CHAPTER 1: INTRODUCTION
Background of the study
In today’s increasing and highly technological advanced world one of the most essential tasks is to maintain appropriate data security for every organization. Here, in this globalized world organizations are expanding their business by following appropriate strategies. According to Hendricks, Singhal and Stratman (2007) maintaining customer loyalty is one of the most crucial policy through which companies can easily attain higher profits. In this regard, they are required to maintain better and profitable relationships with their customers. However, there are some organizations who are giving appropriate training to their employees for maintaining better relations with their customers. By this, they require to keep their customers safe and secure by adopting best techniques. With the help of maintaining trust among consumers company can develop its positive brand reputation in the mind-set of their clients.
According to Black (2006) maintaining consistency and data security is a part of every organization. Most of them are ensuring data integrity and confidentiality of their business information. For this, they are taking protective digital privacy measures for the prevention of any type of unauthorized access. Here, it can be determine that companies can easily keep their data safe and secure and protect them from any type of corruption. In addition to this, each and every organization must recognize the importance of implementing an overall information security strategy to protect business information from different threats. There was a recent attack that was related to their data security concern. In this concern, majorly a company requires to maintain proper data protection strategy so that they can compete with their rivals. This is the most effective way to keeping better relations with customers take a complete inventory of all their data processes.
In this regard, the present study is based on data security systems of Lenovo. However, it compares the whole security system of Lenovo with HP and Sony. Lenovo is the Chinese multinational hardware and electronics company (Gruber and Wise, 2008). It is one of the famous brands in this area and all it products includes tablets, mobile phones, computers IT management software’s etc. This study analyzes the role of keeping security of data within this organization as well as its performance. This system mainly helps in securing the customers details, financial information, sales figure and other key business data. It is also essential for them to keep all their data up date by following all the legislations such as Data Protection Act 1998. Under this, they must ensure that all the information used by them must be fair and lawful. They do not break any rules regarding the personal information of their customers and maintaining all such information very much confidential. The whole performance of firm depends on the viewpoints of their customers and performance of their employees. In this regard, workers required to maintain their customer’s record with full security. Firms can grow their security concerns such as many cyber attacks succeed because of weak password protocols of firm (Baker, Murphy and Fisher, 2008). It is essential for them to keep strong security password with all their data. In addition to this, companies can also reduce the exposure to hackers by limiting access to their technology infrastructure. It is the main responsibility of the firm is to design safe system which enables the firm to keep all their data secure.
These are some of the major concerns which help in evaluating the role of data security systems on the performance of company. These factors can affect the cost, availability and user needs and data security as well. It also helps in determining all those factors which highly affects the overall privacy of company. Total privacy systems of HP, Lenovo and Sony are taken into consideration in order to identify their impact within their firm as well as performance and brand reputation.
Aims, objectives and research questions
Aim: To evaluate the role of data security systems on company’s privacy: A case study on Lenovo
Objectives: To realize this aim the following underlying objectives will first be attained:
- To assess the importance of data security systems in business operations.
- To identify the factors that affects company privacy.
- To analyze the effectiveness of data security systems in mitigating privacy issues of the company.
Research Questions: For the intention of conducting an all-inclusive research and find out the role of data security in company’s privacy, below mentioned research questions have been formulated:
- What is the importance of data security systems in business operation?
- Which factors affects the company privacy?
- How effective are data security systems in mitigating privacy issues of the company?
Rationale of the study
The major issue in the present study is related to the security of private information of customers as well organizations. There are various types of security risks that must be encountered at the time of data protection. Due to the fast and rapid technological advancements it is become quite difficult for companies for maintaining all the database of their firm and must guarantee the confidentiality of e-commerce customers as they will access the database. In order to prepare for any type of security threats firms need to constantly update their security system. Further, HP, Lenovo and Sony are major competitors of each other and developing various strategies in order to compete with each other. Hacking, plagiarism, privacy, viruses, infectious malware etc. are the major security threats. It can highly affect the performance of firm and it will lead to decrease the profitability of firm. Moreover, it is quite essential for companies to follow all the legislations relate to data security and adopt various latest technologies in order to achieve their target. With the help of this, they are able to attain their goals with maintaining the customer loyalty.
Structure of the study
Chapter 1: Introduction
This is the starting chapter of any research where researcher develops all the objectives based on the given subject matter. In this chapter, whole overview about the study is given which helps in finding out the major area of research with brief information. Here, on the basis of these objectives and research questions the total research study will takes place. Research can carry out the study and proceed with next chapter with the help of set objectives.
