Egos a catalogue sales company
This Company which has 50 users and allows all these users to access to their customers personal details which includes name/address and bank details.
This company allows all their staff to do everything they want on their computers with out protecting their own customer personal details so this company breaks one of the main laws which are data protection Law.
Also all these staff are able to see the customer details.
In this assignment part i am going to explain to you, what bad things this company does, what can happen to them and what they should do.
This company allows their staff to access to the network with out having the log in details such as password and user name , so every time the staff is accessing to the network they are able to see all the customer details and the customer purchases .
The internet in this company is also unrestricted and the company’s computers do not have any ant-virus software’s installed so their computers aren't protected from the viruses and other malware.
Also the companies are able to access to the face book, twitter, YouTube etc and share the customer details with their friends and other strangers because the company’s internet is unrestricted so the staff can access to all website pages and share the personal details.
If the company would not allow their staff to access to the other website pages, the staff would not waste their time and would do more jobs at work. My main Suggestion to this company is to restrict their internet so their customer details and their time would be saved, i would also advice this company to install the anti-virus software which will help to protect their computers there is a lot of different anti-virus software’s available for the computers.
Also the other problem is all the staff have permission to remove and install all different types of softwares even if they don't have enough knowledge about the software which they are about to install and remove, the company doesn't have any restrictions at all and this is the main problem.
I would suggest to this company is to restrict and do to allow their staff to do everything they want on the computers, i think the company should only allow to install and remove the software to those people who has experience / knowledge with the computing for e.g. the people like who is ICT technician which knows their job better .
Also as i know this company only back up their data once a month and this is not really good idea as for the companies they should back up their data at least once a day. Their data could easily get deleted or lost if their data is not back up every single day so they can lose important data .
I would suggest this company to back up their data more often to the suitable devices such as CD-DVD disc, USB etc. because if something happens to their computer system which can damage the files , their data can be lost if it's not back up.
This company also keeps their data in the plastic box which is really unsafe, I would recommend to keep their data not in the plastic box but in the separate rooms and containers. Because keeping the data in the plastic box can be cause some damages such as the data can become overheated, melt the plastic box and cause the damages to the data tapes. The company should not put data into the plastic box so i would suggest to keep the data safe somewhere like in the secure container, safe.
The company also keeps their customer details and records in the database in their systems, they have details such as bank details, customer addresses and names , purchases history etc. this information is very important and needs to be protected because as i know this company allows their staff to access to all their customer details and records. this company breaks the law which is are Data Protection act. which was set to protect the personal details .
The data protection act was set on 1984 but was updated on 1998 which creates a register for people and companies which have to process data. These organizations do fallow 8 principles when handling the personal data . The eight principles do says that the personal data should be maintained and processed lawfully & fairly. The data is allowed to be used for what the user has said what he/she is going to use for.
As i know this companies staff is able to share the customer personal details with their friends, family and strangers through the phone and through the other services. I think these staff should be fired from the company, and the company by it self should face the court and be fined for what they are doing.
The company also do not have the firewall on, so their network has further security problems that need to be checked. also the other problems are no restriction of the internet access, no monitoring of the downloading ( all staff is allowed to download anything they want ) by allowing staff to download anything they want , the staff can even download files which can be scam and contain malware such as bugs & viruses. I would recommend to this company to get someone who is like ICT technician and which will check and set up the internet restrictions, install/ remove the software safely and install correctly the anti-virus software which will protect their computers and other files
The company also do not have any locks and keypads being install inside their doors, so their working rooms and offices aren't protected and everyone can enter to their working rooms and offices and access to the computers . I would suggest the company to install the Key pads and locks so not everyone would be able to enter to the office/working room because they do really need to have that installed inside their doors.
I would suggest them to install the key pads, and give only the key cards to their staff who works in the same company. Only give one key card to each staff unless they will lose the key card and will need a replacement.
No comments:
Post a Comment