Managing Information Resources: Ensuring Data Security

Case Studies | Case Study in Business, Management, Operations, Strategies Case Studies

ICMR HOME | Case Studies Collection

Case Details:

Case Code : ITSY057
Case Length : 13 Pages
Period : 2002-2007
Pub Date : 2007
Teaching Note :Not Available
Organization : -
Industry : Miscellaneous
Countries : Global

To download Managing Information Resources: Ensuring Data Security case study (Case Code: ITSY057) click on the button below, and select the case from the list of available cases:

Price:
For delivery in electronic format: Rs. 300;
For delivery through courier (within India): Rs. 300 + Rs. 25 for Shipping & Handling Charges

» IT & Systems Case Studies Collection
» IT and Systems Short Case Studies
» View Detailed Pricing Info
» How To Order This Case
» Business Case Studies
» Case Studies by Area
» Case Studies by Industry
» Case Studies by Company

Custom Search

Please note:

This case study was compiled from published sources, and is intended to be used as a basis for class discussion. It is not intended to illustrate either effective or ineffective handling of a management situation. Nor is it a primary information source.

<< Previous

Excerpts Contd...

A Serious Threat or Just Hype?

While the debate continued on the dangers of pod slurping, there were some who argued that it was more of hype than a real threat. Though there was every possibility of the data getting stolen and used for malicious purposes, some experts opined that the threat had been over-publicized in the media. Vladimir Chrenavsky (Chrenavsky), CEO of Advanced Force, a maker of security software, remarked that the threat was "overblown"...

Mitigating the Threat

As the debate continued on the potential threats posed by pod slurping, many companies looked to identify and implement steps to mitigate the risk of data theft. It was relatively easy for the companies to check the threat of data theft by people from outside the organization. Proper checks could be enforced when a non-employee entered the organization, and they could prevent the visitor from carrying any electronic equipment. However, the real problem arose when the companies had to deal with their own employees.

Security experts suggested various measures to control the theft of data by insiders. Usher suggested two main methods to prevent data theft.

First, policy-based security measures where the employees were restricted from bringing any electronic devices to their place of work and ensuring strict physical measures that prevented intruders from gaining access to the information. Second, technological measures like disabling the USBs on the network, encrypting the data, using third party software to protect the data, not allowing data other than what was connected to the network to be stored on the individual computers of employees, like salespersons, etc...

Outlook

As the companies initiated steps to tackle data theft, the costs pertaining to these in the IT budgets of organizations were adding up. Companies had to bear the costs if they wanted to win the confidence of their stakeholders.

At a time when all the companies (mostly banks and governments) were encouraging the customers to transact online, a considerable amount of confidential customer data was stored in the company's database; and there could not be any question of complacency on the part of the organizations in safeguarding this data...

Exhibits

Exhibit I: A Note on Data Theft
Exhibit II: Some Instances of Data Thefts

Marketing Financial Products
ICMR Textbooks Collection

Case Studies in Finance Volume-IV

Case Volumes Collection

Case Studies in Finance Vol III

Case Study Volumes Collection

Business Environment	Business Ethics	Business Reports	Business Strategy
Corporate Governance	Economics	Enterprise Risk Management	Finance
HRM	Innovation	Insurance	IT and Systems
Leadership and Entrepreneurship	Marketing	Miscellaneous	Operations
Project Management	Short Case Studies	Cases in other Languages	Free Case Studies