MGT2230: Customer Security and Data Privacy Report - University Name
VerifiedAdded on 2022/08/13
|11
|2511
|20
Report
AI Summary
This report delves into the critical aspects of customer security and data privacy in the digital age. It begins with an executive summary emphasizing the importance of trust in customer relationships, particularly in online environments, and the need for robust data protection. The report examines Canadian legislation, including CASL and PIPEDA, which are designed to protect businesses and consumers from fraudulent activities and data breaches. It further explores the practices of Canadian North, highlighting their data security measures, and the legal requirements such as CCPA and GDPR, which necessitate customer consent and data protection. The report also discusses the need for CIAM state-of-art security and digital identity security assurance, providing recommendations such as endpoint protection, cloud computing, and data encryption. A sample policy and procedures section is included, emphasizing encryption, strong passwords, and regular software updates. The conclusion underscores the necessity of building customer trust through data security and privacy, particularly in light of increasing cyber threats. Finally, the report provides comprehensive recommendations for enhancing customer data protection within organizations.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: Customer Security and Data Privacy
CUSTOMER SECURITY AND DATA PRIVACY
Name of the Student
Name of the University
Authors Note
CUSTOMER SECURITY AND DATA PRIVACY
Name of the Student
Name of the University
Authors Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
Customer Security and Data Privacy
Executive summary
In this era, customers can be retained and converted toward the company through a trust. When a
particular customer trust a company, they will avail the services or goods provided by them. The
customer will become a loyal customer and might recommend it to a friend. When it comes to
purchasing online, trust is an essential concept to maintain customer relationships. In an online
market platform, it is complicated to build a sense of confidence to customers as the customer
need to be protected from the frequency of fraudulent companies, theft identity and online scams
and many more. This report aims at emphasizing the security of customer data and maintaining
privacy. To establish a balance between the information collected and an individual's right to
privacy the privacy laws are developed and enacted in most of the countries. Varied
governmental organizations and agencies which are accountable for monitoring compliances
with such laws. Data is very crucial, and safety of data and its privacy is vital to protect the
sensitive information and maintain the confidentiality of client data.
Customer Security and Data Privacy
Executive summary
In this era, customers can be retained and converted toward the company through a trust. When a
particular customer trust a company, they will avail the services or goods provided by them. The
customer will become a loyal customer and might recommend it to a friend. When it comes to
purchasing online, trust is an essential concept to maintain customer relationships. In an online
market platform, it is complicated to build a sense of confidence to customers as the customer
need to be protected from the frequency of fraudulent companies, theft identity and online scams
and many more. This report aims at emphasizing the security of customer data and maintaining
privacy. To establish a balance between the information collected and an individual's right to
privacy the privacy laws are developed and enacted in most of the countries. Varied
governmental organizations and agencies which are accountable for monitoring compliances
with such laws. Data is very crucial, and safety of data and its privacy is vital to protect the
sensitive information and maintain the confidentiality of client data.
2
Customer Security and Data Privacy
Table of Contents
Secondary Research Findings..........................................................................................................3
Canada's Anti-Spam Legislation......................................................................................................3
PIPEDA...........................................................................................................................................3
Canadian North................................................................................................................................4
Legal Requirements and trust..........................................................................................................5
A requirement for CIAM State-of-Art.........................................................................................6
Digital Identity Security Assurance.............................................................................................6
Recommendations and Implementations.........................................................................................7
Sample policy and procedures.........................................................................................................8
Conclusion.......................................................................................................................................8
Reference.......................................................................................................................................10
Customer Security and Data Privacy
Table of Contents
Secondary Research Findings..........................................................................................................3
Canada's Anti-Spam Legislation......................................................................................................3
PIPEDA...........................................................................................................................................3
Canadian North................................................................................................................................4
Legal Requirements and trust..........................................................................................................5
A requirement for CIAM State-of-Art.........................................................................................6
Digital Identity Security Assurance.............................................................................................6
Recommendations and Implementations.........................................................................................7
Sample policy and procedures.........................................................................................................8
Conclusion.......................................................................................................................................8
Reference.......................................................................................................................................10
3
Customer Security and Data Privacy
Secondary Research Findings
Canada's Anti-Spam Legislation
Spam is a social and economic burden worldwide. Spam is referred to as an unauthorized
alteration of transmitting of data. Canada's anti-spam legislation (CASL) helps in protecting the
business and consumer from the fraudulent of technology which includes spams and another risk
of electronic threat. It helps a business house to sustain in a competitive digital world. CSAL
aims in focusing on commercial electronic messages, which enhances the participation of
commercial activity might be an expectation of profit. In 2014, it was generated to reinforce the
best practice in combat spams, electronic mail marketing and another such related issue. The
issues including the phishing and spreading of hostile software like Trojans, malware and the
theft identity. The legislation actively enabled to share information and enhanced its operation
worldwide.
