Hypothesis Report

Introduction and Background:

The current paradigm has been shifted the working condition from a formal office environment towards the home; the number of directives has been confined over the large portions, and many businesses have started working with the distributed workforce. The new circumstances demand the different security stances from the centralised offices, specifically when it comes to managing data privacy and security issues, the GDPR framework, and helps the companies keep the personal data private and secure. Many employees are usually not familiar with the data privacy issues; the data breach exposes the project s data.

The cybersecurity policy has been instructed towards the employees about the business data safe and data protection. The NIST cybersecurity framework helps provide you with the best practices for the guidelines, which helps in all stages of threats and identification and imagination. The significant areas be covered under the NIST protocol is:

1. Identity
2. Protect
3. Detect
4. Respond
5. Recover

Method:

Qualitative study has been carried out; the other authors actual research has been used to enhance and formulate the survey results concerning the developed research questions.

Hypothesis 1: Is there any cybersecurity impact over the working of employees from home?

Hypothesis 2: Is there any severe cyber concern for organisations with employees working from home?

Hypothesis 3: Has the increase in home working during the COVID 19 pandemic increased the risk of corporate data security breaches?

Data privacy become a considerable concern for the customer who provide their personal information to the companies. The customer nowadays are aware of the possible consequences of data breach. Whenever the data has been transferred from location 1 to another site, there are some pseudonymised manner that helps protect data and the data breach. The Pseudonymisation masks help in replacing the data, encryption with the different artificial identifiers, helps in the central protection of data, protect the privacy and security of data, the GDPR and their limitations have monitored the encryption has been observed as well. They are fully aware of the scam hackers do when they hack their personal information, ATM passwords or credit cards; they can make them inferior in a minute. Hence data privacy must be ensured by companies to build the trust of customers on them. The companies should introduce such policies that can create a transparency with the customer to provide their information. The question arises here is that why companies need customer data? The answer is that customer data can help them market the brand and create loyalty among them by sending coupons, sales, and discount messages. This essay evaluates four articles.

In the article referred to the data privacy risk in case of remote work risks, they are issued by the remote working, mitigated with the adequate documentation, the policy and procedure helps to maintain the everything, including devices securely, requirements for the creation of conditions for maintaining the strong passwords and acceptable user policy. The developed approach has many factors such as Bring your Device, Remote working policy, a user agreement, protocols to be followed related to the data security and physical storage of data and their device security. It is also considering a critical factor of success that the use of VPN which should be up to date and secure, secure enough that it has no seen vulnerabilities, time to patch, it helps actively to seek out the endpoints and secure them with the high opportunity and enhance the structures and processes in place to restore the system with the regular moving forward. It has enough security and bandwidth for the VPN to improve and work properly. The remote work policies should be robust and relevant that is more important. The reports show that the 25% of the IT companies don t update their VPN and remote policy for more than six months, which is a significant flaw. The employees significant chall have while working atareome is the management of the training and work life balance. The most crucial point to be considered over here. 51% of the employees says that the remote model has affected their efficiency badly.

In the article Data Privacy: Effects on Customer and Firm Performance, Martin, Borah and Palmatier (2017) highlighted data breaches and misuse of private data of customer to rob them or blackmail them. Companies data for the sake of marketing returns may not be stored and secured correctly. The cybercriminals or any person can quickly locate them to for scam. Martin, Borah and Palmatier (2017), perform the research to find out the customer vulnerability and their consent of how the companies secure their personal information (Martin, Borah and Palmatier, 2017). The research s focus was that client impression of vulnerability to hurt because of firm information rehearses better conceptualise data management impacts than protection concerns. Utilising gossip theory, they foresee solid contrary reactions to individual data revelations by gossipers— or firms. Gossip theory likewise distinguishes two key factors that may stifle the harming impacts of information vulnerability: straightforwardness and control. With an anticipated continuum of potential damage, the research aims to investigate the unmistakable implications of information get to powerlessness as the firm approaches the client s individual story, information rupture powerlessness (the firm or a nearby adversary endures an information rupture), and information show powerlessness (an information rupture empowers client information to be abused; e.g., fraud) on the firm itself.  The different attacks that can be carried out using the home – non secured web channel for the transportation of the data significantly impact the organisation.

Three main contribution was invented through this article. One is that clients see hurt and react contrarily to firms assortment and utilisation of their information. The tests cover all kinds of client information weakness show critical negative impacts, some of which are show even with no direct budgetary damage to the client. Second, the gossip theory utilisation as a binding together focal point portrays how client defenselessness makes solid adverse client reactions. Gossip theory has both hypothetical and natural intrigue for assessing how individuals react to undesirable client data access and use, when they learn of it. In affirmation of a critical reason of gossip theory, it was discovered that individuals have a general created feeling of how they are seen and assessed by others. Third trials affirms that straightforwardness and control work synergistically to alleviate sentiments of infringement and improve trust, which lines up with the investigation that shows that straightforwardness, what s more, control guarantees in information the executives rehearse diminish the harm to firm execution in the wake of an information break.

