Premium Essay

Is3350 Unit 2 Assignment 1

In:

Submitted By PattiP0414
Words 796
Pages 4
Executive Summary on Veteran’s Affairs (VA) and Loss of Private Information
IS3350 Unit 2 Assignment 1: Executive Summary on Veteran’s Affairs (VA) and Loss of Private Information

Background

On 3 May 2006, a Department of Veterans Affairs (VA) laptop was stolen from a VA data analyst’s home in Montgomery County, Maryland. In addition to the laptop, a personal external hard drive was stolen. The external hard drive contained the personal data (names, social security numbers, dates of birth, disability ratings) for 26.5 million veterans and their spouses. It should be noted that the massive data theft was only one of many that had been discovered over the course of 1.5 years. Upon discovery of the theft, the VA employee immediately notified the local police and his supervisors. His supervisors did not notify the Veterans Affairs Secretary until 16 May 2006. On 17 May 2006, the Veterans Affairs Secretary notified the FBI, who began to work with the Montgomery County police to investigate the theft.
Results and Conclusions Issue 1: The VA employee had authorization to access and use the VA databases for performance of official duties. He was not, however, authorized to take it home as he had no official need to have the data at home. The private data was not properly safeguarded. He failed to password protect (at the very minimum) and encrypt it (Opfer, 2006). For this, he receives the highest honors in the idiot category. Issue 2: The response of managers and senior executives regarding the notification of stolen data was inappropriate and not timely. They failed to determine the magnitude of the data loss. There was a failure to notify appropriate law enforcement entities of the potential impact on VA programs and operations (Opfer, 2006). Issue 3: There was a lack of urgency in notifying the Secretary of Veterans Affairs by his

Similar Documents

Premium Essay

Is3350 Unit 1 Assignment 2

...Writing Assignment 2: The Searchers The scene opens with a fade in on a medium shot of Martin in what appears to be a canyon. It isn’t well lit seeing as he is in between the canyon, but he is shown clearly in the shot. He is standing in the center of the frame to the left of a stream of water trickling down from above rocks. He is attempting to fill his container with water. He decides to drink straight from the stream instead. This whole shot lasts about five seconds before cutting to the next shot. This next shot is a 15 second boom shot displaying the clear blue sky and the towering canyon ridges above lowering vertically into a medium long shot of Martin in the center of the frame carefully making his way through the narrow canyon...

Words: 689 - Pages: 3

Free Essay

It Computer

...test√1, Windows Security Features. Chapter 1; Chapter 2. 2, Secure Access Control. Chapter 3. Lab 1; Assignment 1. 3, Windows Encryption. Chapter 4. IS 3340 - Windows Security - ITT Tech Flint Study Resources www.coursehero.com/sitemap/schools/1177-ITT.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security...

Words: 287 - Pages: 2

Premium Essay

Vetrerans Affairs (Va) Case Study

...Mrs. Hubbard IS3350 Security Issues in Legal Content 1/8/2015 Don Delano, Steve Brown Unit 2 Assignment 1 Executive Summary on Veteran’s Affairs and Loss of Private information On May 3, 2006 an analyst took home a laptop and hard drive with personal data that was unencrypted. Another thing was that he had been doing this for the past three years. This was a mistake on the part of the data analyst because the information requires strict protection according to HIPAA act. According to the study he had permission to take the laptop and hard drive home from his supervisor. The information was stolen from his residence which he reported immediately to the local law enforcement and his immediate supervisor. Unfortunately his supervisor did not escalate it in a timely manner which was another mistake made in this situation. Auditors informed the Veterans affairs of the lack of cyber security, the agency took a lackadaisical approach to fixing the problems. The agency waited until May 22, 2006 to inform the people that were affected by the loss of information. If the security measures were in place the loss would have been a lot less. The cost was estimated between 100 million and 500 million. The information should have as a minimum been encrypted allowing protection, and making it harder for someone to retrieve the data off both the laptop and the hard drive. This would allow them the ability to mitigate the loss of data. The Veterans affair needs to implement...

Words: 473 - Pages: 2

Premium Essay

Unit 8 Assignment 1

...IS3350 Unit 8 Assignment 1 To: Verizon Date: 2 February, 2014 Subject: Data Breach Executive Summary Overview Verizon’s 2013 Data Breach Investigations Report (DBIR) provides truly global insights into the nature of data breaches that can help organizations of all sizes to better understand the threat and take the necessary steps to protect themselves. The breadth and depth of data represented in this year’s DBIR is unprecedented. It combines the efforts of 19 global organizations: law enforcement agencies, national incident-reporting entities, research institutions, and a number of private security firms — all working to study and combat data breaches. Analysis With 47,000+ Security incidents analyzed, 621 confirmed data breaches studied, and 19 international contributors, Verizon has ample amounts of data to compile and use to better their network. This data can also be analyzed to see what types of people are making these breaches and what motives they may have for doing so. In the 2013 DBIR, 69% of breaches were spotted by an external party and 76% of the network intrusions were due too weak or stolen passwords. Some of the other factors that have been realized was that 75% of the attacks are opportunistic and 19% of attacks are some form of espionage. There is also much evidence that many of these breaches could be tied to organized crime and gathering financial information. On a very basic level, just looking at the history of organized crime, money has always...

Words: 344 - Pages: 2

Premium Essay

Test

...Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...

Words: 2305 - Pages: 10