37 Pages
9245 Words
IT Businesses Ensure about Security in Organization
INTRODUCTION
Background of the study
Security is the main concern of organization in the modern era. Entities ensure that they take care employee's security so that no accidents occur in the workplace. Companies are redeveloping policies for safeguarding of workers. In the recent era most of the companies provide laptop to staff members so that they can perform their functions well and can mange records properly (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014). Such type of electronic devices may get harmed from virus, or any other factors. In such situation IT companies ensure that employees repair these equipments with extra care. In order to ensure security they train people and monitor their performance. Most of the big organizations have made new policies which ensure that all workers follow best practices while handling laptop repair.
Successfully security awareness program includes assembling of security awareness team, matrices appropriate training content, proper communication. They make sure that people are aware with sensitive information and they know how to deal with such equipments. Employee's also understand consequences of mishandling of laptop, computers in the workplace. Potential consequence that may occur with mishandling of laptops such as reputation harm, penalties (Security Threats, 2017). That is why all workers pay attention on companies policies and follow best practices so that they can repair laptop and other equipment effectively without any damage.
There are various activities that firms follow to ensure that staff is following security based practices while handling laptop repair. Mainly operation mangers arrange class room training for the workers in which they make them aware with risk that may occur while dealing with technical equipments (Every company needs to have a security program, 2008). It may create difficulty for employee and organisation as well. Trainer make them aware with the sensitive information so that they keep secure themselves.
Furthermore, security awareness is being conducted in IT support corporation as an on-going program in order to ensure that people have adequate knowledge about technical equipments and they can handle these equipments well. In this respect IT firms assemble a security awareness team those who have great experience about handling of laptop when it gets damage. This team monitor performance of the engineers when they repair the laptop and other electrical equipments in the workplace. If they make any mistake then their managers supervise them and make them aware with their mistakes (Ab Rahman and Choo, 2015).
Current study is based on Aveva Group plc, Axios system firm, Atego company which is the multinational firm working in field of information technology. These firms provide information management solutions, technological services to the corporate clients and end users. The main purpose of the firm is to offer the best technical support to the customers. It ensures that employees of the company perform their duties well and follow practices properly (Kokilam, Joshi and Kamath, 2016). The main purpose of this study is to access the manner in which IT support firms ensue about security based practices while handling technical operations or repairing of laptops.
Rationale of the study
The main reason of conducting this study is that security issues are increasing in IT industry. Firms those which are operating in the sector are facing troubles related to increasing accidents of employees while dealing with electrical devices. In such conditions overall brand image of the corporations are decreasing. Another reason of carrying out this investigation is to improve security based practices in IT firms so that operations can be done properly (Skopik, Settanni and Fiedler, 2016).
Significance of the study
This research is very important for IT firms where employees have to deal with technical equipments daily. By this way these entities will be able to identify issues while handing with such devices. This will help in finding solutions through which security can be improved. Furthermore, this investigation will be beneficial for the workers because they will be aware with sensitive information related to security (Tøndel, Line and Jaatun, 2014). Companies will be able to improve their practices so that they can keep their staff members secure all the time. In addition, this study will help the other scholar in conducting study on the same topic in the future.
RESEARCH QUESTIONS AND OBJECTIVES
Aim
"To access the manner in which IT businesses ensure about security based practices while repairing laptop: A study on Aveva Group plc, Axios system firm, Atego company."
Objectives
- To understand importance of security awareness in Aveva Group plc, Axios system firm, Atego company.
- To analyses issues that may occur while repairing of laptop in the organization.
- To Critically evaluate best practices which enhances the awareness about security while handling electronic devices like Laptop.
- To determine strategies and monitoring process that Aveva Group plc, Axios system firm, Atego company adopt to ensure that staff members are following security based practices while repairing laptop.
- To recommend ways through which security can be enhanced in the organization and risk can be minimized.
Research questions
- What are the importance of security awareness in Aveva Group plc, Axios system firm, Atego company?
