I need support with this Computer Science question so I can learn better.
Main Que:As the IoT (Internet of Things) grows, and users access corporate data with personal devices, companies are stuck balancing the ethical line between security with privacy. In regards to MDM systems and BYOD policies, answer the following questions:
- Is it OK to read employees’ e-mail as a security measure to ensure that sensitive company information isn’t being disclosed?
- Should you have access to those emails and files on a personal device that is accessing the company data via a 3rd party app (i.e. Outlook Mobile, or iOS default mail program)?
- If you do read employees’ e-mail, should you disclose that policy to them? Before or after the fact?
- Is it OK to read the documents and look at the graphics files that are stored on users’ computers or in their directories on the file server? On their mobile device?
provide replies to below 2 discussions in each 150 words.
1. Is it OK to read employees’ e-mail as a security measure to ensure that sensitive company information isn’t being disclosed?
Indeed, It’s perfectly fine to read messages as a safety effort to guarantee that sensitive data isn’t being revealed. When you are managing secret data and information the organization or the employee have the total right to monitor messages as a safety effort to ensure no information is being spilled. For this very reason in most insurance agencies, banks, Government workplaces messages are constantly checked. System engineers pre characterize few catchphrases to ensure an organization’s data isn’t unveiled. In few cases as a standard security practice screens read them physically aswell.
2. Should you have access to those emails and files on a personal device that is accessing the company data via a 3rd party app (i.e. Outlook Mobile, or iOS default mail program)?
No, organizations should ensure that all representatives were given office workstations, telephones or some other machines relying upon the prerequisites and ensure that any kind of organizations content, media , information can be gotten to through those approved machines that are associated through approved systems only.This will help the organization screens to keep up a log of inbound and outbound records from these machines.
3. If you do read employees’ e-mail, should you disclose that policy to them? Before or after the fact?
Standard practice is to inform another joinee about the organization’s strategies one among them being the privilege to peruse any messages recieved or sent by representative from organizations machines/systems
4. Is it OK to read the documents and look at the graphics files that are stored on users’ computers or in their directories on the file server? On their mobile device?
Contingent upon the degree of seriousness an organization is managing, it is a few times alright to screen realistic documents. For whatever length of time that the records are put away on organizations machines and in the event that they are never conveyed of system, at that point it isn’t expected to screen those documents. However, in the event that these documents are duplicated from organizations machines or moved out of system it is a decent practice to screen them.Since the organizations will reveal about their approaches to workers about secrecy, they will reserve the option to screen those records.
Now a day with the technology growing and with the internet of things it is important to have security over those devices. As those will be kept on listening and tracking the data we need to be careful with the privacy and the security while using those devices.
The Other most important problem for the organizations these days are also due to the BYOD and the Internet of things. As the employees these days working remotely from home. When they are working from home they are connected to their home network through which they access the organization websites and task to which the same IoT devices are connected. These devices lack the security and through which there might be a chance of getting vulnerable injected into the company system.
Even with BYOD (Bring Your Own Devices) these days most of the employees are using their own devices for the work and as well as personal use. There are a lot of chances getting hacked so there needs to be some security involved like using the virtual private network to connect to the organization network and work without connecting to the VPN not allowed to access the websites or the organization data would help the systems without having the cyber-attacks. Company data should be accessed from personal devices directly mostly it should have a firewall where those can be connected using the Secure VPN to access that data.
Yes, there needs to be tracking on the employee’s email and other for security reasons there needs to be monitoring whether they are stealing the data or not we need to have continued monitoring on the systems. Even the employee’s need to be aware that their systems will be monitored.
Even accessing the files through mobile is also needs to be restricted and it should be accessed only by the particular people who are needed and these needs to be accessed by the office mobile