You are on page 1of 1

Anatomy of an Industrial Espionage Attack

Zed Technologies, a high-tech firm industry a concrete example of a company with lack of access
control. It is also lack of authentication that it cannot determine whether the user should be allowed to
access the private information of the company or not. Because of this, privacy and protection become the
most recent issue in information security.

We need to provide protections for several reasons and most apparent is to prevent intentional
violation of an access restriction by a user. The most common approach of protection problem is to make
access dependent on the identity of the user, the Access-Control List.

The employees play an important role to protect the confidentiality of the company’s information
yet in this scenario, some of the employees trust immediately the newly employee without knowing its
background. It is highly recommended to have a security that would protect the significant information
from unwanted disclosure. This information may include the customer and employee data, business
strategy, product formula or information that can cause negative operational impact to the business.

In this scenario, product-manufacturing information is the most sensitive among a broad range of
other important information. It is where business strategy and new product formula is stored. Another
approach protection problem is to associate with each file with password. It is more protected if
passwords are chosen randomly and change often for limited access to a file. On the other hand, if only
one password is used for all files, then once it is discovered, all files are accessible; protection is said t to
be all-or-none basis.

You might also like