Prior to the 1990s, personal computers blast as an IT novelty did not have significant impact on operations and strategies (Patrick, 2012). ‘Big’ systems were guided by IT and the end users were settling for information for masses of green bar reports, because of their information consumption. Through a slow evolution, data remained protected behind locked doors and programs alteration required extreme care. At that time, there were no questions regarding data reliability and authenticity from IT reports (Patrick, 2012). Today, the new generation of employees has readily available internet knowhow and the 9-to5 office job is becoming something of the past. Employees and other stakeholders have information on their vicinity as they are expected to respond to needs of their jobs regardless of their locations (Patrick, 2012).
This custom writing service offers attractive help with academic papers
In this exchange of information, employees demand for required information and call for the ability to tailor their experience with the information. The tools that the end users have are more powerful than ever before. Perceptive users can create databases and manipulate data whilst some can interfere with company’s databases at the same time altering and updating information (Patrick, 2012). Technology has changed and so are the dynamics and users can input and manipulate data on their mobile devices such as placing orders, business deal signing or requesting for a service. At this era, there is need to ensure that data at its highest levels is reliable and authentic (Weir, 2012). In many cases, data can be manipulated; hence, interfering with its integrity. Data manipulation has led to enactment of new by-laws to mitigate these events, placing a higher burden to organizations to ensure the reliability and authenticity of their data. Cumulatively these changes have changed IT operations calling for audits and controls for the purpose of validations in the organization (Daci & Shyle, 2011). The purpose of this paper is to describe the steps companies can use to ensure the integrity of its information.
With improper controls, poor surveillance, and uncertainty, unauthorized users can gain access to the company’s stored information that can cause material harm. It remains to be the obligation of the IT department to create controls and controls to guarantee data integrity regardless of data location and processing (Patrick, 2012). Dealing with the third parties has remained IT greatest challenge. On the onset, the company can ensure that the employees fully understand the required controls and why they are being put in place. The company can achieve this through robust training that comprehensively covers system integrity and requirements (Weir, 2012). To begin with, the company can create and maintain interaction logs. Interaction logs is key to understanding data authenticity and reliability that provides a system log that account for all data interactions and the system for processing data (Patrick, 2012). These are the virtual set of eyes and ears that silently watches and records interactions between the system and users. Normally a combination of username and password authenticate the user when logging in the company system. Nonetheless, this increasingly presents a commonplace for hacking schemes such as malware and phishing to steal the identity of the users (Patrick, 2012). For instance, an appropriate e-mail can be sent from a user’s account and the owner claims no knowledge of the e-mail, interaction logs are called for when indentifying the location from which the account was logged on. It does so by use of IP address.
Secondly, the company can use of token for generating random string numbers that the users use as input for secret personal identification when logging in the company’s system. This adds additional complexities that the third parties are unable to match though it adds an extra step for the end users (Patrick, 2012). This is a necessity where integrity and authenticity is of absolute requirements. This also calls for robust logging element that can track the actions of each user. Third, the company can institute creation of accounts that approve each type of access and the level of system access given to these accounts. For instance, level of system access and modification is categorized in many ways such as seniority, departments, and area of work (Patrick, 2012). With this level of access, the selected few who have root or master accounts and have privilege over the entire system requires regular account audits. This form of logging requires excellent logging and tracking events. Additionally the company can institute governance and risk compliance (Patrick, 2012). This provides additional assurance for data integrity and authenticity. The governance function formulates controls and policies that applies to levels over the sensitive information while the risk assessment function reviews the proposed the system against the set controls generating a report that outlining the risks and the remedial requirements that lowers the risk levels. The company should adhere to these principles and related controls to realize the integrity of its information.
Daci, G., & Shyle, M. (2011). Improvements Of Cryptographic Structured Log File Systems To Provide Higher Data Integrity On Ims Systems. Global Conference on Business & Finance Proceedings 6(2), 602-609.
Patrick, C. (2012). It’s Most Important Role: Ensuring Information Integrity. Information Management Journal 46(3), 20-24.
Weir, R. (2012). Why Data Integrity Starts with Strong Leadership. Business Intelligence Journal 17(1), 46-56.