INFORMATION SYSTEMS SECURITY

Privacy, Trust and Security in Information Systems

Name of the Writer

Name of the Institution

Privacy, Trust and Security in Information Systems

Introduction

The issue of the information security has importance not only for big organisations and their managers, but also for the small and medium sized companies. These issues of information security also have significance for the individuals who use it in their daily lives. The information and knowledge regarding the threats and dangers is no doubt an effective tool for the protection, and this is very helpful in preventing the creation of big problems regarding the privacy and security.

It is a big reality that the information systems have made today's world very fast and quick. They have become the need of today's business world in order to be competitive in the market. Even, individuals have a great demand for using them in their daily lives. However, beside the numerous advantages and benefits of the information systems, there is an issue with their security and privacy. People who use information systems have a threat of leakage of their personal information. In different hospitals, in fact, the issue is prevailing regarding the security and privacy of the patient's information. In large and medium sized corporations, they have a danger of the leakage of their company's data and confidential information which may result in a loss for the company. The question which we will answer in the paper is “How far can we rely on technology to protect our privacy?”

Discussion

The information security is a challenge for everyone who is using it today due to its privacy issues. The overall level of safety defined by the security level in an organisation, the precautions and measures must be considered in relation to vulnerabilities in the context in which the information system is expected to provide service and support. Two types of damage can affect the information system of an organisation:

The financial damage: it is the form of a direct damage (such as rebuilding databases that have disappeared, reconfigure workstations, and rewrite an application) or indirect which is (compensation for victims of piracy, theft a secret and the loss of commercial markets).

The loss or decline of the brand: there may be a loss by the negative publicity around inadequate security (for example, in the case of phishing), or indirect loss which happened with the decline of public confidence in the company. For example, common techniques of defacing (a redesign of a website) allow a malicious person to highlight security vulnerabilities on a web server. They may also take advantage of these vulnerabilities to spread false information about its owner which is known as the misinformation (Layton 2007, 90).

The consequences may also affect the privacy of a company or its employees, including the dissemination of confidential information such as bank details, their assets, and confidential codes. Generally speaking, preservation of data on persons which are subject to legal obligations is governed by the Data Protection Act.

To avoid such eventualities, managers of information systems have long ...