16 Apr You have recently been hired as a Chief Information Governance Officer (CIGO) at a large company (You may choose your industry). This is
You have recently been hired as a Chief Information Governance Officer (CIGO) at a large company (You may choose your industry). This is a newly created position and department within the organization that was founded on the need to coordinate all areas of the business and to provide governance of the information. You will need to hire for all positions within your new department.
The company has been in business for more than 50 years and in this time has collected vast amounts of data. Much of this data has been stored in hard copy format in filing cabinets at an offsite location but in recent times, collected business data is in electronic format stored in file shares. Customer data is being stored in a relational database, but the lack of administration has caused data integrity issues such as duplication. There are currently no policies in place to address the handling of data, business or customer. The company also desires to leverage the marketing power of social media, but has no knowledge of the types of policies or legal issues they would need to consider. You will also need to propose relevant metrics that should be collected to ensure that the information governance program is effective.
The CEO and Board of Directors have tasked you to develop a proposal (paper) that will give them the knowledge needed to make informed decisions on an enterprise-wide Information Governance program, addressing (at a minimum) all of these issues, for the company.
The paper should include at a minimum of the following sections:
- Title page
- Executive Summary (Abstract)
- Introduction (including industry discussion – 1-2 pages)
- Annotated Bibliography (2-3 pages)
- Literature review (2-3 pages)
- Program and technology recommendations, including:
- Data that matters to the executives in that industry, the roles for those executives, and some methods for getting this data into their hands.
- Regulatory, security, and privacy compliance expectations for your company
- Email and social media strategy
- Cloud Computing strategy
The hospitality industry is one of the fastest-growing and largest industries worldwide, especially in developed countries. It collaborates with other economic sectors such as financial institutions, healthcare organizations, and others to provide quality products and services to its clients. For instance, the firms under this industry provide accommodation facilities, food, drinks, recreation facilities, and reservation services for hosting events. The main focus of this industry is to ensure that their clients can get the best customer service that would result in the best customer experience within these firms. This industry provides quality services accompanied by the huge cost of providing these services and safe record keeping of the clients’ information.
The hospitality industry is one of the industries that produce big data on a daily basis. This big data combine unstructured, semi-structured, and structured data. Unstructured data comprises information with no specific format, and therefore, it is hard to understand and analyze this type of data. The structured data type contains information that is organized in a particular format, and therefore, it is easier to interpret and understand. The semi-structured data type contains information that combines structured and unstructured elements. As a result, there are several concerns and challenges associated with managing these volumes of data. For instance, hotels are majorly targeted with data theft because they store a large volume of information, including the personal details of their clients, such as name, age, gender, address, payment, and transaction details (Yallop & Seraphin, 2020).
Consequently, information governance is critical in addressing these challenges that affect data storage. For instance, when a client checks into a hotel, he is expected to provide his personal details for record-keeping. Therefore, the information is stored in the hotel system for future reference, especially when the client is checking out. It may be not easy to manage the accumulated bulks of information and, therefore, information governance chips in. it ensures accountability and security of information by determining who is responsible for particular information, where the information is kept, how the information would be used, and the people with access to such information. Therefore, the main purpose of implementing the information governance program is to ensure that all the necessary information recorded is used appropriately for the sole purpose it was intended for and by the right people.
Data breach is a common occurrence in the hospitality industry, and it distorts the trust between organizations and their clients. It also ruins the reputation of these high-profile organizations that get involved in such scandals. After a series of data breach incidents in large hotels such as Huazhu, Radisson, Hyatt, and Hilton, another latest data breach occurred at Marriot hotel in 2018, which affected over 383 million customers (Shabani&Munir, 2020). This study reveals that every organization within this industry is vulnerable to data breach issues, and therefore organizations should establish ways to curb these issues. According to the data breach report in Verizon’s case, they are three main data threats affecting information security and management in the hospitality industry (Thomaidis, 2020). These threats include point of sale intrusions, insider and privilege misuse, and denial of service attacks. First, the attackers compromise the computers and systems that run the point of sales application, and therefore, this poses a significant threat within the hospitality sector. For instance, once the attackers can access the point of sale device, they install the malware in it to be able to capture the payment card details. Organizations can manage these attacks by suing the multifactor authentication, tracking whoever is using the point of sale system at a given time to ensure it is being used for the right purpose and installing the antivirus software.
