP RO Shipping RO F RO RO F RO BP RO Sales F RO RO RO RO N BP RO Accounts Payable BP N RO N N N BP RO Jennifer’s full time position as Sales would need Sales access for her primary position. She should only have By Position access to Accounts Payable when she is working that position. She would need Read Only for Shipping and Receiving in order…

    • 252 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS3220 Unit 2 Assignment 1 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: Sherman Moody 26 September, 2014 Corporation Tech will face many security risks with their current network. The user domain is the single most vulnerable part of any network and as such poses the most obvious security risk. To mitigate risks involving the users is to implement policies and training to educate the user on proper use and security best practices. By educating the user on security practices…

    • 612 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Dec 17, 2013 IS3120 Unit1 Unit 1 Assignment 1 The Johnson Company is a small business that provides networking components and services. They are in need of new methods of communication for reaching out to new customers, standing out from other businesses, meeting existing customer needs, and keeping customers informed of news and updates. The Johnson Company still uses analog phone lines and still takes customer orders by hand. Their only current method of advertising is an ad in the yellow…

    • 352 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 10 Assignment 1 Tony Stark ITT Technical Institute Access Control IS3230 Katie Lech February 26, 2015 Unit 10 Assignment 1 In this scenario, the fitness club was hacked from an unknown source. The fitness club has contracted Malcom Testing Solutions to do penetration tests and find any vulnerabilities along with make some security changes to prevent this issue from happening again. The security policies need to be changed as far as account management. For starters, the security policies for…

    • 550 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    IS3230 Unit 2 Assignment 2 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: David Marquez 30 March, 2014 Global Limited is a global provider of infrastructure information systems, whose services cater to a wide range of industry sectors. One of Global Limited’s business objectives is information security for their clients. In order to provide their clients with information security, Global Limited has utilized a risk management approach to protect their client’s information. From…

    • 515 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Unit 2 Assignment 1

    • 603 Words
    • 3 Pages

    9/25/2014 Service Providers Types NT 1310 Unit 2 Assignment 1 Guido Libreros [COMPANY NAME] Unit 2. Assignment 1. Service Provider Types Course Objectives and Learning Outcomes In this assignment, you will compare service provider types. Assignment Requirements In a 1-page paper, compare the different service provide types: RBOCS, ILEC, CLEC, MSO and ISP. Write a short paragraph on each describing what they are and why they’re important to telecommunications. Be sure to describe each of the service…

    • 603 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 2 Assignment 1

    • 253 Words
    • 2 Pages

    Unit 2 Assignment 1 Presented in Partial Fulfillment Of the Requirements for the Class GB541 Employment Law By Michael J Mc Evoy Kaplan University 18 May 2014 The Fair Labor Standard Act of 1938 Article I. What is the Fair Labor Standard 1) Why was this enacted-What was the need for this 2) What provocations cause this legislator to be considered Article II. What impacts did the Fair Labor Standard have on business 1) Why did they need a suitable work week- 2) What was…

    • 253 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS3230 Week 5 Assignment 1 – Scope of Work for Penetration Test The Fitness Club has unfortunately already been the victim of hacking that took place on their web server. They are unsure if this was due to a former disgruntled employee or if this was from a different party altogether. Malcolm Testing Solutions has been tasked with creating a penetration test plan in order to prevent future hacking attacks of attack on the Fitness Club’s network. The main objective of the assessment is to provide…

    • 468 Words
    • 2 Pages
    Satisfactory Essays