PIPEDA
In early 2000, Protection of data is has been enacted as long data forefront protection
with Personal Information Protection and Electronic Document Act (PIPEDA). This is only
applied to collection or disclosure of personal information related to the commercial events.
Business like telecommunication, banks and airlines comer under PIPEDA (Masala & Grosso,
2018). It does not apply to any federal department of the government, non-profit organizations as
well as any educational institute under it. Under it, the fir is accountable for the personal
information of the client. It ensures the purpose for which the data is being collected, an
individual's consent is required for collection disclosures or use of the information. The personal
details are safeguarded and protected through the appropriate security against theft or loss of
Customer Security and Data Privacy
Secondary Research Findings
Canada's Anti-Spam Legislation
Spam is a social and economic burden worldwide. Spam is referred to as an unauthorized
alteration of transmitting of data. Canada's anti-spam legislation (CASL) helps in protecting the
business and consumer from the fraudulent of technology which includes spams and another risk
of electronic threat. It helps a business house to sustain in a competitive digital world. CSAL
aims in focusing on commercial electronic messages, which enhances the participation of
commercial activity might be an expectation of profit. In 2014, it was generated to reinforce the
best practice in combat spams, electronic mail marketing and another such related issue. The
issues including the phishing and spreading of hostile software like Trojans, malware and the
theft identity. The legislation actively enabled to share information and enhanced its operation
worldwide.
PIPEDA
In early 2000, Protection of data is has been enacted as long data forefront protection
with Personal Information Protection and Electronic Document Act (PIPEDA). This is only
applied to collection or disclosure of personal information related to the commercial events.
Business like telecommunication, banks and airlines comer under PIPEDA (Masala & Grosso,
2018). It does not apply to any federal department of the government, non-profit organizations as
well as any educational institute under it. Under it, the fir is accountable for the personal
information of the client. It ensures the purpose for which the data is being collected, an
individual's consent is required for collection disclosures or use of the information. The personal
details are safeguarded and protected through the appropriate security against theft or loss of
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
Customer Security and Data Privacy
detailed information. PIPEDA ensures to protect customers personal data like any subjective
information, in which an identifiable customer is recorded. It builds the trust of customers;
hence customers alike keeping secure their data with PIPEDA.
Canadian North
Canadian North gather the customer's personal information by using mobile apps,
websites and automatically stores the file in the logbook the data might include internet service
provider, internet protocol, browser type and many more (Zhang et.al.2018) . The Canadian
North ensures that the customers' personal information is safeguarded and kept strictly
confidential that is implemented by technical security, organizational security. The measures are
designed to help and protect the security of any customer's personal information. This include
varied security techniques implies the secured servers, encryptions, firewalls also it enhances
physical safeguard of the location of storing data. The Canadian North uses Secure Socket Layer
(SSL) Protocol that allows personal information like Debit/Credit Card number are encrypted as
it passes through PC to Canadian North booking system. Once the information is received, it is
decoded or unencrypted, and the further process is done in the same way because the transaction
of payment card is done through telephone. The customers personal information are is encrypted
over the internet, it totally depends on the page of the web browser (Yan, Deng & Varadharajan,
2017). Their might a chance of breach that is the loss of detailed information regarding passport.
