How Should Organizations Monitor Employee Web Surfing and Emails - Annotated Bibliography Example

Article Review Topic Choice 2 Much of the knowledge stolen in an organization takes the form of tacit knowledge – knowledge that is used regularly but not necessarily in a conscious fashion. Today, identity theft and whos responsible are the biggest challenges faced by medical and financial organizations who keep social security numbers and perform financial transactions (via credit card, for example). At the same time, corporations for the sake of ease provide access to data from multiple points both inside and outside the organization. How (if at all) should organizations monitor employee web surfing and emails? When are security measures that an organization implements sufficient to comply with its obligations? Also devise a method for a medical or financial organization to determine its security measures are sufficient. Develop an organizational plan for information systems to address potential identity theft issues. Tacit Knowledge: Making It Explicit Reference Information: http://www2.lse.ac.uk/economicHistory/Research/facts/tacit.pdf Purpose of Study: Provide an understanding of tacit knowledge and the risks related to it. Sampling Comments: According to TACIT KNOWLEDGE(n.d), tacit knowledge is “information that the actor knows he has (how to catch a ball, tie a knot, and mark a line) but which he cannot, nonetheless, describe in terms other than its own (skilful) performance”(TACIT KNOWLEDGE, n.d.). Measures: The article reviews aspects related to tacit knowledge. The aspect of transfer of knowledge from one person to the other is the core factor in tacit knowledge. Polanyi (2002) argues that transformation of such information creates problems. Personal knowledge is commonly used despite the fact that it is shared among many. Findings/Results/Main Points: Personal information works best when instruments used in technology are not available. Availability of machines used in communication and softwares that encourage social behavior contributes to tacit. During this process, many employees are tricked to leak secret information that lead to identity theft. Conclusion: The importance of tacit knowledge remains debatable in relation to the risks involved. Its effectiveness is noted from the ability that it lacks explicit information. Organizations need to sensitize their employees on use on internet to avoid leakage of secret information that leads to identity theft. Systems for Combating Identity Theft- A Theoretical Framework Reference Information: Ji’, S. Smith-Chao, S. & Min, Qing-Fei. (2008, August). Systems Plan for Combating Identity Theft- A Theoretical Framework. J. Serv. Sci. & Management Journal, 1: 143-152. SciRes. Purpose of Study: To examine the starting point used for organizational systems design in roles played by identity owner, the issuer, checker and protector. Sampling Comments: “From system analysis and design perspective, understanding identity theft problem and designing managerial and technological systems to combat identity theft requires a holistic and comprehensive framework” (Ji, Smith-Chao & Min, 2008). Measures: Identity thieves use several techniques to retrieve data from their victims. Some of unsophisticated means used are stolen wallets, cell phones and laptops. Social engineering is used in convincing internet users to reveal their secret information. Processes needed to stop identity theft rely on information technology and its systems. Findings/Results/Main Points: Identity theft takes place through stage managed steps. Step one; the identity thief gets personal information of the victim. In step two; the identity thief tries to misuse stolen information of the victim. The final step involves the victim suffers emotionally or financially after the identity thief has vandalized the victim’s property. Conclusion: The world has turned to a global village through technology. Use of internet has increased from individual use to organizations. Internet is used for communication and business. Personal information as well as government information is targeted by identity thieves. Internet age has propagated this vice. Organizations, individuals and governments have raised eyebrows on the matter. Solutions to combat the vice need managerial and technical approaches. How (if at all) should organizations monitor employee web surfing and emails? Reference Information: The President’s Identity Theft Task Force (2007), COMBATING IDENTITY THIEF THEFT: A Strategic Plan. Purpose of Study: How consumer data can be kept out of reach from criminals. Sampling Comments: “Several federal government agencies suffered high-profile security breaches involving sensitive personal information in 2006. As it is true with private sector breaches, the loss or compromise of sensitive personal information by the government has made affected individuals feel exposed and vulnerable and may increase the risk of identity theft. Until the Task Force issued guidance on the topic in September 2006” (The President’s Identity Theft Task Force, 2007). Measures: The task Force categorized data security into two; the public and private