Awareness of Online Security - Report Example

Index Introduction 2 Literature Review 4 Significance of Online Security and Awareness 4 Perception of Online Security in Government Employees 5 Factors Effecting User Perceptions and Awareness Level 7 References 11 Awareness of Online Security in Government Employees Introduction Online security has come under significant threat in the recent years due to the high level of traffic interacting online, and the sensitive nature of data being transacted. With governments around the world going virtual and online in terms of their documentation, the use of the internet for confidential data transfers as well as monetary transactions has increased. In lieu of this development, the issue of online security and security awareness needs to be paid considerable attention. Specifically on a government level the issue of online security needs to be addressed with the employees working the sector need to be well aware of the security policies and practices in place in order to create a secure virtual working environment. The issues specific to online security online security and internet-based encryption have been gaining precedence with increased reports in the news regarding highly secure websites and establishments on the internet getting hacked by malevolent third parties. Citigroup a prominent international financial institution that has operation around the world recently was hacked by a Russian group of hackers resulting in millions of dollars being stolen (Khan and Thomas, 2009). The heist was never claimed by the company (Charrette, 2009), but was reported in the Wall Street Journal as one in conjunction with the hacking of systems for one the United States Government Agencies. The occurrence of this incident despite the presence of an excellent security system highlights the importance of individual level security awareness amongst the employees. In such situations, it becomes paramount to have highly competent and aware security experts that who can proactively determine potential threats and diffuse them before they take action and become real time threats. On a government level, this issue becomes crucial in terms of its resolution as the data being transacted by the government employees through intranets and the internet is of confidential nature. Often state level documents to assist government decision making as well as authority letters are transacted online. These need to be properly encrypted and made secure from prying third parties. In this regard, the government employees need to be significantly aware of the online security system in place, while being competent to resolve small scale security issues on a personal level. They should also be trained in the field of administrative network management in order to limit the access by the malevolent third parties to the government intranet, Local Area Network (LANs) and Virtual Access Networks (VANs). The purpose of the paper is to highlight any issues of online security awareness that are prevalent in the Abu Dhabi region specifically for the government employees. The local perceptions of security on the internet and other online communication mediums are taken into account. Aside from this, the initiatives taken by the government employees to ensure online security are also explored in order to identify their awareness level and the importance that they associate with the issue. In addition it is also to be determined whether a formal awareness program needs to be implemented at the government level in order to increase their level of awareness regarding online security, for a more secure and reliable regional online environment. Literature Review Significance of Online Security and Awareness Management of online security and awareness regarding it is significantly important for institutions like government bodies. The kind of data that is usually held by companies, financial institutions as well as governments on the shared networks is often sensitive information that deals with the personal information about the customers, confidential information about the business, its plans, and the shared information across networks regarding various issues and concerns of the government. The sensitive nature of the information and the ownership of the data make the need for security paramount. In addition, cyber terrorism is a major threat facing online institutions, particularly governments that operate and exchange information through the online media (Haque, 2002). The motivations behind security breach for organization have always been oriented for personal gain. While previously third parties used to attack corporations and their network security for personal and intrinsically profitable motives the trend of security threats has changed, with hackers now seeking to attain their political oriented objectives (Germain, 2005). In this regard, they have started to target systems belonging to organizations that work with the government or belong specifically to governments and their related bodies. It has therefore become significantly important for government organizations to take notice and put in place security measures that can combat such threats. In addition, the need for establishing and running awareness programs regarding network and work environment security for the employees has also grown important. Similarly, the awareness of government employees regarding the security measures in place is also of significance importance. The level of awareness of the end users regarding technology and the implementation of security measures strengthens environmental security in the workplace (Navarro, 2007). The capability of the end user to learn and their urge to seek more information regarding creation of a secure work environment positively enforces a safe environment for data sharing and transfer of information across networks. Perception of Online Security in Government Employees Governments have been progressing from paper-based organizations towards e-governance institutions. The transition has been significantly observed in the UAE and Gulf states as well in the recent years (Al-Fakhri et al., 2008; Alrawi and Sabry, 2009; Gebba and Zakaria, 2012). This change in the nature of the governments and their method of operations requires the government employees to be aware of how e-governance operates and how security can be ensured in online media. The government employees are the users of the systems in place, and therefore their perceptions regarding the technology and security is significantly important. The users’ perceptions regarding security in place depend on the user interface, the ease of navigation and the security measures implemented across the organization for data security. In general, the code of conduct involves the users to check in with their respective passwords, which have to be routinely changed and updated as well as their adherence to secure data sharing policy. However, the attitude of the employees regarding online security is based on their awareness of the issue and the level of importance they associate with it. In some cases, the aesthetics of the systems in place satisfy the users, due to which security implementation tools take second precedence in forming their perceptions (Belanger et al., 2002). The ease with which they navigate through the system satisfies their urge for knowledge about the media. However, in other cases, the issue of secure data transaction is of crucial importance and raises the issue of user trust in the system and online security measures implemented. The willingness of the users to implement new security measures as well as their attitude towards changes in the security measures also reflects their perceptions regarding online security. In general, the employees are aware of the responsibility and ownership of data in an organization. As a result, they are aware for the need of proper security for the networks specifically for the data being shared and stored on the networks (Miyazaki and Fernandez, 2005). However, their relaxed attitude in controlled environments can make them overlook some of the safety precautions to be taken. This lax attitude of the end user and employees reduces their awareness level and exposes the networks and associated