A Key Concept in Information Systems - Term Paper Example

A KEY CONCEPT OF INFORMATION SYSTEMS Number Lecturer a) Overview of information systems and information system security. An information system is a system made of hardware, software, people and procedures that interact together to achieve a particular task. Additionally, information systems have environments, boundaries purpose and interactions in which they operate. Since the introduction of information systems, they have gained numerous applications and use in most organizations, industries and businesses (Stair & Reynolds, 2011). Some of the common information systems used today include transaction processing systems, knowledge management systems, decision support systems, database management systems and learning management systems (Stair & Reynolds, 2011). Information technology is also a fundamental component of information systems. Technologies such as the internet, artificial intelligence among others are critical in helping humans to perform activities and tasks that are difficult and tiring for humans such as handling huge volumes of data and information, accurately controlling simultaneous processes and performing complex calculations (Stair & Reynolds, 2011). Over the past decade, information systems have become an integral part of any organization or business. It plays a fundamental role in determining the daily operations and sustainability of the business or organization in the future. Consequently, it has become a critical aspect of information systems management to identify critical issues that affect the operation and use of information systems (Peltier, 2013). The several concerns include personal, legal, ethical and organizational issues that result from the use of information systems. The development of this concept was mainly occasioned by the increased compromise of confidentiality, integrity, completeness and accuracy of data and information that is stored in the information systems. Activities such as e-mails, malware, freeware and shareware, phishing, piracy, hacking among other threats are some of the common issues affecting the information systems all over the world. Consequently, a key concept in information systems is ensuring privacy, confidentiality, accuracy and completeness through information system security (Peltier, 2013). b) Current use of the concept of information system security Information systems are used in major government agencies, public institutions such as health facilities and also in the private sector for different purposes. With the increasing threats to information systems from external and internal sources, these organizations must ensure availability or reliable information security plans that address personal users of the systems, the general public and ensure these policies and plans are legal and ethical (Whitman & Mattord, 2011). According to the Whitman & Mattord, (2011) it is mandatory for any organization with information systems to have an information system security plan or policy. The government security agencies made this a requirement after the 911 attack on the World Trade center. The most common threat to information systems in the current age is unauthorized access through hacking, phishing, tapping among others. Information systems in organization are currently secured through the use of firewalls, intrusion detectors and physical security mechanisms to address unauthorized access (Ifinedo, 2012). The most targeted organizations include the government agencies, financial institutions and security agencies. For this reason the government has focused more on the concept of information system security. Most security agencies now require security clearance to access some of their facilities that have mega information systems for defense and scientific research purposes. Security policies and protocols such as privacy policy are used in almost all the public institutions as well as private institutions that deal with data and information relating to the public (Ifinedo, 2012). Mechanisms used for information systems security include security awareness and training, use of information systems security policies, procedures, standards, guidelines and baselines. Organizational security models such as ISO/IEC 2700 series and COBIT 4.X are commonly used by the organizations (Bélanger & Crossler, 2011). c) Common attitudes towards information systems and information system security. The implementation of the security controls to information systems as an objective of information system security involves having access to some personal and sensitive data and information. Most users have a negative attitude towards information security controls and mechanisms when it is applied to them (Rhodes-Ousley, 2013). This is normally the case in work places and offices where emails and employee activities are monitored closely as a way of ensuring information system security. There has been an argument that information system security controls have often infringed on privacy and contravened the privacy Act (Bélanger & Crossler, 2011). The implementers of these security controls have however argued that the greater good and benefits outweigh the concerns to privacy. Generally there are mixed attitudes towards the concept of information system security. Others view it as a noble idea that is aimed at securing some of the most critical information systems. However, few people have concerns with the way some of the controls are implemented particularly in the public institutions and government institutions (Bélanger & Crossler, 2011). From a personal perspective, I believe information systems have a great impact and huge potential of changing the way things are done in all sectors of the economy. With this impact come security threats that could cause a far greater damage to the organization and the society at a large. I therefore believe that the implementation of security measures and controls for information systems should not be viewed negatively since it is for a common good. d) Fundamental strengths and weaknesses of information systems and information system security. Before introduction of information systems, many activities and tasks were almost impossible or took too long to complete. A lot of time, money and other resources were used to complete some of the simple tasks and activities in most organizations. Information systems have greatly facilitated the completion of complex tasks that could otherwise require a lot of human effort. Additionally, they have greatly increased the pace at which activities are done and hence facilitating quick and reliable decision making process (Peltier, 2013). Information system security ensures that the information systems operate in a manner free from interference from internal and external factors. Information security rids the organization of security risks that are targeted at information systems which are an integral part of the organization. Information systems and information systems security concepts allows the users of different information systems in different organizations the ability to work in a pleasant and secure environment. Information systems security helps the government and other agencies to store confidential information that is top secret from falling into the wrong hands. On the other hand the concept of information systems and information system security has some disadvantages (Peltier, 2013); Information systems are greatly affected by information technology, therefore, a change in information technology will also need changes and upgrades to be made to the information security controls and strategies. Information system security requires comprehensive coverage and security, any loop holes in the system is a vulnerability to the information system and the organization. Security controls in information systems sometimes slows down processes if authorization is needed at all times. However, the advantages of information system security outweigh the disadvantages of the information system concept. e) Expert Views on the future of information systems and information system security According to Antony Nadalin of IBM, Information systems have a greater role to play in the future of most organizations. Artificial intelligence is being readily Inco-operated in most organization that need rapid decision making. Manufacturing industries and organizations will purely use the information systems such as computer aided manufacturing and design (Feng & Li, 2014). Alan Shimel of still securities believes that information system security is bound to face more challenges in the future courtesy of the change in information technology. Consequently, experts in this field must continuously explore ways of upgrading and improving information system security controls and frameworks. Technology keeps changing and thus anything that relies on technology must be able to adapt to the new change. Hackers and unauthorized intruders keep sharpening their skills and causing tremendous havoc in the information systems. Research and studies into information system security must be allocated adequate resources to ensure preparedness for any security threats and risks in the future (Feng & Li, 2014). Finally, Martin Mackay opines that with the strides made in the development of information system security and the governments stamp in the need for securing information systems in all organizations, there is hopes for a bright future in information system security. It is still important to note the government’s role in terms of policy and guidelines as well as legislative work will ultimately shape the future of information systems and information systems security (Feng & Li, 2014). References Bélanger, F., & Crossler, R. E. (2011). Privacy in the digital age: a review of information privacy research in information systems. MIS quarterly, 35(4), 1017-1042. Feng, N., & Li, M. (2014). An information systems security risk assessment model under uncertain environment. Applied Soft Computing, 11(7), 4332-4340. Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95. Peltier, T. R. (2013). Information security fundamentals. CRC Press. Rhodes-Ousley, M. (2013). Information security. McGraw-Hill. Stair, R., & Reynolds, G. (2011). Principles of information systems. Cengage Learning. Whitman, M., & Mattord, H. (2011). Principles of information security. Cengage Learning. Read More