sector. This category was based on the purposes of the sectors when collecting information. The public sector uses personal information to look for viable programs and help to deliver services efficiently and effectively. The private sector uses personal information for commercial purposes. All agencies need to safeguard employees against disclosure of personal information. Findings/Results/Main Points: Employees should be trained on the importance of security programs. The programs must be revised frequently depending on changes, issues and trends noted in identity theft. Conclusion: The recommendations of the Task Force should be implemented by all organizations both in the public and private sector. All forms of data breach need to be reported to agencies. A routine use that allows disclosure of personal information after a breach should be published. The private sector has improved data security guidelines. Two-factor authentication is used by financial and companies for business transactions conducted via computer or telephone. When are security measures that an organization implements sufficient to comply with its obligations? Reference Information: Casciani, D. (2009). Plan to monitor all internet use. BBC NEWS. Purpose of Study: To establish reasons why UK police surveillance insists that communication firms should record internet contacts. Sampling Comments: Casciani (2009) quotes Jacqui Smith’s comment; “there would be no single government-run database. Doing nothing in the face of a communications revolution was not an option. Home Office will instead ask communications companies –from internet service providers to mobile phone networks. Communications data is an essential tool for law enforcement agencies to track identity theft”(BBC NEWS,2009). Measures: All internet contacts should be recorded by communication service providers. The content recorded should not be similar to arrangement provided for in telephone contacts. A third party data or some information about visit to social networks like Facebook and Twitter. Findings/Results/Main Points: Investigative powers and privacy when dealing with personal information is important. The public opposed the idea that their information should be stored in one database after experiences gained from big brother databases. Privacy was hindered making most people unsecure. Conclusion: There is need to cater for privacy needs when focusing on internet security. The data shared on the databases for security can easily leak personal information to identity thieves. Information content is a critical issue of focus to be used in internet security. Devise a method for a medical or financial organization to determine its security measures are sufficient. Develop an organizational plan for information systems to address potential identity theft issues. Reference Information: Secretary of State for the Home Department, (2009). Protecting the Public in a changing Communications Environment. Crown, UK. Purpose of Study: Communication Data as a tool used to protect employees from identity thieves through enforcement of the law, security and intelligence. Sampling Comments: “Communications data plays a critical role in helping those public authorities whose responsibility is to keep us safe to do their jobs. Availability of this data is crucial to investigators and as a result, save lives, provides opportunities to develop investigative leads, establish links between co-conspirators in identity theft. This will enhance justice (Secretary of State for the Home Department, 2009). Measures: Communication Data is used by financial institutions among other firms to protect its employees. Internet monitoring softwares used protect the employees from any form of exploitation by identity thieves. Findings/ Results/ Main Points: Communications Data relies on four principles. It creates an image of the suspect and a networked system of contacts. Information of the suspect is quickly retrieved and is very accurate. It provides evidence in criminal prosecutions hence very reliable. The vulnerable employees are protected. Conclusion: Identity theft is a critical area that cannot be overlooked by organizations. The success in implementation of all strategies by organizations must be done hand in hand with the government. The public sector as well as the private sector must protect their employees. Action should be taken amidst technological changes since it can discourage use of communication data. The challenge left to be solved is that of cracking a balance between employee protection and the law enforcers. References Casciani, D. (2009). Plan to monitor all internet use. BBC NEWS. Ji’, S. Smith-Chao, S. & Min, Qing-Fei. (2008, August). Systems Plan for Combating Identity Theft- A Theoretical Framework. J. Serv. Sci. & Management Journal, 1: 143-152. SciRes. Secretary of State for the Home Department, (2009). Protecting the Public in a changing Communications Environment. Crown, UK. TACIT KNOWLEDGE, (n.d.). Retrieved from http://www2.lse.ac.uk/economicHistory/Research/facts. Accessed on 30/03/2012. The President’s Identity Theft Task Force (2007), COMBATING IDENTITY THIEF THEFT: A Strategic Plan. USA. Read More