Failure of such information can lead to identity theft, in turn, it might affect an individual's
identity and can lead to further document identifications by accessing stolen ID. To avoid such
breach the company must enhance to review the data security continuously. The company should
ensure to have privacy compliance program that covers all information protection laws,
including GDPR. The company must ensure that the information are not transferred to the third
Customer Security and Data Privacy
detailed information. PIPEDA ensures to protect customers personal data like any subjective
information, in which an identifiable customer is recorded. It builds the trust of customers;
hence customers alike keeping secure their data with PIPEDA.
Canadian North
Canadian North gather the customer's personal information by using mobile apps,
websites and automatically stores the file in the logbook the data might include internet service
provider, internet protocol, browser type and many more (Zhang et.al.2018) . The Canadian
North ensures that the customers' personal information is safeguarded and kept strictly
confidential that is implemented by technical security, organizational security. The measures are
designed to help and protect the security of any customer's personal information. This include
varied security techniques implies the secured servers, encryptions, firewalls also it enhances
physical safeguard of the location of storing data. The Canadian North uses Secure Socket Layer
(SSL) Protocol that allows personal information like Debit/Credit Card number are encrypted as
it passes through PC to Canadian North booking system. Once the information is received, it is
decoded or unencrypted, and the further process is done in the same way because the transaction
of payment card is done through telephone. The customers personal information are is encrypted
over the internet, it totally depends on the page of the web browser (Yan, Deng & Varadharajan,
2017). Their might a chance of breach that is the loss of detailed information regarding passport.
Failure of such information can lead to identity theft, in turn, it might affect an individual's
identity and can lead to further document identifications by accessing stolen ID. To avoid such
breach the company must enhance to review the data security continuously. The company should
ensure to have privacy compliance program that covers all information protection laws,
including GDPR. The company must ensure that the information are not transferred to the third
5
Customer Security and Data Privacy
party. Even if customer ensure the trust but it should verify as if something mishap then
customer will hold on the company. Therefore Canadian North does not compromises with the
security of data and privacy of customer's information. The Canadian North ensures the safety of
data and its privacy by: Establishing the regular scheduling of current encryption technology and
keeps the practice of updating as possible. It enhances the limit of access to the customer's
personal information. It do not collect any unnecessary information. By collecting unnecessary
information enhances a more significant possibility cache for cyber hackers to target customer's
detailed information. The Canadian North destroy the confidential customer's data after the data
is being used for the concerned purpose (Masala & Grosso, 2018). It ensures that everyone in
the organization understands that customer confidentiality is everyone's responsibility and adhere
to the policy of the company. They ensure that the information is not leaked to other third party.
Canadian North always ensures its customers that their information's are secured, and they are
highly confidential. This builds and enhances the customer's trust in the company.
Legal Requirements and trust
The concept of digital security analysis is the best concept of consumer privacy
undertakings. The growing privacy regulations like CCAP and GDPR are enacted worldwide at a
swift pace. The data breach is highly publicized ID theft and another relatable scandal. Business
cannot ignore the new policies, rules and regulation. CCPA provides the Protection for
customer's data of California (Lu et. Al. 2016). It enhances the Protection of consumer rights by
informing organization not to share or leak out the detailed customer information. It enable the
consumer to control the personal details provided by them. It emphasizes the business
responsible for safeguarding the customer's personal information. Many companies deal with
substantial issues complying with GDPR and further need to comply with CCPA as well as. The
Customer Security and Data Privacy
party. Even if customer ensure the trust but it should verify as if something mishap then
customer will hold on the company. Therefore Canadian North does not compromises with the
security of data and privacy of customer's information. The Canadian North ensures the safety of
data and its privacy by: Establishing the regular scheduling of current encryption technology and
keeps the practice of updating as possible. It enhances the limit of access to the customer's
personal information. It do not collect any unnecessary information. By collecting unnecessary
information enhances a more significant possibility cache for cyber hackers to target customer's
detailed information. The Canadian North destroy the confidential customer's data after the data
is being used for the concerned purpose (Masala & Grosso, 2018). It ensures that everyone in
the organization understands that customer confidentiality is everyone's responsibility and adhere
to the policy of the company. They ensure that the information is not leaked to other third party.
