Network & Data Security
As companies grow so does the need for larger networks and easier
accessibility to those networks. With technology advancing network
administrators are struggling to stay on top of the increasing potential
of network & data security threats.
As part of an investigation and security services, utilizing the latest
technology and forensic techniques, our team through the course of
an investigation will:
- Obtain information and data as evidence for future legal proceedings
- Perform analysis of individual computers and networks
- Track and identify movements on individuals on the network
- Identify inappropriate use of internet and e-mail
- Identify improper usage of company time and recourses
- Establish and recover any lost or stolen data or (IP) intellectual
property
Here in Canada and British Columbia the government has passed legislation
called The Personal Information Protection and Electronic Documents
Act or PIPEDA. This new legislation legally puts the owns on companies
to make sure they are adhering to the law with respect to keeping
all their information safe and secure. This could mean that if someone
was to HACK a company’s network and obtain information about
employees or sensitive credit and personal information about their
clients and vendors, the consequences from the privacy commissionaire
or the company’s clients or vendors and employees could be severe
and costly. The lost of trust coupled with the potential of public
exposure would bring even further damage to the companies reputation
and future.
Below is an example of the PRINCIPLES SET OUT IN THE NATIONAL STANDARD
OF CANADA ENTITLED MODEL CODE FOR THE PROTECTION OF PERSONAL INFORMATION,
CAN/CSA-Q830-96” that all companies will be held accountable.
At Cox & Cote Investigations we assist companies from a security
perspective while establishing and ensuring the requirements are adhered
to and that the appropriate people are in place to maintain the network
and data security.
PRINCIPLES SET OUT IN THE NATIONAL STANDARD OF CANADA ENTITLED MODEL
CODE FOR THE PROTECTION OF PERSONAL INFORMATION, CAN/CSA-Q830-96
4.1 Principle 1 - Accountability
An organization is responsible for personal information under its
control and shall designate an individual or individuals who are accountable
for the organization's compliance with the following principles.
4.1.1
Accountability for the organization's compliance with the principles
rests with the designated individual(s), even though other individuals
within the organization may be responsible for the day-to-day collection
and processing of personal information. In addition, other individuals
within the organization may be delegated to act on behalf of the designated
individual(s).
4.1.2
The identity of the individual(s) designated by the organization to
oversee the organization's compliance with the principles shall be
made known upon request.
4.1.3
An organization is responsible for personal information in its possession
or custody, including information that has been transferred to a third
party for processing. The organization shall use contractual or other
means to provide a comparable level of protection while the information
is being processed by a third party.
4.1.4
Organizations shall implement policies and practices to give effect
to the principles, including
(a) implementing procedures to protect personal information;
(b) establishing procedures to receive and respond to complaints and
inquiries;
(c) training staff and communicating to staff information about the
organization's policies and practices; and
(d) developing information to explain the organization's policies
and procedures. |
|
For more information about our Network & Data Security, please
contact:
info@ccinvestigations.ca
or Call: 604-681-0277 |
