Information Technology- The Privacy, Management and Control within a Business

Information Technology- The Privacy, Management and Control within a Business

Introduction

The importance of security and privacy management has increased as witnessed by the increasing number of security and privacy breach incidents that organizations have encountered within the last few years. For instance, the website privacyrights.org details nearly two thousand data breaches made public since 2005 that have compromised over a half million personal records. Security and privacy management is especially challenging in that users vary widely in level of motivation, knowledge, and perceptions of threat severity. The decentralized computing environment in which end users exercise some degree of autonomous control over IT resources further complicates security management efforts. To address these complex issues, we solicit research papers on the design and usability of tools and technologies employed for all types of IT security management tasks, including those utilized by both end users and IT administrators. A fully functional IT environment requires a consolidated and convincing set of privacy and security safeguards in place at various levels: system, user, organizational, and sector.

Information technology embraces computers, telecommunications and software systems that aid the organization, transmission, storage and utilization of what might better be called the 'knowledge resources' dealt with above. The range of equipment and the variety of specialized knowledge needed for their effective control is enormous and for these reasons information technology is often dealt with by different sections in organizations. Thus, telecommunications, including telephone systems and facsimile transmission systems, are often controlled separately from the computer resources of the organization. Similarly, functional divisions of an organization often have more expertise in the matters underlying software packages (for example, for accounting purposes) than the computer managers. However, these technologies are merging, so that, for example, electronic mail may replace internal paper mail systems and, in some cases, external mail systems. Similarly, computer linkages between a manufacturer and the supplying companies may obviate the need for communication by other means. Consequently, there is an argument for requiring information technology (in all of these senses) to be managed under an umbrella that also covers the knowledge resources.

To these information resources we may add expert systems and other manifestations of developments in artificial intelligence, such as the 'learning' systems created through neural net technology. Systems of this kind, which draw upon other information resources and the personal knowledge of individuals, already play an important, but little documented, role in certain kinds of businesses (e.g. stock trading) and may become the principal means by which information is put to use in support of organizational objectives in the future.

The economics of information technology

As noted earlier, the fact that information resources have associated costs has been an intrinsic part of the idea of information management from the beginning. Indeed, the Commission on Federal Paperwork was set up to identify the ways in which the costs associated with preparing documentation to satisfy government regulations or to bid for government contracts could be reduced.

These are, however, broader issues than those ...