By Everest Turyahikayo, Kampala
There have been reports in the media that USA has lost the most sensitive and classified information to hackers. Such an unfortunate incidence happened at a high profile level to a country popular for its modern technology and powerful security mechanisms. However, it is not an isolated incidence as such problems have been reported in organizations especially banks losing billions of money to hackers.
Organizations survive because of the records they possess. Such records can be kept in both electronic and the traditional way of keeping hard copy documents. Records are as important to the organizations as the engine to the motor vehicle. Without records, organizational survival cannot be guaranteed. Organizational secrets pertaining to unique technologies, indigenous and modern knowledge, information about the foreseen risks in the business enterprise, strategies of how to face uncertainties, information about details of employees, work plans of how to excel beyond competitors; and information about the comparative advantages are all kept in records. This makes organizational records the most important resource of organizations. Whenever new managers are hired they have to study past failures and success of the entire organization using records as the most reliable source of the information.
If any desired change is to be introduced for the good of the organization, Chief Executive Officers justify such a change basing on the information available in records. Hacking into such records undresses the entire organization of its important capital and leaves it vulnerable to crucifixion by the competitors. It is painful to inject lots of money in technology development and design of strategies for expansion at the international level, only to find that another organization robbed you of such resources through hackers.
Some hackers are employees of the victim organizations while others are hired as IT consultants on short term basis-ranging from few hours to weeks. Many organizations prefer hiring computer technicians and systems administrators on a temporary basis. Their nature of work requires installing software, computer repairs and maintenance, all of which can be done occasionally. These professionals access data freely whenever hired by organizations. Unfortunately, most organizations lack systems in place to monitor and supervise short term contractors.
Most of the organizations’ records are left to the hands of these outsiders who cannot be subjected to the disciplinary instruments of the client organizations; leave a lone the absence of contracts of engagement. In spite of the fact that some countries including Uganda have laws to safeguard records and access to information, implementing such a law is difficult. Hackers are aware of such a law and so try to hack data in a very sophisticated style making it impossible to surrender them to the law.
The following measures can be put in place to stop hackers from accessing organizations’ records.
• There is need for every organization to develop and implement records and information management policy. Such a policy should include among other aspects, ethical conduct in records management, records security systems, data backup and adherence to confidentiality. Such a policy should be updated from time to time. This will help organizations to keep pace with modern best practices in records and information management.
• Employers should recruit highly qualified records officers who should be well motivated and regularly trained. Constant supervision and monitoring of records officers will help organizations to detect any misdeed in its early stages.
• It is important that every organization recruits well qualified computer specialists. These professionals should be in position to supervise short term contractors. Quarterly reports should be submitted to the departmental heads in respect of the progress and status of the records management.
The author is and International Human resource Consultant
No comments:
Post a Comment