Manufacturing
| ODM & OBM manufacturers | OEM manufacturers | |
|---|---|---|
| Challenges | For ODM & OBM manufacturers, since they have to invest a good amount of money in Product Research & Development (R&D), if the product idea and graph were leaked to their competitors, the loss will be disastrous. | By and large, buyers will provide OEM manufacturers product specifications and designs for mock-up and production. And the OEM manufacturers were expected to use the given information discreetly and ethically. Certain buyers even impose regulations and implement IT security system to their manufacturers, in order to make sure that any information is being used properly and securely. |
| Challenges come from | Internal authorized users. Since they have to access sensitive information throughout the daily operations, they can easily copy the information to external sources, such as USB storage devices and e-mail. For management, these users can still access the information, but they should not carry information out of the company by all means if they are not authorized. | |
| Examples of internal threats | Engineers, designers, salespersons, and people who have rights to read those sensitive documents. | |
| Examples of sensitive documents | Product Specifications, Design Drawings, ISO Documents |
Product Specifications, Design Drawings, ISO Documents
|
| Business Impacts |
|
|
Banking & Finance
| Challenges | For banking & finance industry, we can simply imagine that they are handling a lot of sensitive information, such as customer personal information and credit card statements. This information is valuable to some “ill-will” industries. Companies that are unethical may even want to buy that information. If that kind of information was leaked out to malice, it could be a catastrophic. |
| Challenges come from | Internal authorized users. Since they have to access sensitive information throughout the daily operations, they can easily copy the information to external sources, such as USB storage devices and e-mail. For management, these users can still access the information, but they should not carry information out of the company by all means if they are not authorized. |
| Examples of internal threats | At Call Center: When staff answer enquires, they may need to access customer personal information. |
| Examples of sensitive documents | Customer personal information, account profiles, transaction details |
| Business Impacts |
|
Government
| Planning and Lands | Public Hospitals | Examinations and assessment | |
|---|---|---|---|
| Challenges | For Planning and Lands department, they are responsible for planning the usage of lands and urban development. It involves a lot of sensitive information. Since property industry involves huge amount of money, that kind of information must be highly confidential. | Hospitals process a lot of patient’s personal information. That kind of information is highly confidential. The public is interested to know news of famous people, such as statesmen and celebrities. Unethical companies may even want to buy for that kind of information. | Exam and Assessment department handles many exam papers every year. This information is highly confidential. |
| Challenges come from | Internal authorized users. Since they have to access sensitive information throughout the daily operations, they can easily copy the information to external sources, such as USB storage devices and e-mail. For management, these users can still access the information, but they should not carry information out of the company by all means if they are not authorized. | ||
| Examples of internal threats | People who have rights to read those documents | ||
| Examples of sensitive documents | Urban plans, proposals | Patient’s information | Exam papers |
| Impacts |
|
||