Securing data from hackers,continuous monitoring to secure information system , cyber war , ethics, e-policies(Business Intelligence)

A paradigm shift is being observed, companies are into the war competing for the data. I vividly remember, opinioned by Jack Ma in World Economic Forum, (2018), “Data is the human nature”. But to make situation worse, the competition is not only limited with the country but it is being contagious and contaminated globally. On the one hand, the risk of nuclear war could not be declined very soon and sadly to aggravate the situation, we are already into the data war, “the cyberwar”.

North Korean is blamed for performing a hack to steal cryptocurrencies of South Korea (Kharpal, 2018), similarly, Russia intervention in US presidential election 2016 could not be forgotten till. So, protecting data in the organization as well as in a country level is of paramount importance. But tradeoff exists in between the data protection and ethics. The question hammers how far should the manager go to check and balance data secureness. The risk can generate from internal sources like employees and management or also from external sources like hackers and cybercriminals or so-called cyber mafia. The protection mechanism concentrates in two continuums, i.e. the people and the technology.

Firstly, the questions pop, how are our employees performing, are they manipulating or tampering the data? Since employees are the one who has easy access to the pool of data, their unethical approach and misconduct will be detrimental. So, as stated by (Baltzan, 2014), the company should have well defined “Epolicies” which clearly states the company code of conduct. It specifies and states the ethical computer use policies, information privacy policies, acceptable use policies, email privacy policies, social media policies, and workplace monitoring policies.

As per the article entitled “Insider Threats as the Main Security Threat in 2017”, Alphabet, Google’s parent company has sued its former engineer Anthony Levandowski, currently working for the Uber. The company has accused him of copying more than 14000 internal files to the new company. The danger of insider threats goes dipper as they can go undetected for years, employees can easily cover their actions and often sometimes it is hard to prove them guilty. So, fighting against such information breach could be through background checks, watching employee behaviors, controlling user access and educating employees. Companies can use internet monitoring technologies like keyloggers; that records every keystroke and mouse click, cookie; a small file that resides in the hardware with the data of various site visits, hardware keyloggers; adware, spyware, weblog et cetera.

Whereas as mentioned above educating employee is also unequivocally important, they have to be taught well. Often, they are miss led by hackers through spamming, spoofing, skimming, denial of service activities. If they mistakenly click into some undisclosed links sent in their email, it could erode overall data mechanism of the organization.

Secondly, the technology will help the company to protect from the unauthorized use and access from an insider and the hackers. The issues of identity theft, phishing, spyware, adware, and pharming are in raise, the authentication, and authorization mechanism will help to confirm the issuers before giving them access to the company's data pool. It could be done through specific ID and passwords, tokens, smart cards, biometrics verification. Further through encryption, the company can hide its message which makes the hacker impossible to read the messages. It is done through private and public key.

As per (Baltzan, 2014) content filtering prevent the suspicious emails containing virus and spam from spreading. Similarly, most of the company uses the firewall to protect the security breach. It can be hardware or software that works as a gatekeeper for the company. It stays in-between the company’s server and external web network and analyzes the information leaving and entering the company’s network.

Data protection is a critical issue as it provides competitive advantage to the company, and could be done through the appropriate implementation of epolicies and effective use of technologies.

References

Baltzan, P. (2014). Business Driven Information System, 4th Edition. McGrawHill.

Kharpal, A. (2018, January 17). North Korea government-backed hackers are trying to steal cryptocurrency from South Korean users. Retrieved from www.cnbc.com: https://www.cnbc.com/2018/01/17/north-korea-hackers-linked-to-cryptocurrency-cyberattack-on-south-korea.html