Professional Documents
Culture Documents
Information Technology For Managers
Information Technology For Managers
Student’s Name
Institutional Affiliation
Professor’s Name
Course Name
Date
Information Technology for Managers
Question One
availability. These three concepts underlie good information security measures. Confidentiality is
the key to the fact that information is only available to those who are authorized to access it
(Schwalbe, 2019). Integrity keeps data authentic and without alteration by unauthorized people.
Availability implies that information is available for all those who are authorized to use it when
required.
Bellow the organizational level, in a multi-layer security solution, there are several
security levels. Another such level is the network level where security measures such as firewall,
intrusion detection systems, and virtual private networks are being utilized to prevent network
penetration and data breach (Stair, R., & Reynolds, 2021). The next level of security is the
endpoint level, where antivirus software, endpoint detection and response (EDR), and data loss
prevention (DLP) systems are used to protect individual devices such as computers, laptops and
mobile devices from malware, data breaches and other security risks.
Question Two
At the organizational level, the security strategy in the CIA triad is based on the
integrity, and availability of information (Schwalbe, 2019). This involves the use of access
control to restrict access to sensitive data, data encryption for protecting the confidentiality of
information in the event of any disaster (Stair, R., & Reynolds, 2021). Organizations also carry
out recurring security audits and evaluations, to expose security risks and avert them. They may
also put in place security awareness training programs to make the employees understand the
security best practices and the significance of the protection of the sensitive information.
Question Three
Privacy is valuable because it safeguards personal details against unwanted access that
might cause identity theft, financial loss and other kinds of harm. Governments put in place
measures that are specifically for protecting privacy to solve this problem. A considerable
example of the regulation is the General Data Protection Regulation, implemented by the
European Union (EU) (Stair, R., & Reynolds, 2021). The GDPR is a very strict regulation in
terms of the way organizations deal with personal data, giving individuals more power over their
information. Furthermore, in the US, there is the Health Insurance Portability and Accountability
Act which establishes norms for the protection of health information. The HIPAA laws govern
healthcare providers and organizations to enact a strong security framework to protect the
privacy of patients in healthcare sector. These regulatory frameworks are the key to safeguarding
the privacy of individuals and the promotion of responsible data handling by the organizations.
References
Stair, R., & Reynolds, G. (2021). Principles of Information Systems | 14th Edition. Cengage
Learning.