Date post: | 03-Jan-2016 |
Category: |
Documents |
Upload: | raven-parrish |
View: | 18 times |
Download: | 1 times |
Page 1
Keep Your Company Out of the MediaWorkshop
Rachel Verdugo
March 23, 2011
Reno, Nevada
Protect and Control Your Data
Page 2
10 Infamous Companies’ Businessmen of the Decade
Businessmen Who Splattered Their Company in the News and Responsible for Over $300 Billion Dollar Loss to the Companies/Taxpayers
Page 3
10 Infamous Companies’ Businessmen of the Decade
Businessmen Who Splattered Their Company in the News and Responsible for Over $300 Billion Dollar Loss to the Companies/Taxpayers
Page 4
Overview
Scenarios – Workshop“The Good”– Policies and procedures are in place“The Bad” – Not following policies or procedures“The Ugly” – Caught not following policies or procedures
Scenario ObjectivesExamples on “The Ugly” with real companies that were in the media
The Good, The Bad, and The Ugly
Page 5
Scenarios - Workshop
Scenarios are real examples that have occurred from various companies
Three Scenarios:1. Scenario I: Personnel Identification Information2. Scenario II: Location of Important Data3. Scenario III: Data comprise
Scenarios provide a problem solving opportunity to identifying best practices around effective records management and facilitate compliance:
Retention Policies and Procedures Index Access control and Security Disposal Audit and Accountability Training
Each group will be able to develop a solution from their own work experience and group collaboration
Real situations that can get you in the MEDIA
Page 6
Work Shop – Scenario Objectives
We will break-out into groups:Each group is given a scenario and will have 55 minutes to work on the questions and to create a go forward plan
Each group will have 25 minutes to share results of each scenario
Summarize results from the scenarios I, II, and III from each group
Workshop is to share and collaborate on lessons learned
Leverage ideas and share experiences
Page 7
Scenario I – Personnel Identification Information
Hawaii U Posted Private Info of 40,000 Students Online – October 2010Security breach occurred when a faculty member was working on a unsecure serverPII was available for nearly a year before it was discoveredUniversity notified students of the breach and warned them on identify fraud
IBM Loses Tapes with Employee Data – May 2007Tapes with employees PII fell out of vehicle when being transferred to another locationIBM notified employees of the loss of data and warned them on identify fraudIBM offered affected employees a year of credit-monitoring services
Facebook Privacy Breach – October 2010Transmitting members information PII to advertising companies and internet tracking companiesAffected over 10 million membersCompany will introduce new technology to contain the problem
Page 8
Scenario II – Location of Important Data
Massive TSA Security Breach As Agency Gives Away Its Secrets – December 2009TSA inadvertently posted online airport screening procedures manualIncluded closely guarded secrets regarding special rules for diplomats, CIA, and law enforcement officersTSA spokesperson says the document was outdated and improperly posted to the Federal Business Opportunities website; redacted material not properly protected
Sharron Watkins eMail to Enron Chairman Kenneth Lay – June 2002Five page detailed e-mail on the issues/wrong-doings at Enron E-mail released to the public
Litigation Preparedness: Can You Reach Your Data?Defendant argued e-mails archived on the company’s cumbersome old system were not reasonably accessible under the Federal RulesCourt disagreed, holding the plaintiff should not be disadvantaged since the defendant, a sophisticated company, chose not to migrate the e-mails to the now-functional archival system
Starbucks Corp V. ADT Security Services – April 2009
Page 9
Scenario III – Data Compromise
Former employee of United Way in Miami was sentenced to 18 months in jail and fined $50,000 for (December 2009):
Accessing his former employer’s network Deleting files from the servers
The statistics from Ponemon Institute – December 2009 Four in 10 employees admit to having taken sensitive data One third said they would share sensitive data with friends or family in order to help them get a new jobNearly half said they would steal data if they were dismissed tomorrow from their job
Aerospace giant fired its CFO, Mike Sears, for reportedly improper chats with a top Air Force Missile buyer - December 2003
Sears talked with a former Air Force official about future employment before the official had disqualified herself from working on matters involving the aerospace giant
Page 10
Questions?