Name: Kolten Saunders
Course CSIS 325
TOC o “1-3” h z u 1.Introduction PAGEREF _Toc530515612 h 32.Problem statement PAGEREF _Toc530515613 h 42.1What is the research is attempting to solve? PAGEREF _Toc530515614 h 42.2The implications of the Biblical worldview on problem PAGEREF _Toc530515615 h 43.Literature review PAGEREF _Toc530515616 h 53.1Goals for data protection PAGEREF _Toc530515617 h 53.2Data protection mechanisms PAGEREF _Toc530515618 h 53.2.1Encryption mechanisms PAGEREF _Toc530515619 h 63.2.2Access mechanisms PAGEREF _Toc530515620 h 63.2.3Data integrity mechanisms PAGEREF _Toc530515621 h 63.3Role of the system administrator PAGEREF _Toc530515622 h 63.4General ethical principles and responsibilities PAGEREF _Toc530515623 h 73.5Privacy ethics in Biblical perceptive PAGEREF _Toc530515624 h 74.Implications of the research paper PAGEREF _Toc530515625 h 84.1Relevant to a Biblical worldview PAGEREF _Toc530515626 h 84.2Relevant to industry and managers PAGEREF _Toc530515627 h 85.Conclusion PAGEREF _Toc530515628 h 96.References PAGEREF _Toc530515629 h 9
IntroductionOne of the most persistent cybercrime problems for all computer systems is to prevent unauthorized access to information. Many cybercrime activities revolve around obtaining sensitive information and using it for malicious purposes. Unauthorized access incidents compromise data availability, confidentiality, and integrity. Database systems that are not adequately protected are the primary targets by many cybercriminals because they hold vital information that can help them accomplish their wicked objectives (Ashibani & Mahmoud, 2017). Data protection is a broad topic that covers many areas including legal and ethical issues regarding access rights to information. Besides, it covers policy issues at the national or corporate levels as well as issues at system levels relating to the management of various security features.
Database users have a duty of ensuring that they protect data from getting into the hands of unauthorized people. They can take mandatory and discretionary security mechanisms of database protection. Discretionary mechanisms revolve around limiting privileges that people have on certain data while mandatory mechanisms involve sorting users into several classes and enforcing the appropriate policy. Regardless of the security mechanism adopted, integration of biblical worldview in the management and storage of data can play a huge step in reducing unauthorized access cases. Data security issues such as confidentiality and integrity are well addressed in the Bible. Incorporation of practices, procedures, and standards that are ethically and biblically correct can, therefore, help curb unauthorized to databases. This research paper provides an insight into how data protection issues are relevant to a biblical worldview, industry, and managers by examining the existing literature. It examines the legal, ethical and system level issues that surround the storage, security, and management of database systems. Furthermore, it explores how biblical, ethical and legal principles that can guide organizations and governments in developing ethically sound data protection laws and regulation.
Problem statementWhat is the research is attempting to solve?The research attempts to solve conflicts that have emerged due to the introduction of new data protection and regulations by examining legal, biblical and ethical principles regarding privacy and confidentiality. Recently, cases of unauthorized access incidents have increased rapidly with most of them targeting databases. The rise in the number of hacktivist groups and the emergence of new technological tools have contributed to the increase (Carter, 2017). Governmental and nongovernmental organizations have come up with policies at nationals and at incorporate level with the aim of enhancing data security. The European Union, for example, has come with General data and protection regulation (GDPR) to define the manner in which companies within the EU region should handle personal data (Mostert et al., 2017). Some of the organizations have increased to the amount of money that they allocate in the prevention of cyber crimes.
The new data protection regulations give consumers the power to control how organizations use their data. They have given consumers new data privacy rights such as the right to access their data, right to data portability and the right to object the manner in which an organization handles their data (Wachter et al., 2017). Companies, on the other hand, are required to comply with these laws or face harsh penalties. These regulations have broad sweeping implications on the way companies handle their operations such as marketing and sales services. According to KK, many of the companies are not ready for the data protection regulations (Weston,2017). The conflict between governments and companies regarding data protection regulations show that there is a lack of proper legal and ethical principles t help develop laws and regulations that are acceptable to people and companies.
