1

Ubers Assurance Policy

Student’s Name

Institution of Affiliation

Course Code: Course Name

Due Date
 2

Introduction and brief history of organization.

Since its inception in 2009, Uber Technologies, Inc., also known as Uber, a multinational

transportation technology firm has revolutionized travel across cities (Traum,2015). Garrett

Camp and Travis Kalanick founded the business, with an intent to be an app-based service to

rival conventional cab services.

At first, the service catered to the affluent segment providing luxurious chauffeured

vehicles. However, Uber quickly saw the opportunity to appeal to a wider audience and

broadened its offerings to include more reasonably priced choices like UberX, allowing regular

people to use their own cars as part of the Uber network.

Uber grew swiftly and in a surprising manner. The company's ground-breaking business

strategy, which combined GPS navigation, smartphone technology, and a network of independent

drivers, immediately became well-liked in cities all over the world. Uber offered a dependable,

easy-to-use software that connected drivers and passengers in a smooth manner, making it a cost-

effective substitute for traditional taxi services.

Uber made history in 2019 by being one of the biggest initial public offerings (IPOs)

ever, establishing the company as a prominent force in the transportation and technology

industries. Uber continues to be a dominant force in the ride-hailing market despite obstacles and

rivalry from competitors. It innovates and grows its service offerings to satisfy the changing

needs of customers worldwide.

Ubers information assurance policy is aimed at guarding against security lapses and risks

to its operations, data, and systems (Jordan,2017). The following are key areas that Uber's

information assurance policy covers.

 3

Data Protection and Privacy: Uber has extensive policies in place safeguarding the

confidentiality, integrity, and privacy of data as it involves sensitive personal and financial

information. This involves adhering to pertinent privacy laws like the California Consumer

Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), as well as encryption

standards, access controls, and data retention policies.

Security Controls and Standards: Uber has certain security controls and standards to

protect its networks and systems, and are outlined in the policy. Implementing security

awareness training for staff members and deploying firewalls, intrusion detection/prevention

systems, antivirus software, and secure coding techniques are a few examples of such methods.

Information Security Governance: The general structure for managing information

security inside the company contains procedures for supervision and accountability in addition to

the roles and duties of important stakeholders like the security team or the Chief Information

Security Officer (CISO).

Uber's information assurance policy covers compliance with pertinent laws, rules, and

industry standards pertaining to information security, as well as auditing requirements

(Calo,2017). To guarantee compliance with both internal and external regulations, this entails

conducting routine audits and assessments.

Uber has been under investigation and criticism on multiple occasions for information

misuse. Uber has taken action to resolve these problems, but it's important to remember that

there have previously been concerns raised about the company's handling of user data

(Collier,2018). Here are a few noteworthy occurrences;

 4

God View Tool: The disclosure of Uber's "God View" tool was one of the

company's most prominent cases of information misuse. Serious privacy concerns were raised

when Uber employees were capable of to track the whereabouts of users and vehicles in real-

time using this tool. There have been rumors employees tracked the whereabouts of notable

individuals, celebrities, and even ex-partners using this technique without their consent. Due to

this privacy breach, Uber received a lot of negative criticism.

Data breaches: Uber has also been a part of a number of data breach instances. The

business revealed in 2016 that over 57 million Uber drivers' and users' personal information had

been compromised by hackers. Uber paid the hackers to remove the stolen data and keep the

breach a secret rather than reporting it right away. Due to this occurrence, there were legal and

regulatory fallout, including fines and government inquiries.

Ubers enhancement of its security data should entail implementation of data encryption

aimed at protecting data. Adoption of access controls and secure development practices by use of

secure code practices. Through the above-named practices Uber will improve the security of its

data and reduce the possibility of data breaches, illegal access, and other security risks by putting

these suggestions into practice. Uber must constantly assess and enhance its security protocols in

order to stay ahead of changing threats and keep users' trust.

 5

References.

Traum, A. B. (2015). Sharing risk in the sharing economy: Insurance regulation in the

age of Uber. Cardozo Pub. L. Pol'y & Ethics J., 14, 511.

Calo, R., & Rosenblat, A. (2017). The taking economy: Uber, information, and

power. Colum. L. Rev., 117, 1623.

Jordan, J. M. (2017). Challenges to large-scale digital organization: the case of

Uber. Journal of Organization Design, 6(1), 11.

Mitchell, E. (2015). Uber's loophole in the regulatory system. HLRe: Off Rec., 6, 75.

Collier, R. B., Dubal, V. B., & Carter, C. L. (2018). Disrupting regulation, regulating

disruption: The politics of Uber in the United States. Perspectives on Politics, 16(4), 919-937.