systems to threats. Factors Effecting User Perceptions and Awareness Level The main issue that users and employees have regarding online transactions and data sharing is that pertaining to trust (Suh and Han, 2003). The issue of trust is of significant importance for the stakeholders of the transactions. The employees are confidential owners of information and decision-making instruments in an organization. The customers and employees are the stakeholders of the enterprise and need clarification about the online security as well as the trust. They want to ensure that the trust is ensured and their data as well as information being processed and shared through the networks is secure (Boyd, 2006). They require a trustworthy medium through which data can be transferred and shared amongst the different decision makers and information owners. The progression of governments towards e-governance requires these employees i.e. stakeholders to be aware of online security measures and implement them in order to ensure required level of security. However, the employees’ perception of online security is based on their exposure and awareness of the subject. As a result, they have problems pertaining to trust. The level of familiarity with the systems and their operations also affects the perceptions of the users regarding online security that is directly reflected in their level of awareness of the issue. Increased exposure to the system without updates and changes can make the user familiar with the system. While on one hand it helps the employees in terms of consistency, it also decreases the level of system security in the workplace. The employees’ perception of security does not change but the level of security being implemented reduced over time that negatively impacts the level of online security awareness in the employees. While the threats do exist, the lack of impeding threats tends to make users to expect the same type of secured networks for their utilization (Ferguson, 2005). The employees in such cases perceive their systems, work environments to be secure for data sharing, and transfer however, in reality they might be exposed to prominent security risks. The confidence that the employees have on the system, the technology and the institution also greatly affects their interest in the security measures and policies, and therefore their awareness level (Al-Busaidy and Weerakkody, 2009). Strong institutions breed a sense of confidence in the employees that can alter their attitude towards awareness of security policy and controls. Strong and reputeble organizations instill confidence in the end users, and the employees have an urge to learn how things operate in the organization. The strong sense of belonging and confidence along with the organizational code of conduct greatly influences the interest of the employees regarding the security measures in place, and how the work environment can be kept secure. This is where the management style of the personnel in the organization comes in. The working methodology and the management style in place develop the culture in the organization. The culture that the end users relate to as a result significantly affects their awareness level by influencing their need and interest in such measures (Zhang, 2010). A progressive and competitive culture in the work place that focuses on responsibility attributed to employees, regarding their jobs and related accountability instills a code of conduct in the employees, which can affect their urge, and interest in keeping their information safe. An organization that focuses on confidentiality of information has in place measures to account for such security. The culture in such organizations as a result breeds high level of online security awareness in the employees, as they are held answerable in adverse circumstances where the business policies regarding information and data security across networks are not followed. Relaxed and laid back attitude in the employees in the organization can breed a culture of personal gain and corruption that can pose as an external as well as an internal threat to the security systems in place (Snizek and Bullard, 1983; Cacioppe and Mock, 1984). The organizations therefore have to be very tentative to their staffing and recruitment policies as well as how they provide compensation to their employees. Unsatisfied and lower compensated employees can harbor resentment against the organizations and therefore pose as significantly crucial internal threats that cannot be detected or controlled. Moreover, dissatisfied employees are less willing to learn about the organization and how the working environment can be made more secure. Other factors that effect the perception of the end users regarding online security and their awareness of it depend on the orientation of the employees and their education level. The higher level of education and exposure that the end user has to technology makes the end user more aware of the threats in the environment. As a result, such an employee focuses on keeping the data and information transacted through the networks under security controls through encryption and protection measures. The level of education and exposure also effects the willingness of the end user to learn more about security measures and policies that can strengthen control and protection in the work environment. Therefore, the level of employee awareness increases with increased hands on training and knowledge of systems. References Al-Busaidy, M., Weerakkody, V., (2009), E-government diffusion in Oman: a public sector employees' perspective, Transforming Government: People, Process and Policy, Vol. 3, Issue 4, pp.375–393 Al-Fakhri, M.O., Cropf, R.A., Kelly, P., Higgs, G., (2008), E-Government in Saudi Arabia: Between Promise and Reality, International Journal of Electronic Government Research, Vol. 4, Issue 2 Alrawi, K.W., Sabry, K.A., (2009), E-commerce evolution: a Gulf region review, International Journal of Business Information Systems, Vol. 4, Number 5, pp509-526 Belanger, F., Hiller, J.S., Smith, W.J., (2002), Trustworthiness in electronic commerce: the role of privacy, security, and site attributes, The Journal of Strategic Information Systems, Vol. 11, Issues 3-4, pp245–270 Boyd, J., (2006), In Community We Trust: Online Security Communication at eBay, Journal of Computer-Mediated Communication, Vol. 7, Issue 3 Cacioppe, R., Mock, P., (1984), A Comparison of the Quality of Work Experience in Government and Private Organizations, Human Relations, Vol. 37, Number 11 pp923-940 Charrette, R., (December 22, 2009), Citigroup Denies Massive Russian Hack Attack, retrieved from Ferguson, A.J., (2005), Fostering E-Mail Security Awareness: The West Point Carronade, Educause Quarterly, 2005, No 1. Gebba, T.R., Zakaria, M.R., (2012), E-Government in Egypt: An Analysis of Practices and Challenges, International Journal of Technology Management, Vol. 1, No. 1 Germain, J.M., (2005), Internal Threats Still Major Network Concern, TechNewsWorld, retrieved from Haque, S.M., (2002), Government Responses to Terrorism: Critical Views of Their Impacts on People and Public Administration, Public Administration Review, Vol. 62, Supp, pp170–180 Khan, H., Thomas, P., (December 22, 2009), Hackers Stole Millions of Dollars from Citigroup, WSJ Reports, ABC News, retrieved from < http://abcnews.go.com/GMA/citigroup-hacked-russian-cyber-gang-wsj-reports/story?id=9398512#.UJAJtWf0Rkg> Miyazaki1, A.D., Fernandez, A., (2005), Consumer Perceptions of Privacy and Security Risks for Online Shopping, Journal of Consumer Affairs, Vol. 35, Issue 1, pp27–44 Navarro, L., (2007), Train employees - your best defense - for security awareness, retrieved from Snizek, W.E., Bullard, J.H., (1983), Perception of bureaucracy and changing job satisfaction: A longitudinal analysis, Organizational Behavior and Human Performance, Vol. 32, Issue 2, pp 275–287 Suh, B., Han, I., (2003), The Impact of Customer Trust and Perception of Security Control on the Acceptance of Electronic Commerce, International Journal of Electronic Commerce, Vol. 7, Number 3, pp135-161 Zhang, W., (2010), E-government information security: Challenges and recommendations, Computer Application and System Modeling International Conference, Vol. 15, pp1-4 Read More