The articles written by Gruschka, Mavroeidis, Vishi and Jensen (2018) discussed the issues of data privacy as a concern for people. Hence, Martin, Borah and Palmatier (2017) report the implementation of data protection policies on those companies dealing with Big Data. Moreover, the privacy protection strategies was also presented to deal with data breach. Two case studies were used to examine the results. As for mitigating privacy concerns, the samples were informed about eh consent and asked them about biometric verification to collect data. While on the second phase, the already present data was used. Biometric verification cannot be anonymised and easily verified in Big Data, but data anonymisation is almost impossible in the second phase. It is critical to comment that for activities and innovations managing delicate data a data insurance sway evaluation ought to be led at the early stages of the venture to recognise potential protection challenges, and to adjust the investigation techniques taking into thought security protecting system (Martin, Borah and Palmatier, 2017).

McDermott (2017) has researched analyses and examine the future of the first law of data protection in the era of Big Data. The fundamental right of data protection was announced for the first time under the article 8 of the charter. The report was to inspect the parameters of this new right to data assurance, asking the standards supporting the right (Spina, 2014).

There are two types of cryptography; symmetric cryptography, and asymmetric cryptography. Both techniques have the same way to use, which needs an algorithm encryption and a key—symmetric key used by the sender to convert plain text to cipher text transferring the information data.  Asymmetric has the same function as symmetric cryptography used by the receiver to convert the cipher text into its actual position. In 1976, it was the unique thing that are commonly using for secure message. Symmetric cryptography is either applied as a stream cipher or block cipher. A block cipher is usually used for individual inputs as opposed unique character and information used by the stream cipher. EES and DES are generally designed as block cipher. Stream is the block cypher s contrast; stream cipher is a long term for important substance combined with the mediate bit or character by character. In the stream cipher, the stream s output is based on hidden internal states that drive as cipher operates. The internal state is only made for to use the cipher text in communications.

Questionnaire:

1.Do you think working from home during the COVID 19 pandemic improved or increased productivity in your organisation?

2. Is working from home policy introduced by some organisations approaches to stem and or prevent the spread of the COVID 19 virus.
3. Do you think the work from home policy is sustainable?
4. Have the work from home policy positively impacted the productivity of organisations, corporates, and individuals from your assessment?
5. Have the work from home policy improved the use and development of ICT infrastructure?
6. Do you think work from home policy exposed and compromised the data securities of corporations, companies, and individuals.?
7. Why do you think the policy should be continued or not?

Discussion:

Hypothesis 1:

The results were interpreted as data security ought to be wholly unravelled from the privilege to security. As such, data insurance ought to be thoughtfully isolated from security: protection has a substance, data security has none. It is only an arrangement of proportionality tests and alleviation estimates pointing to shield residents from hurts originating from a particular understanding of advances and activities. As it occurs, these damages are likewise managed a security under the privilege of protection, so covers between the two rights will undoubtedly happen, and may even outcome with various lawful consequences. The fact of the matter is that data security can be comprehended and portrayed from the hazard guideline s perspective. Thus, examinations expanding upon abstract classes originating from the privilege to protection are, to some degree, a mischaracterisation of data security.

Hypothesis 2:

The above three article concerning the hypothesis were sourced with the help of internet. Many researchers have done an excellent job in highlighting the raising concerns about personal data breach through organisations. On examine the validity and reliability of these articles. In the article by Gruschka, Mavroeidis, Vishi and Jensen (2018), research was conducted with GDPR case to implement Big Data s data protection. This was a great concern of how Big Data can store customer information safely and can retrieve it. The researchers provide a solution that biometric verification must be done to control the scam. The other article by McDermott (2017) has highlighted the right of data protection under theme 8. I observed that the data protection right is a privilege for the public to save themselves from scam. Hence request must be publicly used to aware people. Lastly, Gellert (2015) highlighted that data protection right must not be merged with data insurance.

Human error is leading causes of data breach in today s world. The cybersecurity is complicated enough when everyone in the office uses same internet and bandwidth, relying upon the employees helps immediately to pick and master the cybersecurity policies, everyday needs is to run the cybersecurity plan with the training session to enhance the entire company, train them with the most modern tools and technologies. The research says that with the secondary methods, the data breach rate can be increased by working at home, if proper measures have not been taken into account.

