This chapter will focus upon the impact of Generation F - the Facebook Generation - and their attitudes to security. The chapter is based around discussing the loss of data, the prevention approaches and enforcement policies that are currently being investigated, and the implications that this has upon the modern, working environment. The changing landscape of work presents the issue of the Need to Know against the modern, working practises of Need to Share, a conflict that needs to be resolved as a matter of urgency. Many hold the view that it would be wrong to return to the Cold War scenario, however the modern position of Need to Share leads to a steadily rising fear of Information Insecurity. Accepting this situation means that working practises within large organisations need to be reviewed without ignoring the benefits of the new and emerging technologies and yet still be vigilant with regards to Information security.
TopIntroduction
The chapter will include a number of real life case studies; Wikileaks, Ministry of Defence - Burton Report (UK) and Disclosure issues within the Victorian Police (Australia), these case studies will discuss the loss of data, prevention approaches, enforcement policies and ‘need to know’ versus ‘need to share’ and illustrate the Global perspective of these issues and open discussions for Information disclosure, deliberate or otherwise.
This first case study, (Case Study 1) Information Security Disclosure: A Case Study (Rosewall and Warren 2009) will focus upon the impact of Generation F - the Facebook Generation and their attitudes to security. It will focus on the findings of a major UK incident and the implications that this has had. The case study identifies 51 recommendations to improve the situation of data security within the military of the UK. These recommendations will be the data for the analysis and will form an overview of the case study’s point of view as regards the younger generation and data security. This discussion will suggest another interpretation of the results supplied by Burton (2008)
The second case study (Case Study 2) views similar problems as mentioned above that have been noted within the Police service in Australia in particular the state of Victoria. The Victorian police have had a chequered past and unauthorised Information disclosure has featured prominently in their recent history. The cases that will be alluded to, are not used in order to apportion blame but, rather, to illuminate certain areas of the various reports that have been cited. As far back as 2003 The Victorian Police review finds “ .....inconsistent and inadequate approach to data Management” (Mc Kenzie 2009).
The final case study (Case Study 3) investigates the implications of the popularity of Wikileaks which has been obvious over the past few years. It has been described thus: “Wikileaks is an uncensorable version of Wikipedia for untraceable mass document leaking and analysis.” This may, on first sight seem desirable but, when it is deemed as being ‘uncensorable’ do we take it that there can be only one view of these ‘facts’? unlike its namesake Wikipedia which would allow for a balanced view perhaps this is not the site that it first portrays.
These three case studies will discuss The issues surrounding the Loss of Data, the current prevention approaches, the compliance /non compliance with enforcement policies and the dilemma facing current work practices of ‘need to know’ versus ‘need to share’