Canadian North always ensures its customers that their information's are secured, and they are
highly confidential. This builds and enhances the customer's trust in the company.
Legal Requirements and trust
The concept of digital security analysis is the best concept of consumer privacy
undertakings. The growing privacy regulations like CCAP and GDPR are enacted worldwide at a
swift pace. The data breach is highly publicized ID theft and another relatable scandal. Business
cannot ignore the new policies, rules and regulation. CCPA provides the Protection for
customer's data of California (Lu et. Al. 2016). It enhances the Protection of consumer rights by
informing organization not to share or leak out the detailed customer information. It enable the
consumer to control the personal details provided by them. It emphasizes the business
responsible for safeguarding the customer's personal information. Many companies deal with
substantial issues complying with GDPR and further need to comply with CCPA as well as. The
6
Customer Security and Data Privacy
business that involves collecting data regarding customer identity and build customers profiles
for customized marketing campaigns which needs to venture the potential for significant fines.
CCPA is different from GDPR that require the ability for users to opt for and required explicit
consent before collection. Building consumers trust became more critical for organization
worldwide. CCPA and GDPR and other related regulation that is needed for a company and is
applicable to seek the customer's consent before their data is collected and used for the consent
of record keeping. Under CCPA and GDPR customers are authorized to view, modify and
revoke their consent, anywhere and anytime. By keeping consumer data secure and protected
from harmful virus goes hand to hand, which ensures privacy. The risk of exploiting personal
data can be done quickly, which becomes a significant target for hacking.
A requirement for CIAM State-of-Art
As per GDPR and other Privacy Legislation Company which possess customer's data
must ensure to secure data against the access which is not authorized. Should be able to
demonstrate the proper security of state-of-art security which are measured accurately and
effectively protecting the essential data under GDPR. The state-of-art is the part of implementing
the cost, context, purpose and scope of processing the balance against the impact and risk to
freedom and rights of an individual. A firm needs to determine what is in balance and
appropriate to reference guide for best practice of the industry.
Digital Identity Security Assurance
The concept of digital identity security can be implemented and processed through cloud-
based, off-the-shelf, commercial solutions that are an easy choice for most of the organization to
meet the company's needs, goals, and other resources. The solution that utilizes the capabilities
of the modern cloud to share several advantages of in-house IT departments which aims to build
Customer Security and Data Privacy
business that involves collecting data regarding customer identity and build customers profiles
for customized marketing campaigns which needs to venture the potential for significant fines.
CCPA is different from GDPR that require the ability for users to opt for and required explicit
consent before collection. Building consumers trust became more critical for organization
worldwide. CCPA and GDPR and other related regulation that is needed for a company and is
applicable to seek the customer's consent before their data is collected and used for the consent
of record keeping. Under CCPA and GDPR customers are authorized to view, modify and
revoke their consent, anywhere and anytime. By keeping consumer data secure and protected
from harmful virus goes hand to hand, which ensures privacy. The risk of exploiting personal
data can be done quickly, which becomes a significant target for hacking.
A requirement for CIAM State-of-Art
As per GDPR and other Privacy Legislation Company which possess customer's data
must ensure to secure data against the access which is not authorized. Should be able to
demonstrate the proper security of state-of-art security which are measured accurately and
effectively protecting the essential data under GDPR. The state-of-art is the part of implementing
the cost, context, purpose and scope of processing the balance against the impact and risk to
freedom and rights of an individual. A firm needs to determine what is in balance and
appropriate to reference guide for best practice of the industry.
Digital Identity Security Assurance
The concept of digital identity security can be implemented and processed through cloud-
based, off-the-shelf, commercial solutions that are an easy choice for most of the organization to
meet the company's needs, goals, and other resources. The solution that utilizes the capabilities
of the modern cloud to share several advantages of in-house IT departments which aims to build
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
Customer Security and Data Privacy
customer satisfaction which enhances the critical business initiatives. Cloud offers specific
abilities that the customer experiences and help to address the company securely and regulates
the requirements.
