ITECH7402 Professional IT Culture: Privacy and Security Presentation

Verified

Added on 2023/06/04

AI Summary

This presentation provides an overview of personal and organizational privacy and security, including how privacy is breached, possible solutions, and threats to organizational privacy and security. It discusses the importance of protecting personal data and organizational information, highlighting potential vulnerabilities such as surveillance, unauthorized dissemination of information, cyber attacks, and insider threats. The presentation also outlines effects of privacy and security breaches, such as distortion of information, unavailability of data, and loss of customer trust. Furthermore, it suggests solutions like using strong passwords, ethical monitoring policies, government legislations, cryptographic encryption, firewalls, and biometric security measures. The presentation concludes by emphasizing ethical conduct in the IT security profession, including acting in the interest of society, adhering to the law, protecting confidential information, and maintaining high levels of integrity. Desklib offers a wealth of similar study resources for students.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Privacy and Security
Group presentation

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Personal Privacy and Security
• Personal privacy refers to the seclusion of an individual or information
about an individual from the public (Zhang, Sun, Zhu, & Fang, 2010).
• Privacy focuses on giving individuals more control of their personal
information.
• The level at which personal information is considered private depends
upon the individual person, laws, and policies, and culture and morality.
• Security refers to the protection of personal data from unauthorized
access.
• Security of personal data focuses more on ensuring the confidentiality,
availability, and integrity of personal data.

How personal privacy and security is
breached
• Surveillance which infringes on personal private environment
especially in the workplace.
• Unauthorized dissemination of personal information to either the
public or to parties who are not authorized to get the information
(Baek, Kim, & Bae, 2014).
• Use of online cookies which store browsing data in a website and
user’s passwords.
• Replication of personal data/ Information without the owner’s
consent.

• Cyber attacks which expose personal data.
• Masquerading which is where a person takes the identity of another
person.
• Participation in online surveys which have no reliable means of
ensuring privacy and security of personal data (Medaglia & Serbanati,
2010).
• Government agencies which tap communication lines and collect
personal data without informing the parties involved.
• Social media platforms which use personal data for purposes other
than the one in the privacy terms and conditions.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Possible solutions
• At individual level a person can avoid posting sensitive personal
information in social media.
• Use of strong passwords which have a combination of alphabets,
numerals, and symbols for online personal accounts (Sicari, Rizzardi,
Grieco, & Coen-Porisini, 2015).
• Adopting ethical monitoring policies in the workplace in order to
avoid infringing on personal privacy.
• Notifying web users about the presence of cookies and displaying the
cookies policy so that they can opt to accept or reject to have the
cookies record their browsing history

• Government legislations and policies that protect privacy of personal
information by restricting unauthorized exposure of personal data
without the owner’s consent.
• Use of copyrights and patents to protect individual intellectual
property from unauthorized duplication, this will ensure that no one
will use any intellectual property for commercial gains unless approve
by the owner (McDermid, 2015).
• Use artificial intelligence authentication techniques to prevent
masquerading.

Organizational privacy and security
• Organization privacy refers to the reservation of organizational affairs
within the organization.
• Organizational security refers to the protection of organization
information from cyber attack.
• Information is considered to be a strategic resource to many
organizations thus there is a need to guarantee its privacy and
security (Wall, Lowry, & Barlow, 2015).
• An organization handles very sensitive data, therefore, its privacy and
security also affect the privacy and security of its stakeholders such as
customers and suppliers.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Threats to organizational privacy
and security
• Eavesdropping- refers to the leakage of data to unauthorized entities
during transmission (Machanavajjhala & Reiter, 2012).
• Insider attack- refers to when individuals who are authorized to access
organizational system, use the information for purposes other than
the ones they are authorized to.
• Identity theft- refers to where an individual assumes the identity of
another individual and uses it cause harm to organization’s security
and privacy (Xu, jiang, Wang, Yuan, & Ren, 2014).

• Obstruction- refers to where an organizational system is interrupted
in its delivery of services, thus creating data vulnerability.
• Incapacitation- This is where an organization’s system is dissembled
from operating efficiently and effectively thus resulting to non-
availability of data which is a major security issue (Smith, Dinev, & Xu,
2011).
• Phishing- refers to taping organizational data while in the transmission
channel. The attackers mainly focus on getting authentication details
such as passwords or commercial details such credit cards details.

