5 PAGES MBA EXPERT ONLI

profilejenni-dik
instructions.docx

Project 2 (MBAs Only)

  https://ci5.googleusercontent.com/proxy/-J9cjmfvWF-ntOpSCLiZwX6t9CeX5kOfuxuwp5kIWmCf9TCbHtlAhMIY1n4HhQR7dBsTlEhlhNEAtDs45PHDMRB9dw=s0-d-e1-ft#https://d2l.canisius.edu/d2l/img/lp/pixel.gifActions for 'Project 2 (MBAs Only)'

· Print

Step 1: Read “SANS Institute:  What Every Tech Startup Should Know About Security, Privacy, and Compliance  white paper designed to help founders for tech startups ask the right questions about information security.

Step 2: Pick one of these tech startups! As a founder/CEO for one of these startups, you must have information security in mind in order to defend against unauthorized access and data loss potentially compromising intellectual assets, sensitive data and the company’s reputation in the marketplace.

Acorns

PillPack

“Acorns is hoping to make saving and investing as simple as possible. After connecting their debit and credit cards, the app gives users the ability round up all purchases to the nearest dollar. The extra amount is then added to a diversified investment portfolio.”

“PillPack is a full service pharmacy that delivers a better, simpler experience. Our pharmacists manage all your refills. From phone calls to faxes and follow up, they handle everything for you.”

Security Concerns:

· Credit Card Payments

· Securing data in motion

· PCI/DSS Compliance

· Financial Data / Bank & Investment Accounts

· Mobile device / endpoint security

Security Concerns:

· HIPAA Compliance

· Credit Card Payments

· PCI/DSS Compliance

· Health Records

· https://www.crunchbase.com/organization/acorns-grow#/entity

· https://www.acorns.com/

· https://angel.co/pillpack

· https://www.pillpack.com/  

Uber

·

·

“Uber is a technology platform that is evolving the way the world moves. By seamlessly connecting riders to drivers through our apps, we make cities more accessible, opening up more possibilities for riders and more business for drivers.”

·

Security Concerns:

· Hiring/pre-screening competent drivers

· Prevention of unauthorized third-party access to driver or rider information 

· Credit card transactions

· PCI/DSS Compliance

· BYOD

· Mobile device / endpoint security

·

· https://angel.co/uber?utm_source=companies

· https://www.uber.com/?exp=hp-c

·

.

Step 3: Project Requireme

nts

1. Identify two (2) information security threats that are likely to occur and describe how each threat would result in an adverse effect for the company (p.88, Table 3-2).

2. Backup your assertions with a real-world case. Research a similar company (same industry/market/size and/or type) that has been exposed to a similar threat and describe the adverse impact to the organization (e.g. intellectual property theft, data loss, loss of reputation, financial damages, etc.). Cite lessons learned so your start-up doesn't make the same mistake(s).

3. Identify two (2) information security controls (p.156, Table 5-1) and discuss how the control would help to reduce, transfer, accept or avoid the risk (p. 263).

Note:  Base your answers on high-level descriptions and security concerns provided. You are not expected to research these tech companies in any depth other than to help you understand the product or service offering in more detail.

Technical Requirements:

· Your project report should be formatted professionally in MSWord (.DOC, .DOCX) file format

· Filename format should be “MBA657_Proj2_<LastName>.docx”

· Five (5) pages in length minimum, double-space using 12pt font and normal margin spacing