Discussion Question Responses

Please formulate a response for each of the three discussion questions. The response must be at least 2 paragraphs and contain references. 

Melissa Power- User Authentication

Typically, identification is done face-to-face. If identification needs to be verified, photo identification is typically utilized. Usually a Driver’s License or Passport is used for identification purposes. However, when using computer technology, there is a different way that identifications take place. This identification process is called User Authorization. This process of one or more steps allows the computer system to verify that the person who wants access to information is authorized to do so (UMGC, 2020a).

The first and most common form of authentication that a user would perform would be to enter their username or user identification and password. However, because 53% of people have the same password for multiple logins, this is something that can be easily stolen or become compromised in some way (Security, 2020). There are several other methods that can be used such as answering specific questions that only the User would know, sending a code to the phone number or email address registered with the system that the User has access to and can enter, or even a biometric scan by using an eye or fingerprint. A multi-step process for verifying the user is called multi-factor authentication (UMGC, 2020b). This process allows for increased security.

When an applicant utilizes the MTC Hiring System, multi-factor authentication must be considered because of the ever-increasing data breaches that are occurring. Should a data breach occur, it will compromise the personal information of the applicant and can increase the potential for their identity to be stolen (Carnegie Mellon University, 2019). Keeping that in mind, this could not only compromise the relationship that we are trying to establish with current applicants but any future applicants. Utilizing an increased user authentication experience would add another layer of security that would be potentially hard to replicate. Utilizing something that the applicant knows (username and password) and something that the applicant has (a code sent to their smartphone) would be easy enough to allow for mobile access while also providing a two-factor authentication to all the applicant access to their portal.

References:

Carnegie Mellon University. (2019, September 19). Multi-factor authentication: What it is and why you need it. Information Security Office: Computing Services. https://www.cmu.edu/iso/news/mfa-article.html

Security. (2020, May 7). 53% of people admit they reuse the same password for multiple accounts. Security solutions for enabling and assuring business. https://www.securitymagazine.com/articles/92331-of-people-admit-they-reuse-the-same-password-for-multiple-accounts

UMGC. (2020a). Requirements.

UMGC. (2020b). Information systems security.

Djenabou- Protection of data as it is transmitted and when it is stored

Data protection entails the appropriate measures taken to ensure collected data is safe from compromise, tamper or loss. There is need to store data, since the quantity of information that needs to be kept increases daily. Data protection when it is transmitted means safeguarding the data when it is not yet at rest, while the stored data implies information that is already kept in a database or any storage platform. Wiseman (2017) opines that keeping data safe from compromise or loss protects the dignity of the data; hence it can be effectively used for future purposes without conflicts.

Explanation:

Protection of data as it is transmitted and when it is stored

Data protection entails the appropriate measures taken to ensure collected data is safe from compromise, tamper or loss. There is need to store data, since the quantity of information that needs to be kept increases daily. Data protection when it is transmitted means safeguarding the data when it is not yet at rest, while the stored data implies information that is already kept in a database or any storage platform. Wiseman (2017) opines that keeping data safe from compromise or loss protects the dignity of the data; hence it can be effectively used for future purposes without conflicts.

In addition, protecting crucial information during its transmission or when it is stored prevents the infringement of privacy rights of the people or organizations whose data is stored (Allen, 2013 and Dos Santos, 2018). For example, the data being transmitted or stored may contain the demographic, personal and financial information of a person, which they may not be intending to expose to the public. As Taylor (2015) posits, every person has a right to privacy and infringement of their confidentiality rights by exposing their data amounts to lawsuit.

Protection of data during transmission or when it is stored can influence MTC hiring in many ways. For instance, safeguarding the data about prospective employees can ensure access control policies that enhance effective sentiment analysis. Therefore, stakeholders can easily classify and cluster potential staff. The stored data will offer a comprehensive overview of all applications listed to fill positions.

References

Allen, P. (2013). The importance of data protection inside your enterprise. Network Security, 2013(11), 12-14. doi: 10.1016/s1353-4858(13)70121-1

Dos Santos, J. G., Cappellozza, A., & Albertin, A. L. (2018). Antecedents of Perceived Benefits of Compliance Towards Organizational Data Protection Policies. IEEE Latin America Transactions, 16(3), 891-896.

Taylor, M. (2015). "Safeguarding the Right to Data Protection in the EU", 30th and 31st October 2014, Paris, France. Utrecht Journal Of International And European Law, 31(80), 145-152. doi: 10.5334/ujiel.cw

Wisman, T. (2017). Introduction: Data Protection in All Directions. European Data Protection Law Review, 3(3), 399-401. doi: 10.21552/edpl/2017/3/17

Robert Calderwood- Aloha,

     During the hiring process, there may be a need to identify/evaluate the tacit knowledge needed/required for a position. This question can be for anyone... what is meant by tacit knowledge and how/what types of questions could be asked to have an applicant demonstrate tacit knowledge? More than one student can respond and feel free to respond to other students that contribute.