Hrm 531 Week 6 Personal Security Plan

Superior Essays
Physical security is one of the most important aspects of maintaining a business, especially when the company is handling large amounts of PII and NPPI. Any company handling sensitive information has to keep in mind all state and federal regulations that the business must adhere to, such as HIPPA and GLBA. Training and education of the employees is just as important to a company’s security plan as implementing safeguards and elaborate equipment. The whole team has to be on board with how important physical security is to the success of the company.
The first thing I noticed about this location it that it is downtown. This indicates that a lot of individuals will have access to the building, as well as data in the building. Furthermore, the location of this building could indicate that it would be more susceptible to other structure fire around that location. In more cases that one, when a fire occurs around closely grouped building other buildings with also catch fire. Something else I noticed about business is that the text mentions all the data being managed is under one central location, this could be problematic. I would suggest that the company invest in a cloud service
…show more content…
At no point in time should any sensitive documentation be left unattended by personnel. Employees should be trained on how to identify PII and NPPI. Along with locking up any hard copies of sensitive documentation employees should always encrypt any sensitive information. All company computer need to be password protected and have a strong password standard of two special characters, two numbers, two capital letters and be at least 14 characters long. The password should be required to be changed every 30 days. Furthermore, the employees must be trained to not share passwords or write them down. The company could choose to use the smart card system mentioned earlier in the text for building access as well as computer

Related Documents

  • Improved Essays

    And how when the employer is put on notice that an employee poses a threat but fails to take steps to insure the safety of third parties. This is why we should not ignore the signs, this would help us in the future. This would also provide more adequate security with reasonable care. With this safety measures would provide more safety to the healthcare setting. This is not only to protect our nurses but also the patients as well.…

    • 1279 Words
    • 6 Pages
    Improved Essays
  • Improved Essays

    The mission statement of the Tennessee Department of Safety and Homeland Security, which is the statement, which is used as a way of communicating the purpose of the organization is as follows: Mission Statement To serve, secure, and protect the people of Tennessee ("Tennessee Department of Safety and Homeland Security Mission Statement," 2014). The Tennessee Department of Safety and Homeland Security currently doesn’t have an official goals or value statement. Employees of the State of Tennessee are expected to act in a manner that will enhance the name, service and general impression of the State in the eyes of the general public. This Code of Conduct provides general rules of conduct based on fundamental ethical principles.…

    • 945 Words
    • 4 Pages
    Improved Essays
  • Great Essays

    Triangle Shirtwaist Fire

    • 1152 Words
    • 5 Pages

    In the March of 1911, one hundred and forty five workers, the majority of which were women, perished in a textile fire due to the neglect of their employer to provide a safe working environment. (“Triangle Shirtwaist Fire”, 2009) This event became known to history as the Triangle Shirtwaist Factory Fire and was the catalyst for many progressive reforms in New York City such as the establishment of the Bureau of Fire Prevention, changing the Municipal Building Code and eventually the overhaul of the state’s labor code. (“Legislative Reform at State and Local Level”, n.d) Our inheritance from these reforms is that we as a society have placed the expectation upon employers to provide and ensure the health and safety of their employees in the workplace and that failing to do so has consequences.…

    • 1152 Words
    • 5 Pages
    Great Essays
  • Improved Essays

    5. Physical Security Devices a) Employee Identification Badges / Smart Cards: The company should provide employees with picture identification badges with a smart chip and magnetic strip. The company will provide unique public-key infrastructure (PKI) certificates on the employee’s smart chip, which will allow user access to the company network. Radio Frequency Identification (RFID) capable cards should not be used. While they are more convenient for access control than swipe cards, an attacker can scan and capture the identification information provided by the RFID chip without having to have any physical contact with the ID card, and use that information to gain access [43].…

    • 617 Words
    • 3 Pages
    Improved Essays
  • Decent Essays

    Hrm/531 Week 3 Year Plan

    • 234 Words
    • 1 Pages

    My plan is to manage my time by trying desperately to read and listen to the attend section Monday of each week. This plan doesn't always work having kids that live a couple of hours away. Our kids are a very important part of our life, so making time to visit them is imperative. This week my plan did not work out.…

    • 234 Words
    • 1 Pages
    Decent Essays
  • Improved Essays

    Case Study 1 AIT 652 Sache Bond Executive summary: Towson University is responsible for complying with both Federal and Maryland state laws. It is essential that all employees are aware that the proper procedures must be followed to ensure that the legal action remains unrevised once the legal hold notice is issued. The legal holds notice will inform all necessary employees of their new profound obligation as an employee. The notice refers you to the policy written on the legal hold notices. The guidance of the legal holds notice supersedes all other retention policy guidelines (Records).…