Hypothesis 3:

The breach of data via employees working from home using non secure internet channel. There are different types of techniques; among them, the most important is the cryptography. There are two types of cryptography which is one of symmetric cryptography, and other is asymmetric cryptography. Both techniques have the same way to use, which needs an algorithm encryption and a key—symmetric key used by the sender to convert plain text to cipher text while transferring the information data.  Asymmetric has the same function as symmetric cryptography used by the receiver to convert the cipher text into its actual position. Symmetric cryptography is either applied as a stream cipher or block cipher. A block cipher is usually used for individual inputs as opposed unique character and information used by the stream cipher.

EES and DES are usually designed as block cipher. Stream is the block cypher s contrast; stream cipher is a long term for important substance combined with the mediate bit or character by character. In the stream cipher, the stream s output is based on hidden internal states that drive as cipher operates. The internal state is only made for to use the cipher text in communications.  The crypto graphs algorithm helps to block it. The use of the technology by the employees at home isn t possible as it requires heavy resource. In this process, encryption use from sender while he published a message into public internet with unreadable sequence. Decryption is used from the receiver side. He receives the unreadable message, converting it to plain text with decryption cryptography to easily understand this message.

An indicative disadvantage in systematic cipher is a key which is secure all informational data on servers.  In the networking system, many of the coding communicators are using these keys from every place. In which access control authority manage their secure files and information through complex of keys. The data breach ensures that the sensitive data can t be changed or decrypted accordingly.  It is used to verify the receiver that the message has not been altered and the sender s specific identity. Digital signature is a written signature in the electronic communication used to identify the letter sent by the person or body. Hush function is also used in DSA. It is used to generate a dynamic and small size bit to encode the message. Implementing the scheme for employees to access work at home is difficult, but the process helps ensure that the breach will be impact zero.

Results:

The data has gathered using G forms; it enables identifying the number of the threats and managing the activities accordingly. It shows that the question 2 and questions 4 are positive.

The chart shows that the employee has 54.4% are satisfied to work from home. In comparison, 53.5% tends to manage the personal devices, 51% says that the challenges faced during the remote model communication, 47.5% have been met over the IT limited resources challenge, 45.5% have cybersecurity and 36.6% ensuring work and life to be balanced.

The number of the attacks, to be carried out by the famous top attackers. The number of the full attacks to be carried out over the different attacks and networks.

Most of the attacks has been carried out over the endpoints and network, the different attacks have been carried out and needs to be restored.

The IoT,, which helps mainstream the effect in the different years, shows the connected nodes over the internet.

The high impact over the number of the suppliers and their level of the cyber risk and contract refer to the compliance activity, which increases the increased risk over the supplier tier model.

Conclusion:

This report has been concluded with the fact that data privacy is the serious issues and should not be avoided for the sake of anything. The organisation or brands using customer information to spread sales and other messages must not leak any client s personal information.

Hypothesis 1: Negative

Hypothesis 2: Positive

Hypothesis 3: Negative  

Moreover, they should implement software to secure every client s personal information, and specific members should only approach it. The cybersecurity and namespace help to manage it, analyses the routine of the working environment. It is necessary for the domestic workforce to be updated with all policies related to the cybersecurity, helps them in the management of the workforce and VPN tunnelling helps to evaluate it, the use of crypto algorithms and process helps to manage the work and their distribution to be secured over the specific channel.

References

Auxier, B., Raini, L., Andersan, M., Perrin, A., Kumar, M. and Turner, E., 2019. 1. How Americans Think About Privacy And The Vulnerability Of Their Personal Data. [online] Pew Research Center: Internet, Science & Tech. Available at: <https://www.pewresearch.org/internet/2019/11/15/how americans think about privacy and the vulnerability of their personal data/> [Accessed 13 March 2020].

Gellert, R., 2015. Understanding data protection as risk regulation. Journal of Internet Law, [online] 18(11). Available at: <https://www.researchgate.net/publication/301552462_Understanding_Data_Protection_As_Risk_Regulation> [Accessed 13 March 2020].

Gruschka, N., Mavroeidis, V., Vishi, K. and Jensen, M., 2018. Privacy Issues and Data Protection in Big Data: A Case Study Analysis under GDPR. [online] pp.1 7. Available at: <https://www.researchgate.net/publication/329116150_Privacy_Issues_and_Data_Protection_in_Big_Data_A_Case_Study_Analysis_under_GDPR> [Accessed 13 March 2020].

Martin, K., Borah, A. and Palmatier, R., 2017. Data Privacy: Effects on Customer and Firm Performance. Journal of Marketing, 81(1), pp.36 58.

McDermott, Y., 2017. Conceptualising the right to data protection in an era of Big Data. Big Data & Society, 4(1), p.205395171668699.

Spina, A., 2014. Risk Regulation of Big Data: Has the Time Arrived for a Paradigm Shift in EU Data Protection Law?. European Journal of Risk Regulation, 5(2), pp.248 252.