Securing the Electronic Frontier P.

SECURING THE ELECTRONIC FRONTIER P. II

Securing the Electronic Frontier, P II

Annotated Bibliography

This paper provides the annotated bibliographies of the three articles that focus on the workplace right to privacy and data encryption. McEvoy, (2002) in his article titled "Email and Internet Monitoring and the Workplace: Do Employee has the Right to Privacy" argues that the rapid development of internet and IT (information technology) has made increasing number of employees have access to the internet and email on the employer's owned computers. However, the questions have arisen whether employers have the right to monitor personal communication of employees within workplace. Many employers claim that they have the right to ban employees from using the company computer for personal use. However, this right conflicts with the National Labor Right of 1935 that protects worker's rights. Examples of companies that terminated employees from their companies include Timekeeping Systems Inc., Microsoft, Pratt & Whitney and the issue led to many court cases, which include Smyth v. Pillsbury Company, Tiberino v. Spokane Conty and Kodengada v. International Business Machine Corp. The author suggests that employee should avoid using the company email for personal use.

Miller and Tucker (2011) in their article titled "Encryption and the Loss of Patient Data" point out that fast paced of IT within the healthcare environment has facilitated collection of patient's data. The IT has been very useful for medical providers because it improves the diagnosis and treatment of patients. The downside of the IT use is that firms could face financial and negative publicity if there is a breach of patient's data. For example, thousands of patients' data could be lost if a laptop that contains patients' data is stolen, and this may damage a company's reputation. The authors argue that a security breach could result to the loss of $1.6 billion of market capitalization within two days after its announcement. The author suggests that encryption is an effective tool to minimize the breach of data risks. Theoretically, encryption deters malicious hackers. However, for encryption to be successful, it requires careful data management policies.

Lugaresi, (2010) in his article "Electronic Privacy in the Workplace: Transparency and Responsibility" argues that the use of the internet and email within a workplace has given rise to collision between employers and employees. Typically, employers need to monitor employee's activities online; however, employees have the right to privacy. With this issue, the law is facing challenges to regulate the use of the email and internet within the workplace. Article 29 of Data Protection Working Party (DPWP) points out that a total ban of employees from personal use of internet within a workplace is impractical considering the importance of the internet as a vital means of communication. However, there is a contrary argument that there is a need to monitor employee to reduce abuse of the internet use. The author concludes that employee do not have the right to use company internet and email for personal use. However, employers should implement an electronic privacy policy in advance before employee's surveillance could be practical.

Part 2 - Reflective Diary

The security of customer's data is very critical in the contemporary business environment because of the increase in the data breach that could make organizations to face bad publicity within and outside the United States. Essentially, organizations are required to secure employees' and customers' data to enhance Pretty Good Privacy (PGP) within the IT environment. One of the strategies to enhance customers' privacy is to implement data encryption. Encryption is a strategy of encoding data file where only authorized user can only have access to a secret "key' in order to read the data. The major impact of encryption is that it will prevent unauthorized access to organizational data, which will consequently enhance data protection and privacy. Moreover, securing information will make organization to be in line with the IT ethical standard, which will consequently enhance organizational public image.

Despite the security platform implemented by many organizations, there is still an issue of trespass of IT asset. The trespass occurs when an unauthorized individual is having access to IT assets. An example of a trespass is an issue of a hacker trying to have access to customer's data. On the other hand, legitimate access occurs when an authorized individual get access to an organizational IT assets. Typically, trespass and legitimate access have a real world application in cyber ethics. The trespass is contrary to the IT ethics, however, the legitimate access is ethical within the IT and business environment. Organizations need to design an effective IT policy to guide employees on the ethical use of IT assets in order not to be accused of trespassing.