- What are the main issues that may occur while repairing of laptop in the organization?
- What are the best practices which can enhance awareness about security while repairing Laptop?
- Explain strategies and monitoring process that Aveva Group plc, Axios system firm, Atego company adopt to ensure that staff members are following security based practices while handling technical operations?
LITERATURE REVIEW
Importance of security awareness
As per the view of Caputo and et.al, (2016) information technology is become the essential part of business unit. In the competitive era each firm has to use advance technologies and hardware so that they can conduct their operations effectively and smoothly. But increasing IT risk has forced the firms to take step for making people aware with the security and develop best practices through which risks can be minimized to great extent. IT risk management can be defined as making balance between cost of development of secure IT infrastructure and potential damage in the organization (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014). In this respect firms have to ensure that they develop secure environment in the workplace, make available all necessary things through which risk can be avoided and ensure adequate control over operations.
According to Epstein and Buhovac, (2014) Security is the most important part of business. Security issues not only impact on brand image but also affect employees physically and mentally. If companies maintain security in the system then it supports the organizations in improving their brand image and in creasing loyalty of the workers towards the corporation. Security awareness is beneficial in retaining staff members in the workplace for longer duration and improving the performance level (Security Threats, 2017). It is important and support the workers in developing understanding level and reacting properly when such type of IT risk arise in the workplace. Through security awareness people get to know about sensitive information and they take care of these things repairing laptop, computers or any other electrical deceives.
Kahtan, Bakar and Nordin, (2014) stated that security awareness is not that much important in the workplace. If companies make effective work based practices and monitor performance of the workers properly then such type of risks can be minimized so there would not be requirement of making people separately aware with this sensitivity information. Employees those who work in IT firms are well aware with the technical devices and they know how to deal with them. If these people have necessary education about electrical devices and their dealing ways. So they always perform their work with extra care (Every company needs to have a security program, 2008). Thus, there is no requirement to arrange additional security awareness programs in the organizations.
As per the view of Skopik, Settanni and Fiedler, (2016) security awareness is essential for IT support companies. Through this, companies can detect suspicious activities and can minimize security incidents to great extent. Apart from this security awareness supports in proper maintenance of the electrical devices that help in saving cost of the organization significantly. That is the best way through which entities can control over operations and can monitor performance of the workers effectively when they handle technical equipments or repair laptops.
Kokilam, Joshi and Kamath, (2016) argued that security awareness programs enhance reputation of the firms and enhance satisfaction level of consumers. If entity take cares of security then employees will be satisfied and they will deal with consumers well. It is the best tool through which company can enhance its sales volume and can generate moire revenues in the workplace (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014).
Issues that may occur while repairing of laptop or dealing with devices in the organization
According to Ab Rahman and Choo, (2015) common issue that occur in IT firms is physical damage to employees. Whenever individual deals with technical devices or repair laptop or computers then employees are required to have necessary information about sensitive information. If they do not have knowledge about risk then it may cause physical damage to them. While repairing of laptop blast of battery, loss to data etc. issues may take place in the workplace. For that workers have to be attentive so that such type of risk do not take place. If battery gets blast then it may case serious industry to the staff members which ma increase disgruntled among employees (Security Threats, 2017). Most of the time staff members do not concentrate on their work and they handle electric device without any concentration. In such condition issues like damage, harm of data take place. That not only impact on workers but also affect brand image of the corporation to great extent.
Kahtan, Bakar and Nordin, (2014) stated that generally important data is being saved into hard drives. This is considered as sensitive instrument which suffers from sudden blows. This can turn into big damage. In such condition when life span assigned to the people then there is high chances of loosing of data. At the same time hackers can attack on laptop and they can hack confidential information of the organization (Every company needs to have a security program, 2008). It is the biggest IT risk which can harm company to great extent.