• Hacking- refers to intrusion into an organization’s information system
by a party who is not authorized to access the system. It is one of the
major threats to the security and privacy of organizations (Xu, jiang,
Wang, Yuan, & Ren, 2014).
• Virus attack- malicious codes that corrupts data and files. Mainly
done by attackers who want to destroy sensitive information.
• Denial of service attack (DOS)- This refers to creation of unnecessary
traffic in the system by an attacker in order to prevent some parts of
the system from working. It gives attackers a chance to penetrate the
system and leave without being noticed (Smith, Dinev, & Xu, 2011).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Effects of organizational privacy and
security breach
• Distortion of information- refers to the corruption of information
integrity thus leading to unreliable information (Martin, Borah, &
Palmatier, 2017).
• Unavailability- inability of the authorized parties in an organization to
retrieve desired data whenever needed (Zissis & Lekkas, 2012).
• Exposure- this is where organization’s data is accessed by
unauthorized entities.
• Deception- this refers to the presentation of false information to
decision makers in an organization.

continuation
• Injection of viruses into the organization’s system by malicious people
who gain access into the system. Such viruses may not be detected
instantly , therefore, they will become a long-term menace to the
organization.
• Loss of competitive advantage as a result of malfunction of the
organization’s information systems.
• Loss of customers’ trust especially to organization such as banks,
insurance companies, telecommunication service providers which
handle a lot of information about their customers.

Possible solutions
• Use of cryptographic encryption techniques such as private and public
keys to secure organizational data which is in channel/ on transit
(Kahate, 2013). The sender encodes the data using the private key
and the recipient decodes the data using a public key.
• Use of internet protocol version 6 (IPV6) to secure organizational
virtue local area networks. They restrict access by any device which is
not within the VLAN
• Use of firewalls to secure organization’s intranet from unauthorized
penetration from the world-wide web or the extranet .

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

continuation
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only. They can include finger print
detectors, facial recognition, and retinal eye pattern detectors
(Medaglia & Serbanati, 2010).
• Adopting cloud computing to back-up organizational data.
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only.
• Adopting cloud computing to back-up organizational data, so that it
can be retrieved when the main server fails.

Ethical conduct in IT Security
profession
• Act in the interest of the security of society and their clients.
• Execute their duties in accordance with the law.
• Conduct themselves with high levels of integrity.
• Protect confidential information gained while executing their duties
and not to disclose it to third parties or use it for unauthorized
purposes (McDermid, 2015).
• Should not maliciously destroy the professional reputation of their
colleagues

Continuation
• IT security professionals should not use their position to blackmail the
organizations they work for or their clients.
• The professionals should ensure that they adhere to ICT security
standards when addressing ICT security issues. This will prevent
future reoccurrence of the security threat (McDermid, 2015).
• The professionals should not conspire to conducting of internal attack
to the organization’s system. They should, therefore, report any
suspicious security issue to the relevant parties.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

References
Baek, Y. M., Kim, E. M., & Bae, Y. (2014). My privacy is okay, but theirs is
endangered: Why comparative optimism matters in online privacy
concerns. Computers in Human Behavior, 31, 48-56.
Kahate, A. (2013). Cryptography and network security. Tata McGraw- Hill
Education.
Machanavajjhala, A., & Reiter, J. P. (2012). Big privacy: protecting
confidentiality in big data. XRDS: Crossroads, The ACM Magazine for
Students, 19(1), 20-23.
Martin, K. D., Borah, A., & Palmatier, R. W. (2017). Data privacy: Effects
on customer and firm performance. Journal of Marketing, 81(1), 36-58.

McDermid, D. (2015). Ethics in ICT: an Australian perspective. Pearson
Higher Education AU.
Medaglia, C. M., & Serbanati, A. (2010). An overview of privacy and
security issues in the internet of things. In The Internet of
Things (pp. 389-395). Springer, New York, NY.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security,
privacy and trust in Internet of Things: The road
ahead. Computer networks, 76, 146-164.
Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: an
interdisciplinary review. MIS quarterly, 35(4), 989-1016.

Wall, J., Lowry, P. B., & Barlow, J. B. (2015). Organizational violations of
externally governed privacy and security rules: Explaining and
predicting selective violations under conditions of strain and excess.
Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security
in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
Zhang, C., Sun, J., Zhu, X., & Fang, Y. (2010). Privacy and security for
online social networks: challenges and opportunities. IEEE
network, 24(4).