The Chief Privacy Officer has also expressed an objection about this project. The CPO is concerned about the privacy implications of tracking both movement of individuals and the tracking of their purchasing behaviors.
1. Purchases for craft materials and snacks by children (under the age of 13) attending a hotel sponsored “kids club” program.
2. Purchases by Individuals attending a music festival or other event where IDs must be checked to establish proof of age (legal requirement for local alcoholic beverage consumption).
3. Purchases by attendees at trade shows (attendees are “adults”).
Pick one of the three use cases listed above. Then, follow the directions below to complete the required research and write your final report.
1. Read / Review the readings in the LEO classroom.
2. Read this introductions to RFID technologies: https://www.gettoken.com/beginners-guide-rfid-technology-events/
3. Research one or more of the Use Cases
a. Children: 8 Benefits of Using RFID Wristbands for Resorts & Attractions (see section 4: Family Freedom) https://www.idcband.com/en-us/blog-us/8-benefits-of-using-rfid-wristbands-resorts-attractions/ and https://tappit.com/rfid-wristband-safety/
b. Managing Adult Attendees at Music Festivals (includes RFID bands linked to twitter, Facebook, and credit/debit card) http://www.techradar.com/news/world-of-tech/rfid-wristbands-vs-nfc-smartphones-what-s-winning-the-contactless-battle-1167135
c. Tracking Adults at Trade Shows http://www.universalrfid.com/product/rfid-labels-provide-technology-at-trade-shows/ and https://blog.printsome.com/rfid-wristbands-good-bad/
4. Choose one of the Use Cases then find and review at least one additional resource on your own that provides information about privacy and security related laws that could limit or impose additional responsibilities upon Padgett-Beale’s collection, storage, transmission, and use of data about guests. (Note: laws may differ with respect to collecting data from or about children.) You should also investigate laws, regulations, or standards which impact the use of the RFID bands for mobile purchases.
5. Using all of your readings, identify and research at least 5 security and privacy issues which the IT Governance Board needs to consider and address as it considers the implications of your chosen use case upon the adoption or rejection of the proposed IT project (Event Management Platform & RFID bands).
6. Then, identify 5 best practices that you can recommend to Padgett-Beale’s leadership team to reduce and/or manage risks associated with the security and privacy of data associated with the event management platform.
Write a five to seven (5-7) page report using your research. At a minimum, your report must include the following:
1. An introduction or overview of event management systems and the potential security and privacy concerns which could arise when implementing this technology. This introduction should be suitable for an executive audience. Provide a brief explanation as to why three major operating units believe the company needs this capability.
2. An analysis section in which you address the following:
a. Identify and describe your chosen Use Case
b. Identify and describe five or more types of personal / private information or data that will be collected, stored, processed, and transmitted in conjunction with the use case.
c. Identify and describe five or more compliance issues related to the use of the RFID bands to make and track mobile purchases.
d. Analyze and discuss five or more privacy and security issues related to the use case.
e. Identify and discuss 3 or more relevant laws, regulations, or standards which could impact the planned implementation of the event management system with RFID wrist bands.
3. A recommendations section in which you identify and discuss five or more best practices for security and privacy that should be implemented before the technology is put into use by the company. Include at least one recommendation in each of the following categories: people, processes, policies, and technologies.
4. A closing section (summary) in which you summarize the issues related to your chosen use case and the event management platform overall. Include a summary of your recommendations to the IT Governance Board.
Submit your research paper in MS Word format (.docx or .doc file) using the Research Report #2 Assignment in your assignment folder. (Attach your file to the assignment entry.)
1. To save you time, a set of appropriate resources / reference materials has been included as part of this assignment. You must incorporate at least five of these resources into your final deliverable. You must also include one resource that you found on your own.
2. Your research report should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
3. Your research report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use.
4. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
5. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.)