3Q.docx2.3 Discussion: Privacy and Information Security
1. Conduct a critical analysis and, in at least 150 words, respond to at least two of your classmates’ postings, as well as any follow-up instructor questions directed to you, by the end of the workshop.
2. Each response to your classmates should be at least 150 words in length and include a citation to one credible information source. The response citation should follow APA formatting.
Peer Review 1:
These concerns involve the misuse or, rather, the inappropriate usage of personal data without their knowledge. Additionally, there are concerns about government surveillance. The government tends to spy on its citizens without their knowledge (Conklin, 2009). The government uses the information of these individuals to understand more about their citizens, which amounts to the breaching of privacy rights. The privacy concern is the most relevant concern resulting from the use of the internet and technology. Technology enables companies to gather personal data from many different sources and analyzes them to create individual profiles. This information is accessible to cookies and used without the owner's consent. Therefore there is a need to enforce laws protecting people from violation of their privacy rights.
The state shall make or enforce any law which shall abridge the privileges or immunities of citizens of the United States; nor shall any State deprive any person of life, liberty, or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws. Title VII, the ADA, and GINA cover all private employers, state and local governments, and education institutions that employ 15 or more individuals. These laws also cover private and public employment agencies, labor organizations, and joint labor-management committees controlling apprenticeship and training.
The current emerging technologies like artificial intelligence requires that the privacy rules should be modified. The advances in the technology will make it difficult for the old privacy norms to be effective and thus will require certain changes in it. Out of the many artificial intelligence is one of those. Since this is also a human developed system so, it can be breached easily and also a false program can be set by the developers. It saves the users personal and professional information which is also an issue and requires remedies to be developed. It needs to be kept safe with a high security system as this saves a large amount of personal information of the users which includes passwords, fingerprints, retina scan and many others in different-different ways (Holzinger, 2019).
Peer Review 2:
The widespread use of information systems has spawned a new set of legal, ethical, and social issues. Concerns surrounding how personal data should be handled, online privacy, and maintaining the confidentiality of such information continue to raise ethical questions. Companies are collecting so much personal data to establish patterns about customer preference, purchase patterns, and improving user experience without getting consent from them. Technology makes work easier for enterprises by utilizing the vast amounts of data they collect from their customers. However, ethical and legal issues arise when a business sells that information to another business for a profit (Tanwar, 2019). I consider information mishandling the most severe security risk as it has severe consequences regarding breach of privacy and making online users vulnerable to cyber-attacks. Existing laws on data protection include CFAA, Homeland security act, and FISMA prescribe mechanisms for prosecuting cyber crimes for both civil and criminal penalties. Sometimes it becomes difficult to investigate cyber-crimes when parties involved are from different countries. Lack of harmonized laws on cybercrimes, computer misuse, and data protection has created safe havens for cyber-criminals (Tanwar, 2019). Lack of cooperation and absence of cyber laws in some of these countries affect law enforcement. This results in investigations being discontinued or delayed. Cyber-criminals usually operate anonymously, and therefore locating their physical location to extract digital evidence is a challenge. A holistic approach comprising administrative, legal, and technical protection measures should protect user privacy. Despite the growing cyber-security risks, organizations can structure remediation strategies in addition to compliance risks assessments to protect users' privacy in real-time. Remediation efforts should be integrated with information security strategies to minimize the impact of a risk, thus protecting the organization's reputation, maintaining customer trust, preventing the risk of losing revenue, and avoiding legal penalties. Information visibility, access control, increasing scale of data, and increased maintenance cost are some of the challenging data privacy issues that will continue to be an existential threat to information privacy in the coming days (Tanwar, 2019).
3.1 Assignment: Devotional
1. Review the material in the "Getting Started" section above, and read Romans 8:7, Proverbs 19:21, and Matthew 7:12.
2. Be sure to address the following prompts in your paper:
a. In what areas of your professional life could the Golden Rule, Matthew 7:12, apply?
b. How should this rule be used in developing a governance plan in technology?
3. Your paper should be at least 250 words in length.
3.2 Discussion: Article Reading
1. In the discussion link below, respond to the following questions:
a. What was the most useful takeaway for you from this workshop’s reading?
b. What concept from the reading is the most applicable to you now in your profession, and how might you implement it?
3.3 Discussion: IT Governance
1. Review the articles from 3.2 Discussion:
b. Governance Over IT Service Management Processes Using COBIT 5.0
2. In the discussion linked below, respond to the following prompts:
a. Provide a summary of IT governance and the use of COBIT. How would using a framework like COBIT help enhance the concerns for managing an IT infrastructure and enforcing best practices? Can you identify another governance framework and compare it to COBIT?
b. Compare and contrast lean IT governance practices to those of a standard governance framework.
c. Considering the current governance frameworks, discuss change and improvement in the governance program, such as key points when the plan should be modified.
3. Your initial post should be a minimum of 300 words and is due by the fourth day of the workshop.
3.4 Assignment: PowerPoint Presentation
1. Develop a short PowerPoint presentation that would be given to management on the benefits of implementing an IT governance program.
a. Provide the pros and cons of such a project.
b. Include a section that discusses how lean IT governance could enhance such a program.
2. The presentation should be a minimum of 10 slides and should include an introduction, conclusion, and recommendations.
3. Be sure to use good grammar and formatting. The first slide should provide an introduction, and the last slide should list any references used in the presentation using APA formatting.