According to Ab Rahman and Choo, (2015) wrong use of hardware or software may impact on laptop or computers. Incorrect installation, formatting of files are such threats which causes damage to the hardware. In such condition staff members have to repair them with extra care. Small mistake can break of damage the system completely.Â
Socio-cultural and geographical dimensions
As per the view of Kahtan, Bakar and Nordin, (2014) Socio-cultural aspects are considered as main of the main factor that increase IT risk in the information technological companies. Most of the time people do not care the official material properly because of their social cultural background. Most of the employees repair laptop with wearing gloves because they belong to such culture where wearing gloves is not necessary. Such type of aspect increase chances of risk and accidents in the corporations. Kahtan, Bakar and Nordin, (2014) argued that geographical location matters a lot in security issues. People those who belong from rural areas they are unaware with the latest equipments, in such condition they get trouble and they do not easily understand how to repair such laptop and other technical devices (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014). On other hand urban area employees are well aware with the handling techniques of technical devices. They know about standard so if management make them aware with these standards the n they can easily understand whereas rural area's people find difficulties in understanding such standards.
Best practices that enhances awareness about security while handling electronic devices
As per the view of Kokilam, Joshi and Kamath, (2016) IT support companies ensure that staff members follow security based practices in the workplace whenever they have to deal with technical equipments. In this respect companies always organize training program in the organization in which they make people aware with the sensitive information about how to deal with laptop, computers etc. This helps the workers in improving their knowledge about electrical devices and keeping themselves secure from threats. While handling laptop or repairing them many times risk such as battery blast, loosing of data type of risk get arise. In such condition people handle such equipments with extra care and always keep themselves away from risks (Security Threats, 2017).
Ab Rahman and Choo, (2015) stated that IT firms make strict rules and regulation that are required to follow by each workers while dealing with technical devices. This practice helps firms in minimizing security risk and improving performance of the organization. Development of risk assessment plan is helpful that aids in ensuring that staff members get prevented from threats and they handle laptop well. Organizations make effective policies give necessary training to staff members about entity's policy (Every company needs to have a security program, 2008). It aids organization in enhancing security in the workplace.
As per the view Skopik, Settanni and Fiedler, (2016) assemble of security awareness team is the best practice which supports in reducing IT risk of the firms. By assembling security awareness team entity can ensure that electrical devices in the workplace and during their work physical injury may take place. In such condition security team can monitor performance of workers effectively and they recheck their work while repairing of laptop. This supports in preventing from threats and minimizing accidents in the workplace.
According to Ab Rahman and Choo, (2015) management of IT firms always concentrates on providing necessary training to the staff members so that they get to know about IT risk and how they can handle these issues. Management always understand necessity of effective security policies thus, they make such norms through which individual can perform their work with extra care and no issues take place in the workplace. In this respect IT companies make people aware with things that need to be considered while handling technical devices. That enhance understanding level of workers And they repair equipments with extra care (Security Threats, 2017).
Kokilam, Joshi and Kamath, (2016) stated that IT support corporations generally communicate through email, e-learning, social media channels about the sensitive information. They ensure that all employees are aware with electronic security awareness notifications. Apart from this, companies always coordinate with staff members through non electronic mediums such as posters, newsletters, instructor led training events etc. In the person security awareness events most of the organizations involve their employees in this event. This supports in knowing their views and identifying their perceptions. Managers conduct face to face meeting with their employees and give presentation over handling technical equipments. As per the view of Skopik, Settanni and Fiedler, (2016) IT companies time to time send their workers to attend external training programs and gather material about IT risks (Every company needs to have a security program, 2008). National institute of standard and technology has introduced information technology security awareness and training programs. This is completely based on IT risk and how individual can get prevented while handing technical equipments in the organization.
According to Ab Rahman and Choo, (2015) implementation of tracking mechanism is considered as best practice to reduce security risk in the workplace. Whenever workers handle or repair laptop then it is essential to track their working. It helps in identifying their mistakes and giving them training accordingly. It is the way through which organization ensure that no employee makes mistake while handling technical or electrical devices.