In addition it is also to be determined whether a formal awareness program needs to be implemented at the government level in order to increase their level of awareness regarding online security, for a more secure and reliable regional online environment. Literature Review Significance of Online Security and Awareness Management of online security and awareness regarding it is significantly important for institutions like government bodies. The kind of data that is usually held by companies, financial institutions as well as governments on the shared networks is often sensitive information that deals with the personal information about the customers, confidential information about the business, its plans, and the shared information across networks regarding various issues and concerns of the government.

The sensitive nature of the information and the ownership of the data make the need for security paramount. In addition, cyber terrorism is a major threat facing online institutions, particularly governments that operate and exchange information through the online media (Haque, 2002). The motivations behind security breach for organization have always been oriented for personal gain. While previously third parties used to attack corporations and their network security for personal and intrinsically profitable motives the trend of security threats has changed, with hackers now seeking to attain their political oriented objectives (Germain, 2005).

In this regard, they have started to target systems belonging to organizations that work with the government or belong specifically to governments and their related bodies. It has therefore become significantly important for government organizations to take notice and put in place security measures that can combat such threats. In addition, the need for establishing and running awareness programs regarding network and work environment security for the employees has also grown important. Similarly, the awareness of government employees regarding the security measures in place is also of significance importance.

The level of awareness of the end users regarding technology and the implementation of security measures strengthens environmental security in the workplace (Navarro, 2007). The capability of the end user to learn and their urge to seek more information regarding creation of a secure work environment positively enforces a safe environment for data sharing and transfer of information across networks. Perception of Online Security in Government Employees Governments have been progressing from paper-based organizations towards e-governance institutions.

The transition has been significantly observed in the UAE and Gulf states as well in the recent years (Al-Fakhri et al., 2008; Alrawi and Sabry, 2009; Gebba and Zakaria, 2012). This change in the nature of the governments and their method of operations requires the government employees to be aware of how e-governance operates and how security can be ensured in online media. The government employees are the users of the systems in place, and therefore their perceptions regarding the technology and security is significantly important.

The users’ perceptions regarding security in place depend on the user interface, the ease of navigation and the security measures implemented across the organization for data security. In general, the code of conduct involves the users to check in with their respective passwords, which have to be routinely changed and updated as well as their adherence to secure data sharing policy. However, the attitude of the employees regarding online security is based on their awareness of the issue and the level of importance they associate with it.

In some cases, the aesthetics of the systems in place satisfy the users, due to which security implementation tools take second precedence in forming their perceptions (Belanger et al., 2002). The ease with which they navigate through the system satisfies their urge for knowledge about the media.

Read More