Beruflich Dokumente
Kultur Dokumente
5 Computer-Based Fraud
Computer-Based Fraud is another threat done by internal people in an organization by modifying the processing data and routine entry data. This threat can be said as one of the major threat that affect a lot of companies and also a basic threat used to fraud the information of an organization.
3.7 Hackers
Hackers are usually highly skilled person who penetrate into the information system of an organization and causing information security threat. A hacker is defined as someone who illegally breaks through into a computer system and network and illegally access information that are kept confidentially. Penetration of hackers successfully into the information system and network may cause a major problem because they can manipulate the data, steal, delete and also damage the data. Hackers are used to steal data of an organization and threatening method is used to threaten the organization for some purpose or reason.
4.1 Confidentiality
To achieve the goal of confidentiality in information security the organization must take sure that only an authorized person can access to the HRIS because maintaining the privacy and confidential information of employees are very important to achieve the goal of confidentiality.
4.2 Integrity
To achieve the goal of integrity in information security the organization must also make sure that only an authorized person is given the authority to make any changes, modification, create new data and delete unimportant data in the HRIS. Beside, the authorized person choose to keep
system updated must be well trained so that the employee stored the correct and accurate information and keep the current system.
4.3 Availability
Availability in information security means that authorized users or employees are able to access to HRIS to process some information which they need when required and these method usually operates using password and digital signature of users to get access.
This law was enacted in the state of California and the law state that all organization must notify their customer and also their employees under the employment contract when unencrypted personal information may be compromised, stolen or lost.