Chapter 2: Literature Review
This is the second and most important chapters of any study in which researcher can fill the existing gaps of past studies as per the given subject matter. Here, the researcher will find out most suitable information about the role of security systems and go through the appropriate comparison about HP, Lenovo and Sony’s data security systems. Under this chapter, appropriate information is presented by researcher as per the past studies done by different authors.
Chapter 3: Research Methodology
This is considered as most important chapters as it helps the researcher in finding out the most suitable information with the help of selecting best data collection. In this chapter, different research methods are presented as per the suitability of research topic. With the help of selecting best research methods researcher is able to present appropriate research findings and also develops a valid and suitable conclusion.
Chapter 4: Data Analysis and Findings
After finding out the total information about the given subject matter researcher and selecting best suitable research methods researcher is able to draw appropriate findings. In this chapter, analysis takes place on the basis of selected research methods such as Ms-Excel, SPSS etc. These are the tools which help in analysis of data as per the gathered information and drawing a valid conclusion on the basis of it.
Chapter 5: Conclusion and Recommendations
This is the last chapter of any research in which researcher can draw appropriate conclusion on the basis of gathered data. Further, it also helps in covering all the major areas of future research and drawing better recommendation for it. In the present study, future recommendations can be presented effective data security systems.
CHAPTER 2: LITERATURE REVIEW
This is considered as most important chapters of any research in which researcher can carry out the appropriate evaluation of the given subject matter on the basis of past data. There are various researchers and authors who have made similar research in the past years. Further, literature review is sections which helps in fulfilling existing research gaps and make it more complete without any biasness. In this regard, the present gives appropriate information on basis of role of security systems within any organization. Further, it also compares different security systems of different organizations.
Role of data protection and security systems
According to Chang and Yeh (2006) data confidentiality and security is considered as a most important concepts through which companies can enhance their brand image in front of all their customers. Bose (2006) in his articles determines that data security system is the administration that is used for the protection and backup process of the data. It is the overall process which helps in maintaining all the customers record of company as well firm’s financial information and personal data anymore. In this way, it has been identified that such systems also helps to recover the lost files, due to corruption or deletion as well as any other type of malware and existing threats of the company. Data security systems are presented for different purpose such as promotion for the positive brand image of the company as well as high protection to handle the personal information and individual’s right to privacy. It is the best way to allow administration to set backup recovery policies of a data. According to Thuraisingham (2010) in today’s area of business and highly globalized world data security is becoming most important concern for every businessman (Yin, 2000). Nowadays, companies are adopting several IT systems such as CRM to maintain the database of their customers. It can be define as a customer relationship management tool which helps in maintaining better relations with consumers by keeping their data safe and secure.
Redlich and Nemzow (2007) in his article defines that there are different types of security systems such as e-mail security, computer security, risk management, biometrics access control etc. These types of security systems helps in keeping all the software’s and computer systems protected from any type of viruses and malware infections. As per the results of past survey data it has been identified that almost 285 million people were compromised in 2008 in relation to their data security. However, it can be define as a major area of problem. For this, different companies have adopted different strategies of that they can maintain full integrity and confidentiality of their data. Further, it has been identified that Data security systems plays a major role in affecting the relationship with clients and spoiling the brand image of company. According to Williams (2007) maintaining consumer trust is major source for developing positive brand of company. However, by gaining customer loyalty company can automatically increase its market share. With appropriate data security profitable relationship can be developed and company’s client base can also be increased as well (Shaw, 2010). Moreover, it can be determine that customers are the most valuable asset of every organization and it is essential to provide them valid security for their data as well.
Role of data security system
For increasing security of data within private networks or intranets, IT companies are emphasizing on the effective use of security mechanisms at various layers of internet. Security mechanism provides opportunity to enterprise to transfer data across the network in a safe and protective manner (Chang and et.al, 2007). In order to provide secure data communications within the network, IPSec which is point to point protocol can be used in two modes including transport mode and tunnel modes.
In order to determine the security implications, IPv4 and IPv6 tactics can be employed. IPv6 is more advanced as compared to IPv4 in term of security features and secures the packet payloads. For reducing confidentiality related issues, enterprises are using different types of technologies including IDS, Firewall, IPSec and Cryptographic in a significant manner (Ha, 2004). On the other side, for reducing integrity related issues, Anti-malware, SSL and Firewall tools can be beneficial for companies in the modern world. In addition, privacy related problems can be reduced through adequate utilizations of SSL and IDS systems at workplace. Availability related challenge can be solved by DoS, email boming and spamming related problems in a proper way. Throughout the various stages in its life-cycle, data security standard can be helpful for enterprise to overcome change of security. As per the view of Flick (2009), data security for clients is required in term of increasing confidentiality and data integrity in a proper way. Protection of information which is putting in the public domain is required for company in order to save company for huge losses. In the context of performing day to day business activities of organization in a secure manner, it is essential for enterprise to enhance security of confidential business information properly. Besides that, unauthorized disclosure and data destruction create negative impact on the performance of organization. It is responsibility of government and private companies to increase security of database system (Chang and Yeh, 2006). By managing security systems, firm would be able to collect and manage information from customers securely. In addition, main role of data security can be understood as follow.
