Question

5) Discuss the role of Information Technology in the data lifecycle. What responsibilities does IT have in regards to an organization’s data? How does Information Security fit into this? Using class discussion, your reading, and your own experience, do most organizations follow best practice in this regard

Answer 1

To answer this question very precsiely lets go through all the phases of data  lifecycle managment and we will understand the role of IT in almost every phase.

1) Data Collection: It is the phase which could be carried out manually and without use of IT. But it is very hectic to do so without using data collection tools. The phases like Data Acquasition, Data Entry, and Signal Receipt all need the IT support. For example data collection method Signal Receipt obvioulsy needs IT as data is collected from a device. IT helps by creating IT based tools for data gathering like onine surveys, getting responses directly to data repsoitory and making easy to process. IT automates.

2) Data Minatanance: It involves processing of data or cleaning of data to get useful and usable data. Data maintannace is about movement(from one place to a datawarehouse or repository) , integration ( with other useful data or interfaces), cleansing (getting junk or useless data out or normalizing data) , enrichment (loading missing values or ennahancing quality by various measures) , retrieval of processed or chnaged data,

Here IT uses its various tools to clean the data eg some software like Data cleaner, Drake, Data ladder and tonns of other IT software make process very easy otherwise it is herculaina task to clean data manually.

3) Data Synthesis: Creating useful and valuable data via reasoning. It can be done manullay but with the intervention of IT things become so easy. Simplest example Excel to synthesis the data from tonns of data to useful data. Eg to calculate Tax from lots of data, excel helps you to get little from large amount that is needed and useful. So IT saves a lot.

4) Permitted data usage: IT can easily decide who can use what data. THus in this case with previlage setup IT can enhance the security of data lifecycle. Various software can be put into place that will decide who will use what data.

5) Data Publication: Data needs to be sent outside the company at mant places, Her IT can help in safe and secure mode of transmisison and hence prevent data breach. Data can be sent via encrypted tunnels hence IT can save the day.

6) Data Storage: It is very easy to store data in datacentres or repositories rather than in manual form. The security will be enhanced if data is stored in a form thatthe retrival by adversary will render it useless, Hnece IT can use various storage and security mechanisms to safely store data and for forever.

7)Deletion of useless data: When data is not needed it should be deleted. The safe delation can be done by IT , like zeroing so that data can never be retrived.

Now Data security fit into this as:

1) Safe transportaion of data for publication to prevent data breach.

2) Safe storage in repositories so that retrival by adversary may not effect.

3) Safe deletion , even if data respository falls in hands of adversary he may not be able to get the data back.

4) Preveilage seperation: Seperate the previlages of the various people to describe who can use data or who can not use.

No most organizations do not follow the practices. They mostly lack the security point. They automate data collection, synthsesi, cleaning but someway they fotget the most critical point that is security.