...Executive Summary on Veteran’s Affairs (VA) and Loss of Private Information IS3350 Unit 2 Assignment 1: Executive Summary on Veteran’s Affairs (VA) and Loss of Private Information Background On 3 May 2006, a Department of Veterans Affairs (VA) laptop was stolen from a VA data analyst’s home in Montgomery County, Maryland. In addition to the laptop, a personal external hard drive was stolen. The external hard drive contained the personal data (names, social security numbers, dates of birth, disability ratings) for 26.5 million veterans and their spouses. It should be noted that the massive data theft was only one of many that had been discovered over the course of 1.5 years. Upon discovery of the theft, the VA employee immediately notified the local police and his supervisors. His supervisors did not notify the Veterans Affairs Secretary until 16 May 2006. On 17 May 2006, the Veterans Affairs Secretary notified the FBI, who began to work with the Montgomery County police to investigate the theft. Results and Conclusions Issue 1: The VA employee had authorization to access and use the VA databases for performance of official duties. He was not, however, authorized to take it home as he had no official need to have the data at home. The private data was not properly safeguarded. He failed to password protect (at the very minimum) and encrypt it (Opfer, 2006). For this, he receives the highest honors in the idiot category. Issue 2: The response of managers...
Words: 796 - Pages: 4
...This supplement is a record of my actions in this investigation. On November 4, 2015, I was assigned this case to follow up. This investigation involves Mr. William Coleman Towers a fifteen year old T.C. Williams High School student. On October 31, 2015, Mr. Towers left home and was located by Baltimore and turned over to his mother. I contacted the Court Services Unit and spoke to Mr. Don Earlington who reported no prior contact with the Juvenile. On November 5, 2015, I attempted to reach Mrs. Summer Blake (mother) but her voicemail was full and her telephone was not taking any incoming calls. I responded to 309 Jefferson Street and attempted to make contact, but there was no response at the residence. I called Mr. William A. Towers (father) and arranged to meet with his son On November 6, 2015. He agreed to bring his son by 3600 Wheeler Ave prior to his meeting at T.C. Williams High School counselor. On November 6, 2015, at approximately 0730 hours, I received a call from the front desk advising me the Towers family was here to see me. I responded to the front lobby and asked permission from William A. Towers to speak to his son. I was granted permission in person...
Words: 511 - Pages: 3
...Assignment 1 Bioanalytical Technolog. & Instrument. BIOL-312 Cleio Georgiou 1. What properties determine the sedimentation rate of a particle? The rate of sedimentation of a particle is determined by the size and the density of the particle and the viscosity of the medium. In addition the gravitational force and the speed of rotation affect the sedimentation. 2. Define the terms homogenate and supernatant Homogenate is the material that is obtained after homogenization .It is homogenous tissue which is made by grinding the cells and it is used for laboratory purposes. The homogenate most of the times lacks cellular structures and it is just a suspension of cell fragments and constituents. Supernatant is usually a clear liquid layer that...
Words: 2002 - Pages: 9
...Goal 1: Kimora will stabilize her mood and maintain her safety. Kimora appeared sleepy when the QP met with her for a session and stated that she was doing assignments and falling asleep. Kimora listened as the QP shared the purpose of having problem solving skills. Kimora reflected on the goals that will be accomplish in this lesson. Kimora shared, "One of my problems is that I feel like I am in hole." Kimora commented, "I feel like everyone's expectations of me is to high then I try to meet the expectations and when I don't I hide in the hole." Kimora acknowledged, "I feel like I am apart of the walking dead and the end is coming." Kimora agreed that her perception of things is different versus the way other people see things then the QP...