The implications of the Biblical worldview on the problem
There exist many cases of privacy dilemmas in the bible which are very relevant to the current data privacy dilemmas. Today information that collected for legitimate purposes may fall in wrong hands leading to detrimental consequences. The privacy concepts in the Bible can be extended to data protection policies. Bible ethics might, therefore, help establish privacy principles that can resolve the conflict between companies and governments regarding data protection regulations. The physical invasions of privacy in the Bible can be compared with the modern violation of data privacy rights. The biblical ethics of privacy can, therefore, inform the contemporary privacy ethics in the current world.
Literature reviewGoals for data protection
Companies and individuals invest a lot of resources in securing their information systems. According to Mariu?a, (2014), the main goals for data protection is to enhance data integrity, availability and confidentiality. Confidentiality is achieved by controlling how people access to personal documents, files whether in transit or storage. On the other hand, integrity is a matter of who has the right to modify certain files and documents. Availability refers to how data in information systems can be accessed when needed. The data may be safe it is not useful unless it is easily accessible when needed.
Data protection mechanismsComputer security is a broad topic that covers many imperfections. They are many security vulnerabilities in computer systems that might be exploited by malicious people. Security must, therefore, be maintained at all levels including database systems, network, operating systems. Databases are the primary targets for hackers since they contain vital information that is well structured. There are two types of security mechanisms of data protection: mandatory and discretionally security mechanisms. In discretional mechanisms, Mandatory security mechanism involves sorting of data and users into some groups and applying appropriate policies while in discretional mechanisms, users are granted privileges to access data in a particular manner. Mariu?a (2014), explores three categories of database security mechanisms that which are used to enhance data security.
Encryption mechanismsThis is a method is to enhance data confidentiality by ensuring that information is accessed y legitimate users only. It is a codification process in which the keys are used to identify the right users of data. The method can also be used to verify whether the information comes from the right sender of information through the use of a digital signature.
Access mechanismsThis is a method that is used by organizations in limiting the people who have access the data in a database. Users of a database are authorized before logging into a database system. An organization has control policies that define elements of access such as usernames, passwords, access rights, time to access a resource. According to Mariu?a (2014), people violate the set policies and misuse their access rights. Some are negligent and share their login credentials without minding the consequences.
Data integrity mechanismsIntegrity mechanisms are used to ensure that unintended persons do not modify data. Cryptographic is one of the mechanisms that are used to enhance data integrity.
Role of the system administrator
According to Ashibani & Mahmoud (2017), system administrators play a crucial role in data protection. They have privileged accounts which give them abilities to control other accounts as the like the whole database. They can create accounts, assign security levels, grant privileges, and revoke privileges. Owing to this privilege, they are the biggest risk to any cooperate data. Sometimes, system administrators share passwords, and other administrate devices especially when responding to a crisis. Sharing passwords or privileges accounts increases security vulnerabilities to malicious or unplanned changes.
General ethical principles and responsibilities
According to Lukács (2016), people should be aware that their actions affect others and they should, therefore, act responsibly and that their efforts are in constant support for public good. One of the principles of good ethics is respect for privacy and confidentiality. This principle applies to all professionals. The advancements in science and technology have enabled people to collect, monitor, and share personal data quickly. Organizations and individual’s ought to aware of the forms of privacy and their duties and responsibilities when handling personal information. They should make sure that they don’t violate privacy rights and the information is used for legitimate ends. To promote the proper use of data, government and organization need to have policies allow people to know the kind of data collected and how it is used to give informed consent. Companies should only collect the necessary personal data that is needed by the systems (Plato.stanford.edu, 2018). Good communication of retention and disposal periods to the data subjects is also paramount. It is also ethical to use personal data for the intended purposes and get the persons to consent in case there are intentions of using it in any other way. According to Plato.stanford.edu. (2018), professionals are entrusted with confidential information such as research data, prepublications among others. They have a duty maintaining the confidentiality of such data in cases where there is a proof that keeping it is a violation of the law.
