What would be a good response on the new emerging technologies and their influence on customer security and privacy on the following statement?

Our company has a few policies and procedures in place to safeguard internal, confidential, and classified information. Microsoft Outlook provides the ability to send emails encrypted. We must utilize this function if we are sending an email to someone external and it has customer-sensitive information in it. Additionally, we are unable to share account numbers or social security numbers through our instant messaging system, Microsoft Teams. When I started with this company, 11 years ago, these procedures were not in place. It is only recently that this information has become even more safeguarded - I assume because people were not following the proper procedures which led to sensitive information being released, even if unintentional. Also, all of our incoming and outgoing emails are monitored - it is labeled internal, external, or threat. Threats do not make it to our inbox.

I work remotely therefore when I log online I must use a VPN. It is also recommended I use a jetpack to connect to the internet. To log into my computer I need a 10-digit numerical password, another username with an 8-character password that has at least one of each: capital letter, lowercase letter, number, and a symbol. Once I am logged in I must use a four-digit code to unlock the password that allows me to access my VPN. Then I sign into my VPN. It is a somewhat lengthy process, but it ensures that my computer cannot be utilized by anyone else.

"Organizations that collect PII are responsible to protect it. The Department of Commerce recommends that 'organizations minimize the use, collection, and retention of PII to what is strictly necessary to accomplish their business mission.' They go on to state that 'the likelihood of harm caused by a breach involving PII is greatly reduced if an organization minimized the amount of PII it uses, collects, and stores." (Bourgeois, ) Every year we go through training and assess our knowledge regarding the use of technology and how to protect ourselves against threats online as well as tested throughout the year with phishing attempts from our security department. Additionally, our training also covers the differences in the way we classify information and how to properly dispose of or retain it. We are bound to a code of ethics certifying that we will not utilize or seek out any information that is not necessary to our job function. Technology helps mitigate the risks of a leak in confidential information, but it is ultimately up to us, the employees, to make sure we follow the proper procedures to keep information safe.