Words: 539 - Pages: 3
...Larry Brown IS3350 Unit 9 Assignment 1 24 May 2914 Risk Mitigantion The most effective risk management practices used by project management in the public and private sectors. The methods described here are appropriate for public- and private-sector project owners’ representatives, including senior managers, program managers, project directors, and project managers. The primary objective of this report is to provide DOE project directors with a basic understanding of both the risk management role of an owner’s representative member of a project management team and the knowledge needed for effective oversight of risk management activities that are delegated to contractors. The report also discusses the roles and responsibilities of senior managers and program managers in developing risk consciousness among all owner, contractor, and supplier personnel by educating them about the importance of explicit consideration of risks and the implementation of an effective risk management process. This document is not intended as a rigid process to be followed for all projects but as a guide for all project stakeholders to ensure that project risks are adequately addressed. Identification and analysis of project risks are required for effective risk management. One cannot manage risks if one does not characterize them to know what they are, how likely they are, and what their impact might be. But project risk management is not limited to the identification and aggregation of...
Words: 310 - Pages: 2
...Jesse Martinez IS3350 Unit 4 Assignment 1 Unit 4 Assignment 1 The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was created to develop some type of regulations protecting the privacy and security of certain health information which shouldn’t be accessible to others. The U.S. Department of Health and Human Services (HHS) is responsible for HIPAA compliance within the Privacy Rule as well as the Security Rule. The Privacy Rule develops national standards for protecting certain health information while the Security Rule establishes a national set of security standards for protecting certain health information that is held or transferred in electronic form. One of the specific sections of the form that need critical attention while filing the complaint is having your complaint filed in writing, either on paper or electronically to have records of the complaint. You are also required to name the covered entity involved in your complaint while reviewing whichever requirements being violated in the Privacy and/or Security Rule. It also requires the complaint being filed within 180 days of when you knew that the act or omission happened. OCR may extend the 180-day period if you have good reason for the extension. HIPAA also prohibits retaliation. This means that anything under HIPAA cannot retaliate against you for complaining. If any retaliation activity occurs, you are required to immediately get ahold of OCR. Finally, you submit your complaint through...
Words: 331 - Pages: 2
...Mrs. Hubbard IS3350 Security Issues in Legal Content 1/8/2015 Don Delano, Steve Brown Unit 2 Assignment 1 Executive Summary on Veteran’s Affairs and Loss of Private information On May 3, 2006 an analyst took home a laptop and hard drive with personal data that was unencrypted. Another thing was that he had been doing this for the past three years. This was a mistake on the part of the data analyst because the information requires strict protection according to HIPAA act. According to the study he had permission to take the laptop and hard drive home from his supervisor. The information was stolen from his residence which he reported immediately to the local law enforcement and his immediate supervisor. Unfortunately his supervisor did not escalate it in a timely manner which was another mistake made in this situation. Auditors informed the Veterans affairs of the lack of cyber security, the agency took a lackadaisical approach to fixing the problems. The agency waited until May 22, 2006 to inform the people that were affected by the loss of information. If the security measures were in place the loss would have been a lot less. The cost was estimated between 100 million and 500 million. The information should have as a minimum been encrypted allowing protection, and making it harder for someone to retrieve the data off both the laptop and the hard drive. This would allow them the ability to mitigate the loss of data. The Veterans affair needs to implement...
Words: 473 - Pages: 2
...test√1, Windows Security Features. Chapter 1; Chapter 2. 2, Secure Access Control. Chapter 3. Lab 1; Assignment 1. 3, Windows Encryption. Chapter 4. IS 3340 - Windows Security - ITT Tech Flint Study Resources www.coursehero.com/sitemap/schools/1177-ITT.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security...
Words: 287 - Pages: 2
...IS3350 Unit 8 Assignment 1 To: Verizon Date: 2 February, 2014 Subject: Data Breach Executive Summary Overview Verizon’s 2013 Data Breach Investigations Report (DBIR) provides truly global insights into the nature of data breaches that can help organizations of all sizes to better understand the threat and take the necessary steps to protect themselves. The breadth and depth of data represented in this year’s DBIR is unprecedented. It combines the efforts of 19 global organizations: law enforcement agencies, national incident-reporting entities, research institutions, and a number of private security firms — all working to study and combat data breaches. Analysis With 47,000+ Security incidents analyzed, 621 confirmed data breaches studied, and 19 international contributors, Verizon has ample amounts of data to compile and use to better their network. This data can also be analyzed to see what types of people are making these breaches and what motives they may have for doing so. In the 2013 DBIR, 69% of breaches were spotted by an external party and 76% of the network intrusions were due too weak or stolen passwords. Some of the other factors that have been realized was that 75% of the attacks are opportunistic and 19% of attacks are some form of espionage. There is also much evidence that many of these breaches could be tied to organized crime and gathering financial information. On a very basic level, just looking at the history of organized crime, money has always...
Words: 344 - Pages: 2
...IS3350 Unit 3 Assignment 1 Fourth Amendment The Fourth Amendment of the United States Constitution requires that no search or seizure shall be carried out unless a warrant has been issued. While that is a wonderful right to give to citizens, in reality, it is not always possible. Over the years the Supreme Court of the United States has come to that same realization and has provided several exceptions to the warrant requirement. Those exceptions are: searches with consent, frisks, plain feel/plain view, incident to arrest, automobile exceptions, exigent circumstances and open fields, abandoned property and public place exceptions. Under the searches with consent exception, individuals, "with the authority to do so," can consent to be searched without a warrant and, likewise, can revoke that right at any time. In order for an individual to be searched, he or she must give consent. "Consent to search any property must be given by the actual owner or, by a person in charge of that property". If, for instance, more than one person owns a property, only one of those individuals must give consent. Because automobiles are mobile, it is reasonable to assume that they would qualify as an exception to the warrant clause of the Fourth Amendment. Under this particular exception, an automobile may be search "if a government agent has probable cause to believe the vehicle contains contraband or evidence of a crime without a warrant" because "in the time it would take to get a warrant...
Words: 370 - Pages: 2
...Unit 9 Lab Recommend IT Security Policies to Help Mitigate Risk IS3350 1. Which IT assets did you prioritize as critical to administrative or student computing? I prioritize the file servers and the teachers’ notebook as critical to administrative and student computing. 2. List your top five (5) risk exposures for which you believe this school should have specific risk mitigation strategies. - No firewall - Unauthorized access to school computers - Open connections on the WLAN. - The principals traveling notebook can carry a virus - wireless access security 3. Given the potential risks that you identified, what IT security policies would you recommend be created by the school to help mitigate each of the identified risk exposures you listed in #above? I would say create an AUP and a policy that implements the encryption of the file servers. First and foremost a comprehensive security policy that takes into consideration the variables and factors at the school. This includes students, teachers, physical access, layout of the school and property, security measures as defined by FERPA, HIPAA, etc. A password policy needs to be in place that stresses complexity, minimum length (recommendations) and recycling or expiring passwords. This could be accomplished with a minimum length of 8 characters, one being a capital letter, one being a number, and one being a special character. Physical security should be setup in a way that there are locked...
Words: 350 - Pages: 2
...Unit 3 Assignment 1: Fourth Amendment IS3350 The United States Constitution affords all people certain rights. The Fifth Amendment states that we have the right against self-incrimination. The Fourth Amendment protects us from unreasonable search or seizure. People have the right to confront witnesses and accusers. Nothing can change these rights unless the U.S. constitutions was rewritten and that is not likely to happen. This paper will be examine the Fourth Amendment, learning the requirements for obtaining a search warrant, defining probable cause, describing when search and seizure does not require a warrant. We will also explain the rationale for allowing warrantless searches, examine the persuasiveness of these reasons, and determine if probable cause is always necessary to conduct a search. Fourth Amendment Search and Seizure: The Fourth Amendment guarantees “the right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches or seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized” . This means the police cannot just barge into a home without proper authority and a judge, magistrate, or the Supreme Court orders reasons for the purpose of a search warrant. A judge may issue a search warrant if the agency requesting the warrant has shown by an affidavit that probable...
Words: 914 - Pages: 4
...Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 NT1210 Structure and Introduction to ComputerLogic Networking IS3120 IS3110 NT1210 Network Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...
Words: 2305 - Pages: 10