Legislation: In UK, different types of legislations including data protection 1998 act, the environment information regulation 2004 and the privacy and electronic communication regulation 2003 have followed to enhance the security of data.
Data steward: In the regard of increasing security of data, authorization is assigned to an individual within organization. By doing this, enterprise can be able to get data security and solve different errors raised in network. By creating user-friendly and secure interface, management of firms would be able to help their users in preventing the errors in different online transactions. By providing reversible control action and data confirmation processes, company would be able to increase secure storage of data for long time period (Data Security: Top Threats to Data Protection, 2011).
Information owner: In order to get proper use of data in the system, it is responsibility of database users to delegate responsibilities to them on the basis of employee’s skills and knowledge. By adequate allocation of resources, management of firm would be able to reduce chances of risks and protects them from creating their own mistakes.
Data custodian: In the context of using data usage and information are securely hold at regular basis, it is responsibility of an database administrator to implement different policies and strategies in a chronological manner (Redlich and Nemzow, 2007). By managing customers data secure, data controller can overcome the chance of security risks in a network.
Protection of personal right: In the digital world, technology provides various facilities to their customers and employees including communication, services and transaction. However, citizen has right to protect their personal information and not disclosed with un-trusted person.
IT outsourcing industries: In the cut throat competitive business environment, IT and BPO services are spreading with very quick rate. In such kind of situation, it is essential for an individual to the use of security system properly and giving assurance to customer about the security measure (Pfleeger and fleeger, 2002). By considering security parameters, enterprise would be able to enhance security of their database and creates positive image in the canvas of the mind of customers in a proficient manner.
Factors affecting the company privacy.
According to Data (2000) there are different factors including malicious code, data leakage, fraud and theft and malicious hackers that can influence the privacy of companies in the digital world.
Malicious Code: This type of code can damage the system, software and security breaches in the computer network. It has a large group which can occur in different ways including malicious active content, viruses, worms and Trojan horses (Gruber and Wise, 2008).
Data leakage: This kind of issue occurs when employees are working on a system and after system uses do not protect the system. The negative impact of data leakage can be seen in forms of data loss that may harm the privacy of computer system also.
Malicious hackers: These are unauthorized users which are responsible to perform any task in the system without getting any permission from authorize person. Both outsider and insider of any company can create this kind of malicious act and negatively influences the performance of system (Data Security: Top Threats to Data Protection, 2011). They can perform various tasks including delete the files of particular system and create system loss. However, by taking security measures, IT managers and security managers of firms would be able to secure database system (Flick, 2009). In addition, by maintaining the law and order, management of organization can be able to protect data from the hacker’s.
Fraud and Theft: In this type of security act, an individual identity is stolen by any unauthorized person that impact can be seen in form of increases the frauds in chat room, mail, message board and websites. Hackers can steal personal information of an individual and misuse them illegally. Hackers are used both traditional and modern methods to steal personal information of an individual. Negative impact of these can be reduced through following security measures and securing their document in their system properly.
Phishing and Targeted Attacks: In order to gain access to personal information, criminals can target individuals and organizations (Hendricks, Singhal and Stratman, 2007). Through using emails, they can target users and steal their personal information. However, by installing professional enterprise-level e-mail security software, IT security managers would be able to overcome negative impact of phishing and other e-mail security scams in a significant manner.
Poor Configuration Management: Without following configuration management policy and restriction on machines that connected to the organization’s network, firm would be unable to enhance security of system. By configuration management policy and following specify security mechanisms; enterprise would be able to prevent network access to the devices in a proficient manner (Norman, 2011).
Botnets: Usually criminals are developed computer network for performing for malicious activity. These types of security threats are very dangerous for companies and their negative impact can be seen in form of damaging to an organization’s reputation and network resources. By considering holistic approach to data security and analyzing patterns of data sent over the network, network managers within organizations can be able to defend system against a malicious botnet attack in the digital world.
Zero-day Attacks: In this attack, attackers exploit a software application and database of company vulnerability before the application vendor becomes aware it. In order to mitigate the chances of security, proper execution of a frequently recommended approach is required (Mathers and Stewart, 2000). By keeping abreast of the latest software patches, IT analysts can reduce this type of attack properly.