Privacy ethics in Biblical perceptive
The issue of privacy and confidentiality is well addressed in the Bible. They several instances in the Bible where the invasion of privacy. This instance can be equated the current invasion of personal data in information systems. In the Bible, Noah was drunk and exposed himself naked. His son was cursed since for invading and exposing his nakedness. This case shows that privacy is valued in the Bible. The issue of confidentiality has received mixed reactions in the Bible. According to Glass & Cahn (2017), the Bible talk of discretion in distinguishing between the information that is kept private and the one that should be exposed to the public. The case of Samson in the Bible shows how lack of confidentiality can be detrimental.
Implications of the research paperRelevant to a Biblical worldviewThe research shows that the issue privacy and confidentiality has received a mixed reaction in Bible as well as in the contemporary world. Biblical concepts emphasize the importance of protecting another people privacy and invasion of privacy is condemned. The physical intrusions of privacy in the Bible can be equated with the invasion of personal information in information systems. Based on the research, there are many mechanisms that people have come up with in order to enhance information security. However, their success depends on how people they are supported by professionals who are entrusted with this data. System administrator ought to maintain the confidentiality of personal information.
Relevant to industry and managersBoth ethical and biblical concepts point to the importance of privacy and confidentiality. Companies should accept policies that promote data protection since it is an extension of privacy. People entrust companies with their data, and they should strive to maintain its confidentiality. They might be forced to change their service delivery process to accommodate data protection principles. Proper enforcement of mandatory and discretional security mechanisms is one of the ways that can help them enhance data security. Manager and other stakeholders in an organization observe privacy rights when handling personal data.
ConclusionThe paper has provided a good insight into how data protection issues are relevant to the biblical worldview as well as to the contemporary world. The goals any data protection mechanism is to enhance data integrity, confidentiality and availability. Companies rely on mandatory and discretionally security mechanisms in improving database security which is the primary target by hacktivist groups. This involves the use of access, integrity and encryption mechanisms. Despite this mechanism, data protection is still a major issue of concern among governmental and nongovernmental organizations. News policies such as GDPR have been created with the aim of addressing issues privacy of personal information. The policies give people the power to control how companies handle their data. Some companies are not ready to accept the policies. Based on the biblical perspective people have the right to privacy and invasion of privacy is considered wrong.
On the other hand, confidentiality receives mixed reactions. Ethically, professionals have a responsibility of protecting privacy and confidentiality of information which they are entrusted with. Based on ethical and Biblical views on privacy. Companies should new government laws and policies since they promote privacy and confidentiality . However, both ethical and biblical views concur with the fact that individual rights to privacy may be violated on matters of national interest such as security.
ReferencesAshibani, Y., & Mahmoud, Q. H. (2017). Cyber-physical systems security: Analysis, challenges and solutions. Computers & Security, 68, 81-97.
Carter, W. A. (2017). Forces Shaping the Cyber Threat Landscape for Financial Institutions.
Glass, B., & Cahn, E. S. (2017). Privacy Ethics in Biblical Literature. Journal of Religion and Business Ethics, 3(2), 6.
GotQuestions.org. (2018). What does the Bible say about confidentiality? online Available at: https://www.gotquestions.org/Bible-confidentiality.html Accessed 19 Nov. 2018.
Lukács, A. (2016). What is Privacy? The History and Definition of Privacy.
Mostert, M., Bredenoord, A. L., Van Der Slootb, B., & Van Delden, J. J. (2017). From privacy to data protection in the EU: Implications for big data health research. european Journal of health law, 25(1), 43-55.
Mariu?a, ?. (2014). Principles of security and integrity of databases. Procedia Economics and Finance, (15), 401-405.
Plato.stanford.edu. (2018). Information Technology and Moral Values (Stanford Encyclopedia of Philosophy). online Available at: https://plato.stanford.edu/entries/it-moral-values/ Accessed 19 Nov. 2018.
Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why a right to explanation of automated decision-making does not exist in the general data protection regulation. International Data Privacy Law, 7(2), 76-99.
Weston, M. (2017). The Right to Be Forgotten: Analyzing Conflicts Between Free Expression and Privacy Rights.