    • 1033 Words
    • 5 Pages
    Improved Essays
  • Decent Essays

    Nt2580 Unit 7

    • 395 Words
    • 2 Pages

    There is panel control where a unit/equip is available in front of their cameras and other apparels to diagnose and give disposable information about the concern. Most often, this kind of security is to ensure that sensitive areas can only be accessed by authorized persons only, they control the equipment, data, electronic information of the organization from breaching or any other violence. D.B Parker proposed three additional elements for Information Security: Firstly, we have authenticity which accounts on the veracity of the information stored by the control or the website manager. It ensure that the members registered in the organization are who they state to be. We have possession and control, this is the control of the documents and all information saved in a computer or on a chip with encrypted code or information.…

    • 395 Words
    • 2 Pages
    Decent Essays
  • Improved Essays

    After analyzing the current situation of accounting firms, it seems that this organization understands the importance of information security but it is severely lacking. This requires to introduce a user training program to make every employee understands the importance of how they behave themselves every day in protecting the company’s network…

    • 730 Words
    • 3 Pages
    Improved Essays
  • Decent Essays

    Most of the organisation has a system that visitors cannot move around the building without an organisation employee to enter them to the building and escort them out. If the visitors in a wrong place of the building they can be identified to the organisation employee so they will escort them out, otherwise without visitors passes they cannot be identified and they might have a wrong reason of being on that building such as stealing equipment or stealing data, corrupting the system. • Sign in/out systems This security measure can be used within the system to secure and keep the data confidential. The organisation employees each one of them who uses a computer system can have a sign in and sign out system, which is User name and password that they need to enter before the system opened and that will prevent anyone from accessing the system without someone else permission .…

    • 806 Words
    • 4 Pages
    Decent Essays
  • Improved Essays

    * Workplace safety plays a vital role for the organization to ensure that employees are protected. The program we offer assists to provide safety training and education for supervisors, part and full time employees as well as volunteers that contribute to our efforts, ensuring that safety of all members are maintained. * Along with protection, we want to maintain employee satisfaction, motivation, and morale of among all of our…

    • 787 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    Passwords cannot be stored in an easy to find location and should never be shared; not even with family members. • Employees that need to use private equipment and connect to the company network must meet company’s security policy for owned equipment remote access and be aware of the risks of exposing company information and its consequences. • Hosts using company or private computer to connect to CRI internal networks via remote access must be protected by using the most recent and powerful anti-virus…

    • 1019 Words
    • 5 Pages
    Improved Essays
  • Improved Essays

    HGC Case Study

    • 1025 Words
    • 4 Pages

    A1: Business Objective: Healthy Body Wellness Center (HBWC) Office of Grants Giveaway (OGG) business objective is to offer a proficient methodology that promotes improvement in the quality and usefulness of medical grants. HBWC disburses several medical grants through federally supported health research, and implemented the Small Hospital Grant Tracking System (SHGTS) to automate assignment and tracking of the grant disbursement, streamline review of completed evaluation submitted by grant seekers and promote sharing of health information among healthcare professionals. A2: Security Principle The guiding security principle that HBWC should use to meet Federal Information Processing Standards (FIPS) is an ISO 27002 security framework, accompanied…

    • 1025 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    - Employees need to store sensitive information, including protected health information (PHI) on protected network servers only. - Employees need to avoid accidental spills by keeping food and drink away from workstations. - Laptops that contain sensitive information need to be secured by using cable locks or by locking them in drawers or cabinets. - Employees need to comply with the Portable Workstation Encryption…

    • 636 Words
    • 3 Pages
    Improved Essays
  • Decent Essays

    Throughout our Risk Management Plan, we identified three possible risk with uniStuff.com that need to be address to avoid the project to fail. When running our SWOT analysis for the platform functionality and security, we noticed that online payment fraud and cyber security may impose major threats to the success of the project. Further analyzation of the services and legal paperwork, also allowed us to identify risks associated with customer satisfaction and refund policies. Online payment fraud risk presents a major profit loss and online purchasing fraud risk to uniStuff.com as false payment information or non funded payments could be possibly utilized for the transactions, thus threatening the profitability and reputation of the platform.…

    • 367 Words
    • 2 Pages
    Decent Essays
  • Great Essays

    Why Collect HR Data

    • 1110 Words
    • 5 Pages

    Data Protection Act This act applies to all organisations that process data relating to their staff and customers. It is the main legal framework in UK that protects personal data. The act contains 8 data protection principles which are: Personal data should be processed fairly and lawfully, this can be achieved by asking the employees to use their information, on the employment contract.…

    • 1110 Words
    • 5 Pages
    Great Essays