Privacy at CNMCyber
Privacy at CNM Cyber (hereinafter, the Lectio) is the lesson part of the Cyber Security Essentials lesson that introduces its participants to CNM Cabin. This lesson belongs to the Introduction to CNM Cyber session of the CNM Cyber Orientation.
Content
The predecessor lectio is User Data in Cyber.
Key terms
- User data. Any data that the end-user of a particular system creates or owns.
- Username (login name, account name, handle, or, rarely, ID). The humanly-readable name of user account that the end-user utilizes to access that account. A username is an essential part of user data.
- Password (passcode). Any string of characters that is used to confirm user's identity. The NIST Digital Identity Guidelines defines a password as "the secret is memorized by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant's identity.
Script
- The CNM Cyber Team strives to protect your sensitive data as much as the data can be protected.
- On the policy side, the Team tries to adopt very strict protocols to ensure data security, confidentiality, and privacy. Particularly, your sensitive data shall be encrypted whether the data is at rest or in transit. In that way, those who work on CNM Cloud can get only logical access to the data.
- On the technology side, the administrators of CNM Cyber are required to follow general cyber-security rules -- all its software is regularly updated, new patches are timely applied, constant monitoring is in place, and so on.
- On the human side, each administrator and bureaucrat who works on CNM Cloud is required to pass security clearance and sign a non-disclosure agreement (NDA). This agreement legally binds this associate to keep your information in secret.
- However, some of your data cannot be private. For instance, the CNM Cyber Team cannot secure your posts at CNM Social, comments at CNM Page and CNM Tube, as well as anywhere where the other users can see openly them.
- Although the texts of your posts at CNM Cert and CNM Wiki cannot be private, the CNM Cyber Team may attempt to protect your identity, while assigning you a user alias and using that alias other than your username.
- To add, apprehensions about data theft and privacy are obvious since CNM Cloud Foundation uses a public cloud. This may change when the Team deploys a new hybrid cloud, but some data would still be stored remotely rather than on the Team's premises.
What CNM Cloud Is is the successor lectio.
Questions
Lectio quiz
- The answer is recorded for the lectio completion purpose: