Assessment item 2 Assessment Item 2 Value: 25% Due date: 28-Aug-2017 Return date: 18-Sep-2017 Length:2500 Words Submission method options Alternative submission method Task Examine the following case...

Introduction
In this report we study about Victorian law and data security. The data privacy act was came in
2000, the act as information privacy act 2000. In 2005 data security act was come name of
commission for law enforce security act 2005. In 2014 Victorian law came with the combination
of both data privacy act and data security act.
Cu
ent security risks and concerns considered by the VIC government.

Threats exploit Vulnerabilities



protect against increase increase Expose


Security Controls reduce Security Risks Asset(Data)
met by indicate increase have
Security
Data(Asset) Values
&
Requirements Potential Impacts
DATA PRIVACY AND PROTECTIONS
Data privacy and protection is main issue for every organization..we knew that each information
is important for organization. Data means gather the information in form of data files, payment
detail etc so we expect this act protect the organization regarding the data security. Victoria law
enforce in2014 for privacy security and data security.
DATA PRIVACY AND PROTECTION VALUES (AND POTENTIAL IMPACTS)
The main issue for any company who is doing business the main issue is data privacy and
protection if company respects these two aspects then business may increase. Any organization
needs to provide integrity, security confidentiality.
Data privacy and protection are used interchangeable. Data privacy act secure the personal
information and data protection means protect the data values for business purpose. Hacking is a
ig problem now days due to hacking steel the information by hacker and they misuse it. So data
protection act s punished those people who misuse the information
THREATS
Threats means unwanted entry on computer or due to unwanted events may hack the system and
loss the information. Some events may modification data or application or Co
uption or
modification of a Data privacy and protection (data, applications);
 Theft, removal or loss of an Data privacy and protection (equipment, data, applications);
 Disclosure of a Data privacy and protection (data);
 Inte
uption of services;
 A threat would need to exploit the vulnerability of the Data privacy and protection
Unauthorized entry
The organization most important point is data protection from unauthorized entry is a critical
element of any security system. Important point to be remember Removal of hiding places
 Compound or facility access control
 Multiple processes of layer protection
 Mechanical locking systems
 Man-passable ba
iers in the open places such as culverts, air vents, and utility openings
 Remote controlled gates, traffic control, hydraulic ba
iers, anti-ram hydraulic drop arms and
parking control systems.
1. Perimeter intrusion detection systems
 Alarms
 Detection devices (infrared, motion, acoustic)
 Clear zones
 CCTV and video surveillance technology
2. Data and Information Protection
 Secure access to networks, hardware, and equipment e.g. telephone and satellite systems
 Electronic security devices shielding
 Acoustic shielding
 Computer screen shields
4. Personal identification systems
 Tailgating policies
 Fingerprints, access control, ID cards, biometrics
 Credentials management
 Primary and secondary credential systems
Insider Threats
The main threat regarding the security inside people, they can misuse the facility and access the
data. Unlimited access is also problem for security purpose. Standard categories here include
employees or individual they can manage the procedure in proper manner.
The most convenient ways to mitigate risks are:
 CCTV and video surveillance technology
 Limited access to sensitive areas
 Introduction of background checks and personnel reliability policies
 The use of two-man...