Security systems of HP, Lenovo and Sony
According to Kaufman (2009) companies are following or adopting different security systems for keeping their customers and company’s private information safe. For this concern, there are different security systems used by different companies such as:
Lenovo is a multinational electronics and hardware company which has implemented appropriate security system to protect their system from unwanted activities. For this, several security measures have been applied by them such as password systems for all the locations where data has been stored and they change their password at regular basis. There are thousands of workers are working in different branches as well as different departments of Lenovo (Lee, 2003). All of them are assigning their individual passwords where they can store their personal data and keep their information confidential. For this, appropriate login systems have been given on all the desktops. This is the best security measure followed by them where individuals can keep their data safe. Security system is becoming a fast growing technology in current scenario that why many multinational companies take benefits of it. They take their own security program according to their need. In addition to this, for better security they have to apply different programs that can help their system to protect their confidential data.
Company has many important documents that they want to secure from unauthorized person. This can be done by using data protection measures.
According to Lin and Brown (2000) there are several areas where mainly company requires personal identification of their customers as well as employees. After getting that personal information keeping their trust on the top of their priorities is the most important task. It helps Lenovo in enhancing their profit margin. Further, it can be determines that there in case of misleading of information and improper use of any type of personal information of customers such as their bank accounts information etc. the person’s financial holdings could be goes in to risk position, so to avoid these conditions they use security system. In this way, it has been founded that Lenovo uses different security measures as per their data security systems. By using this, companies can manage their file in a secured place and this will help them to recover that file in future. Data should be stored according to security programs in any organizations and this will help them in protecting their data from unwanted authorities, so that they cannot be able to misuse that data (Mathers and Stewart, 2000).
- Baker, B.N., Murphy, D.C. and Fisher, D., 2008. Factors affecting project success. Project Management Handbook.
- Black, G.R., 2006. Data security system. U.S. Patent.
- Bose, R., 2006. Understanding management data systems for enterprise performance management. Industrial Management & Data Systems.
- Chang, I.C. and et.al., 2007. Factors affecting the adoption of electronic signature: Executives' perspective of hospital information department. Decision Support Systems.
- Chang, T., J., A. and Yeh, J., Q., 2006. "On security preparations against possible IS threats across industries". Information Management & Computer Security.
- Data, C.J., 2000. An introduction to database systems. Addison-Wesley publ.
- Flick, L., K., 2009. Assessing Consumer Acceptance of Online Shopping: Examining Factors Affecting Purchase Intentions. ProQuest.
- Gruber, J. and Wise, D.A., 2008. Social security and retirement around the world. University of Chicago Press.
- Ha, H.Y., 2004. Factors influencing consumer perceptions of brand trust online. Journal of Product & Brand Management.
- Hendricks, K.B., Singhal, V.R. and Stratman, J.K., 2007. The impact of enterprise systems on corporate performance: A study of ERP, SCM, and CRM system implementations. Journal of Operations Management.
- Hovav, A. and D'Arcy, J., 2003. The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms. Risk Management and Insurance Review.
- Huang, S.M., Lee, C.L. and Kao, A.C., 2006. Balancing performance measures for information security management: A balanced scorecard framework. Industrial Management & Data Systems.
- Kaufman, L.M., 2009. Data security in the world of cloud computing. Security & Privacy.
- Lee, B., 2003. Gross Margin: 26 Factors Affecting Your Bottom Line. Lee Resources, Inc.
- Lin, A. and Brown, R., 2000. The application of security policy to role-based access control and the common data security architecture. Computer Communications.
- Mathers, S. and Stewart, A.D., 2000. Security system for hard disk drive. Calluna Technology Limited.
- Norman, L., T., 2011. Integrated Security Systems Design: Concepts, Specifications, and Implementation. Butterworth-Heinemann.
- Pfleeger, C.P. and Pfleeger, S.L., 2002. Security in computing. Prentice Hall Professional Technical Reference.
- Redlich, R.M. and Nemzow, M.A., 2007. Data security system and method for portable device. Digital Doors, Inc.
- Shaw, W., 2010. Cengage Advantage Books: Business Ethics: A Textbook with Cases. Cengage Learning.
- Thuraisingham, B., 2010. Secure Semantic Service-Oriented Systems. CRC Press.
- Valiulis, C., 2001. Electronic identification, control, and security system and method for consumer electronics and the like. U.S. Patent
- Williams, B., G., 2007. Online Business Security Systems. Springer.
- Yin, J., 2000. Data security system and method. U.S. Patent.