Recommendations and Implementations
Variety of security and laws are enforced in an airline organization to facilitate the customer's
data security. The practice of personal information entity in Canadian North can engage highly
sophisticated cyber-attacks and possess threat-centric as they are highly sensitive in nature as
passenger data are interacted to third party for booking. The risk of third party management in
this sector is quite high. As per IBM study, it is found that to identify data breach it takes more
than 6 months (Albugmi et. Al 2016). Which gives more time for trespassers to collect the
information and disrupt the plan. To mitigate the risk Canadian North should emphasize: the
endpoint protection to improve the control over the number of different access points and its
various type and try to collect data of potential incident. Cloud computing for security must
enhance to increase the productivity while reducing costs. Threat of intelligence can be
overcome by the support of security giving warning in advance what to prepare for, the cost can
be reduced and focused much more on relevant incidents. The use of end to end data encryption
is highly recommendable for reducing the impact of cybercrime as well as unusual data which
might get lost. In airline, this encryption can be easily applicable to payment data, biometric
data, customer's data, and traveller information and other employee details. The encryption is
also necessary for enhancing the communication between grounds based air traffic control and
aircraft. General data protection regulation is effectively applied in the organization worldwide.
To adopt the foundation of privacy principle through design (Yan, Deng & Varadharajan, 2017).
A good policy is just more than an outline concept of privacy providing clients and its full
Customer Security and Data Privacy
customer satisfaction which enhances the critical business initiatives. Cloud offers specific
abilities that the customer experiences and help to address the company securely and regulates
the requirements.
Recommendations and Implementations
Variety of security and laws are enforced in an airline organization to facilitate the customer's
data security. The practice of personal information entity in Canadian North can engage highly
sophisticated cyber-attacks and possess threat-centric as they are highly sensitive in nature as
passenger data are interacted to third party for booking. The risk of third party management in
this sector is quite high. As per IBM study, it is found that to identify data breach it takes more
than 6 months (Albugmi et. Al 2016). Which gives more time for trespassers to collect the
information and disrupt the plan. To mitigate the risk Canadian North should emphasize: the
endpoint protection to improve the control over the number of different access points and its
various type and try to collect data of potential incident. Cloud computing for security must
enhance to increase the productivity while reducing costs. Threat of intelligence can be
overcome by the support of security giving warning in advance what to prepare for, the cost can
be reduced and focused much more on relevant incidents. The use of end to end data encryption
is highly recommendable for reducing the impact of cybercrime as well as unusual data which
might get lost. In airline, this encryption can be easily applicable to payment data, biometric
data, customer's data, and traveller information and other employee details. The encryption is
also necessary for enhancing the communication between grounds based air traffic control and
aircraft. General data protection regulation is effectively applied in the organization worldwide.
To adopt the foundation of privacy principle through design (Yan, Deng & Varadharajan, 2017).
A good policy is just more than an outline concept of privacy providing clients and its full
8
Customer Security and Data Privacy
employee security with concrete guidelines about the safety of information it also helps in
developing confidentiality and building the trust relationship between the organization and an
individual.
Sample policy and procedures
Protecting Data privacy is complicated and risk concern to system. The risk increases due
to abused technology that is engaged in storing data (Lu et al. 2016). Therefore, an organization
should enhance
All the files and data must be encrypted while handling sensitive data.
It is enhancing a unique and robust password that prevents the hacker from cracking the
code that means improving hard to guess the password system.
Keeping updated the security software of an organization as new malware is being
released every time and spreads at an increasing rate.
To enhance the control usage of the security system.
They are encouraging the employee to report data loss. The reports of lost data can help
mitigate the risk against it.
It is also a part of the consumer that they should not share their any confidential
information either to their friends and using the password vault that generates the secure
password.
Conclusion
From the above paper, it is concluded that in this modern era of digitalization, with the
increase in cybercrime and theft of confidential information. It is very much essential for the
customer as well as for the organization to build a healthy trust relationship between them. The
Customer Security and Data Privacy
employee security with concrete guidelines about the safety of information it also helps in
developing confidentiality and building the trust relationship between the organization and an
individual.
