Homework Sourse Homework Sourse

Write a security plan for att to prevent incidents like the

Write a security plan for at&t to prevent incidents like the at&t call center data breaches that have happened recently.

AT&T call center data breach : http://www.pcworld.com/article/2907672/atandt-call-centers-sold-mobile-customer-information-to-criminals.html

Solution

1. First of all read the article carefully about and make your observations as below

AT&T call centers sold mobile customer information to criminals

Employees misused the data

Location was call centres

Breach happened at AT&T web-site

info included name, SSN, call history

Duration was a few months

Data breach avoidance plan

-The call centres should be secured with security access cards and recording of In/Out so that only authorised people enter the premises and their movements are logged in. This should be centrally monitored on-line as call centres may be located anywhere globally.

-Employees should not be allowed to bring their own devices unless strict policies are defined.

-Data access to employees/call centre contractors should be clearly defined. Only the relevant views of information should be provided as needed

-Data at rest should be encrypted. Database, Files and folders and the backups should be all encrypted

-Logs should be maintained about the activities that are carrier out e.g. Data updates, copy, print

-Copying of the files should be restricted

-Transmission of files over the network should be controlled with the policies

-USB ports and other external devices where data can be copied should not be allowed to the call centre employees

-Print function should be restricted

-Data should be categorized as public, private, confidential and access should be given accordingly. Employees should be aware of laws and regulations that govern data security.

-Audit should be conducted regularly.

-Data transfer should be done with encryption e.g. Using public/private keys.

-Firewalls and network segmentation should be implemented to avoid unauthorised access.

-Strong passwords should be used and they must be changed at regular intervals.

-Provide virtual keyboard on the web-site.

-Data breach response plan should be defined as well.

Write a security plan for at&t to prevent incidents like the at&t call center data breaches that have happened recently. AT&T call center data breac

Get Help Now

Submit a Take Down Notice
Tutor
Tutor: Dr Jack
Most rated tutor on our site