data privacy

& security
ARC229 | SALVAÑA
 scenario 3
You work for a medium-sized company that values data privacy and security. As part of your job, you have
access to sensitive information, including customer data, financial records, and proprietary business
strategies. Your company provides employees with laptops to perform their work remotely and securely. The
laptops are encrypted and protected with strong passwords,

One evening, you finish your work at the office and head home, accidentally leaving your company-issued
laptop o your desk. The next morning, you discover that the office was broken into overnight, and your
laptop is missing. You immediately report the theft to your manager and the IT department.

1.Reporting the incident

-What are the critical steps you need to take when discovering that your laptop is missing due to theft?
-Who should you report the incident to within the company, & how shou you communicate the situation?
2.Data stored on the laptop
-What types of sensitive data might be stored on your company-issued laptop?
-How can the company ensure that sensitive data is adequately protected on employees’ device?
3.Encryption and password protection
-How does laptop encryption help protect the data in case of theft?
-What is the role of strong passwords in safeguarding sensitive information on company laptops?
reporting the
incident
1. Critical Steps when Discovering the Missing Laptop:
- Report the occurrence to the management and the IT department
right away.
- Document the occurrence and offer detailed information on the
stolen laptop's contents.

2. Reporting the Incident Within the Company:

- Report the occurrence to the IT department and the manager so
that the required security processes can be implemented.
- Communicate the problem via secure channels such as
encrypted email or a protected internal company portal.
data stored on
the laptop
1. Types of Sensitive Data:
- Customer data, such as personal information and purchase
history.
- Financial documents include budget plans, financial reports, and
payroll information.
- Unique business tactics, such as marketing programs and
product development methods.

2. Ensuring Data Protection:

- Implement strong data encryption and access controls on all
company-issued devices.
- Implement strict data access restrictions and provide frequent
security training to staff to increase knowledge of data
protection procedures.
Encryption & pw
protection
1. Laptop Encryption:
- Encryption protects data by transforming it into a code that can
only be accessed with the appropriate encryption key/password.
- In an instance of theft, encrypted data is inaccessible without
valid authentication, thereby protecting important information.

2. Role of Strong Passwords:

- Strong passwords are the first line of defense against unwanted
access to sensitive information.
- They keep unauthorized users from quickly accessing the data,
even if the laptop is stolen.
potential risks
- Data breach causes financial losses and harms reputation.
- Violations of data privacy policies and laws.

Ethical implications
- Ensuring the trust and privacy of consumers and stakeholders.
- Responsibility for safeguarding private corporate information.

legal aspects
- Compliance with data protection legislation, such as RA 10173.
- Notification obligations for informing impacted individuals in the
event of a data breach.
 Conclusion
If your work laptop is stolen, notify your manager and the IT
department immediately. Explain what was on it in detail.
Follow data security standards and laws, including notifying
people of a breach. And don't tamper with the stolen data
unless the IT team approves. This helps keep things under
control and demonstrates our commitment to keeping
information safe and confidential.
thank
you