The second threat that was revealed in the study was insider and privilege misuse. This involves the case of an existing employee or ex-employee acquiring confidential information for their own selfish gain. For instance, they may use this information to blackmail the client or give it to third parties who would, in turn, use them for malicious gain. Organizations can minimize this threat by training employees to be vigilant with information on mobile devices, monitoring every employee through surveillance cameras, and restricting data access with all the possible means. Lastly, the denial of service attack is one of the prevailing data issues that account for 20% of the data security issues in the hospitality sector (Thomaidis, 2020). Attackers use botnets to create traffic within the networks, forcing the organizations’ operations into a standstill, and therefore, the services are forced to remain unavailable. Organizations should use separate systems within different networks to manage this threat. Also, it is important to update these systems regularly.
A study involving 1500 hotels in fifty-four countries worldwide revealed that 67% of these hotels’ websites leaked confidential information, including booking reference codes, to the advertising and analytics firms (Shabani&Munir, 2020). Also, the same study revealed that some hotel personnel leaked personal details about their clients, including their card types and their expiry date, the digits of the payment cards, and other relevant information. Therefore, organizations should have policies that regulate such behavior. It is important to observe strict adherence to security policies that are established to handle information of the customers or business. Organizations should have a written document that describes how data and information should be managed. For instance, this policy guides how employees should handle confidential information, including emails, physical data equipment, and other data systems. It also stipulates the measure that should be taken against the individual that fails to comply with the provisions of the policies. Additionally, it is important to update these policies continuously due to technological changes, security requirements, and vulnerabilities.
Symantec provided reports on numerous security issues. For instance, 29% of the hotels do not encrypt their initial links that contain booking details to their customer. Therefore it is much easier for other unwanted personnel to retrieve such information (Mikalef et al., 2018). These reports show that data encryption is vital in minimizing the lack of data integrity, including duplication. Organizations should have established encryption policies to deter unauthorized access to private and confidential information. Encryption transforms a message so that unauthorized readers can read its contents. A study reveals that data encryption technique protects a person’s privacy over the internet, including credit card details (Merkus et al., 2019). Therefore, the organization should educate its employees on the benefits of data encryption and the amicable ways of encrypting data to manage data theft.
Social media policy is essential in managing information within the organization. Most people use social media for business and personal purposes. As a result, most crooks are targeting social media users because there is a lot of data stored on such platforms. Hospitality firms have social media platforms used to create awareness about their brands; therefore, it is important to have a social media policy that provides guidelines on how information should be managed on these sites. According to a study by Rochefort, a social media policy instrumental in regulating the social media scandals such as fake news, violation of data privacy, misinformation, and other security issues (2020). Therefore, each organization should implement and ensure strict adherence to social media use to manage security issues that may arise for it.
Merkus, J., Helms, R., & Kusters, R. J. (2019, May). Data Governance and Information Governance: Set of Definitions in Relation to Data and Information as Part of DIKW. In ICEIS (2) (pp. 143-154).
Mikalef, P., Krogstie, J., & Pappas, I. (2018). Information governance in the big data era: Aligning organizational capabilities. In Proceedings of the 51st Hawaii International Conference on System Sciences 2018 (HICSS-51). University of Hawai’i at Manoa.
Rochefort, A. (2020). Regulating social media platforms: a comparative policy analysis. Communication Law and Policy, 25(2), 225-260.
Shabani, N., & Munir, A. (2020, July). A review of cyber security issues in hospitality industry. In Science and Information Conference (pp. 482-493). Springer, Cham.
Thomaidis, A. (2022). Data Breaches in Hotel Sector According to General Data Protection Regulation (EU 2016/679). In Tourism Risk. Emerald Publishing Limited.
Yallop, A., & Seraphin, H. (2020). Big data and analytics in tourism and hospitality: opportunities and risks. Journal of Tourism Futures.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.