INFORMATION SYSTEM SECURITY

Information System Security

Information System Security

Introduction

It is of great importance to have ethical and social guidelines when collecting personal and private data. It is important because of Copenhagen Business School's ethical obligations, but the law also needs to be taken into consideration. Therefore it is important to develop an information system that has access control and first and foremost contains a sudden and well picked group of users. These users should be divided into different levels of access, where the BA(im) administrators have full access to all alumni data and the alumni have access to their own data at a level where they can read it but only correct or erase through an administrator. This will keep the data very reliable, updated and controlled. Furthermore we believe that there has to be an integrated tracking mechanism, to make sure that users who abuse the guidelines can be found and punished. This could be constructed in a way so that the IP is logged and saved, when a person logs in to the system. This will increase the users faith to the system, because they will feel confident that their personal information is in good hands. The punishment for unethical abuse of personal information should be remuneration from the database. Unethical abuse undermines the purpose of the database, and great resources should be put into preventing it.

Discussion

“utilising encryption on the Internet is the matching of arranging an armored car to consign borrowing card data from someone dwelling in a packing material carton to someone dwelling on a reserve bench.” Gene Spafford, computer security investigator, Purdue University.

This extract serves to mock the current grade of technical solutions directed to Internet founded transactions. An armored car is an inappropriate method of delivery if the recipient lives on a park bench and a cardboard ...