Sample policy and procedures
Protecting Data privacy is complicated and risk concern to system. The risk increases due
to abused technology that is engaged in storing data (Lu et al. 2016). Therefore, an organization
should enhance
All the files and data must be encrypted while handling sensitive data.
It is enhancing a unique and robust password that prevents the hacker from cracking the
code that means improving hard to guess the password system.
Keeping updated the security software of an organization as new malware is being
released every time and spreads at an increasing rate.
To enhance the control usage of the security system.
They are encouraging the employee to report data loss. The reports of lost data can help
mitigate the risk against it.
It is also a part of the consumer that they should not share their any confidential
information either to their friends and using the password vault that generates the secure
password.
Conclusion
From the above paper, it is concluded that in this modern era of digitalization, with the
increase in cybercrime and theft of confidential information. It is very much essential for the
customer as well as for the organization to build a healthy trust relationship between them. The
9
Customer Security and Data Privacy
company should enhance the proper data security and its privacy, as well as customer, should
also maintain the dignity of the company's policies and should not discuss its information to
anyone. Data security must be taken in an account seriously as it is an asset of the data of an
individual, if it is misplaced then something mishap occur as theft of identity. Securing data
meant to protect the information and dispose of confidentially once the work is done. The
company should take care that the data is not misplaced and leaked. Cloud offers specific
capabilities that the customer experiences and help to address the company securely and
regulates the requirements.
Customer Security and Data Privacy
company should enhance the proper data security and its privacy, as well as customer, should
also maintain the dignity of the company's policies and should not discuss its information to
anyone. Data security must be taken in an account seriously as it is an asset of the data of an
individual, if it is misplaced then something mishap occur as theft of identity. Securing data
meant to protect the information and dispose of confidentially once the work is done. The
company should take care that the data is not misplaced and leaked. Cloud offers specific
capabilities that the customer experiences and help to address the company securely and
regulates the requirements.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
Customer Security and Data Privacy
Reference
Albugmi, A., Alassafi, M. O., Walters, R., & Wills, G. (2016, August). Data security in cloud
computing. In 2016 Fifth International Conference on Future Generation
Communication Technologies (FGCT) (pp. 55-59). IEEE.
Lu, R., Rahulamathavan, Y., Zhu, H., Xu, C., & Wang, M. (2016). Security and privacy
challenges in vehicular cloud computing. Mobile Information Systems, 2016.
Masala, G. L., Ruiu, P., & Grosso, E. (2018). Biometric authentication and data security in cloud
computing. In Computer and Network Security Essentials (pp. 337-353). Springer, Cham.
Yan, Z., Deng, R. H., & Varadharajan, V. (2017). Cryptography and data security in cloud
computing.
Zhang, J., Chen, B., Zhao, Y., Cheng, X., & Hu, F. (2018). Data security and privacy-preserving
in edge computing paradigm: Survey and open issues. IEEE Access, 6, 18209-18237.
Customer Security and Data Privacy
Reference
Albugmi, A., Alassafi, M. O., Walters, R., & Wills, G. (2016, August). Data security in cloud
computing. In 2016 Fifth International Conference on Future Generation
Communication Technologies (FGCT) (pp. 55-59). IEEE.
Lu, R., Rahulamathavan, Y., Zhu, H., Xu, C., & Wang, M. (2016). Security and privacy
challenges in vehicular cloud computing. Mobile Information Systems, 2016.
Masala, G. L., Ruiu, P., & Grosso, E. (2018). Biometric authentication and data security in cloud
computing. In Computer and Network Security Essentials (pp. 337-353). Springer, Cham.
Yan, Z., Deng, R. H., & Varadharajan, V. (2017). Cryptography and data security in cloud
computing.
Zhang, J., Chen, B., Zhao, Y., Cheng, X., & Hu, F. (2018). Data security and privacy-preserving
in edge computing paradigm: Survey and open issues. IEEE Access, 6, 18209-18237.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.