Problem Statement
The research problem of the paper is closely associated with the necessity to discuss the issues of personal information privacy, and evaluate the means of information protection. Originally, the means and tools of information protection entail various aspects of privacy and protection in general, consequently, none of them ma be regarded as fully effective. Thus, the key research question of the paper is to consider the matters of compromises and implementation of the privacy defense tools. The experiment, which is provided in the paper, will examine the type of technology that organizations use.
The key requirement of the paper is to provide the adequate literature review on the matters of confidential information security and privacy defense. Additionally, practices, implemented by various organizations should be regarded, as the practical implementation of the security principles often differs from the theoretical grounding. In the light of this statement, it should be emphasized that the paper should touch upon the matters of security tools reliability, and credibility of security system failure. Additionally, the legislative issues of data protection should be regarded, as the values of technical security can not be regarded a full fledged system without legislative support.
The research aspects of the paper should entail various types of confidential information which are financial, internet, medical and political information. Thus, basing on the central aspects of the paper, and the discussed questions, the conclusion of the paper should provide the summary on the matters of security tools compromises, and the values of information security in general.
Purpose of the Study
The research is mainly qualitative, as searching of all the corresponding compromises is closely associated with the matters of the quality of the tools and measures, which are implemented in various organizations. On the other hand, some quantitative elements will be required for evaluating the effectiveness of the privacy defense tools. Originally, the value of the research is covered in the statement that information security and privacy defense measures generally define the loyalty of the consumers, as the safety of their information is of vital importance for them, and for the organization, respectively. Thus, in accordance with Gerstein (2005, p. 561), the following statement should be emphasized:
Information protection and privacy is a cornerstone for effective governance, risk, and compliance management. Information security prevents and detects breaches or instances of fraud that could adversely impact the integrity of corporate and customer data. Yet organizations struggle to develop an effective strategy for enterprise security. While insufficient protection can lead to significant damage from legal, business, and regulatory risk, excessively restrictive security policies can be detrimental to worker productivity and collaboration.
In the light of this statement, there is strong necessity to emphasize that the values of the mixed research approach are closely associated with the expanded opportunities. Consequently, the analysis of the privacy defense measures will be analyzed from the position of information protection, privacy defense and security of the personal data, which is of particular importance for various organizations and for consumers of these organizations.
Research Questions
The main aim of the research is to investigate and analyze various aspects of privacy defense and information security, considering the aspects of security components, and the spheres of information, which should be secured. Thus, the main research question is:
- What tools are used by the organizations for protecting the business and consumer information? How these measures are combined, and what are the advantages and disadvantages of such combination and compromise finding.
Thus, the sub question will be:
- Whether management teams apply sufficient efforts for elaborating and implementing the effective data protection policy, and whether the applied tools are effective enough for the protection of the information from disclosure or external attack?
The set of the research questions:
- Whether the security standards of the analyzed organizations meet the standards of the global information security practices.
- What are the general risk factors?
- How individuals treat the necessities of observing the security rules, and how this attitude influences the security measures.
Hypothesis
The hypothesis of the research is closely associated with the values of the improving standards of the information security. Originally, all the research questions and concepts, stated in the purposes of the study, are aimed at revealing the tendency of the security standards improvement. Thus, the hypothesis will be the following: aggravation of the external attacks, disclosures of the information privacy and violation of the security riles improves the entire security standards set, and makes the security system more stable and reliable as a result.
Literature Review
Considering the hypothesis, literature review should focus not only on the contemporary security standards, but also historical issues of the privacy defense and security development.
Historical Aspects
Thus, the historical values and tendencies are accurately described by Hinojosa (2005, p. 156). In the research, based on the global experience of information privacy defense, the following statement is emphasized:
Since the early days of writing, heads of state and military commanders understood that it was necessary to provide some mechanism to protect the confidentiality of written correspondence and to have some means of detecting tampering. The rapid growth and widespread use of electronic data processing and electronic business conducted through the Internet, along with numerous occurrences of international terrorism, fueled the need for better methods of protecting the computers and the information they store, process and transmit.
In the light of this statement, the values of historical development should be considered for the entire research and analysis of the organizations, as the mistakes, and violations of the security rules are often of the same origin: negligence, inaccuracy or extensive care of security, which makes users leave easily reachable reminders.
Theoretic Approaches
Considering the theory of data privacy, it should be emphasized that academic approaches of security and privacy assurance are closely associated with the matters of appearing innovative technologies, which are vulnerable for the external attack. Thus, numerous aspects of security should be considered from the theoretical point of view: Confidentiality, Integrity, availability and authenticity. On the other hand of security risk management is placed, nevertheless, it relates privacy defense indirectly. Thus, the following statement should be considered on the matters of integrity, which is generally regarded as the key aspect of privacy theory:
Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and so on. (Lohmeyer, Mccrory et.al. 2002, p. 67)
From the perspective of this statement, there is strong necessity to emphasize that the restricted access is not a solution, as the most hazardous aspect of security measures violation is the knowledge gap, which causes the dangerous consequences not only for the data, but for the entire security system in general.
Methodology
The method of the research will be based on the research of various security measures, and the privacy defense guarantees, provided by the organizations, which will participate in the research. Considering the statement that the objective of the research is to investigate privacy relationships among consumers, financial organizations, and federal agencies, it should be stated that the research methodology is closely associated with the matters of security factors, such as:
- Combination of the privacy defense tools
- Analysis of the internal and external dangers
- Constant amendments of the security principles, based on the external factors, and the changing security environment
- Educational and social programs for employees and consumers on the matters of security.
On the other hand, the aspects of information integrity, described in Golden (2008) will be analyzed by creating the information access map, and evaluating the concepts of data availability in general.
The variables of the study entail the amount of the employees and consumers in any organization, who may potentially violate the security rules. These are the employees and consumers who neglect security in favor of comfort. (Cordesman and Cordesman, 2002). The measurement of the security in general should be based on the global security tactics and tendencies, associated with security system failures, and the relation of these failures to company’s local failures.
Reference
Cordesman, A. H., & Cordesman, J. G. (2002). Cyber-Threats, Information Warfare, and Critical Infrastructure Protection : Defending the U.S. Homeland /. Westport, CT: Praeger.
Gerstein, D. M. (2005). Securing America’s Future: National Strategy in the Information Age. Westport, CT: Praeger Security International.
Golden, J. R. (2008). Economics and National Strategy in the Information Age: Global Networks, Technology Policy, and Cooperative Competition. Westport, CT: Praeger Publishers.
Hinojosa, P. (2005). Information Security: Where We’ve Been and Where We Need to Go. T H E Journal (Technological Horizons In Education), 32(7), 36.
Lohmeyer, D. F., Mccrory, J., & Pogreb, S. (2002). Managing Information Security. 12