Strategies and monitoring process that IT firm adopts to ensure that staff members are following security based practices
As per the view of Kokilam, Joshi and Kamath, (2016) IT asset management is the best strategy that assists in minimizing risk related to security. Implementation of IT asset standardization and rationalization for reducing risk related to It security are the best practices that can be adopted by companies those which are operating in the information technology field. Implementation of these standards support in managing IT equipments well and improving security in the workplace. Information technology asset management is considered as set of business process which is generally designed by the firms to manage inventory of technological assets. It is the beneficial tool and aid in lowering IT cost and improving productivity of the business unit (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014). This typical and strategic IT asset management tool supports in ensuring security based practices in the workplace. By this way workers use equipments with extra care and try to minimize their mistakes.
According to Ab Rahman and Choo, (2015) Monitoring, controlling and managing are the privileged credentials that are helpful in ensuring the staff are following security based practices. Implementation of protocols and tracking infrastructure is the best activity or strategy that assist in ensuring that people are following company's practices effectively. By implementing protocols in the workplace managers can ensure working performance of the individuals and they can guide them well. This supports in identifying issues in the workplace when people have to deal with technical equipments. That helps in taking proper measures to minimize risk of the organization and improving security of the business unit.
Skopik, Settanni and Fiedler, (2016) stated that reviewing IT security polices is the great strategy through which company can ensure that people are following practices properly or not. By comparing the results' entity can get to know issues in the system and can improve its security polices. Conducting audit time to time is the best practice that ensure working of the organization. By conducting internal audit companies can get to know how much employees have knowledge about repairing or handling technical devices. Ab Rahman and Choo, (2015) argued that time to time meeting with the technical staff is the best monitoring strategy through which management measure working knowledge of the workers and measure their performance against standards (Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014). Furthermore, whenever new staff come to the office senior staff monitor their work and make them understand with the effective use of technical devices. It is the way through which companies ensure that person get to know about practices and repair laptop well.
According to Kokilam, Joshi and Kamath, (2016) inventory management concentrates on stock and it equipments that are required to repair technical devices. They maintain records of all tools and if workers are consuming more assets as it is required or misusing these equipments then this report circulates to higher departments. By this way management level employees conduct training programs and make them aware with the effective ways of handling such electrical equipments.
RESEARCH METHODOLOGY
Introduction
Research methodology is the set of process which assist researcher in answering research questions and completing dissertation in proper manner. There are many tools and techniques which suggest scholar in finding answers of unanswered questions (Coiro and et.al, 2014). This is most important part of investigation which develop understanding of researcher and give insight detail about the topic. By applying these methods individual get to know cause and effect relationship between variables and individual get facts about subject matter. Selection of appropriate research method matters a lot, it assists in meeting with the real objective of dissertation.
Research philosophy
It is the major tool which generally deals with source and knowledge. It concentrates on way through which data about the topic is being collected by scholar. There are many research philosophy tools that are related with wide range of disciplines (Creswell, 2013). It is essential to chose correct philosophy as per the nature of study. In the absence of this scholar will not be able to get reliable information about the subject matter.
There are interpretivism, positivism are two main philosophies that are used in different types of dissertation. Interpretivism tool involves human being into the investigation and try to find of their opinion about topic. Researcher analyses psychological aspects of the person and get information by this way. On other hand positivism tool is another type of technique which concentrates more on social reality and observe the facts. In the current investigation scholar has applied positivism philosophy (Gioia, Corley and Hamilton, 2013). This has supported in collecting information about manner in which IT businesses ensure about security based practices while handling technical operations. Individual has emphases more on facts and complete the study in highly structured manner.
The main reason of choosing positivism philosophy is that to carry out investigation in well structured manner. It is scientific in nature thus helps in gathering reliable data about the topic. By using this tool scholar has become to minimize error. If individual have taken support of interpretivism philosophy then researcher had to involve human being into this study which would be time consuming and would not be able to give scientific results. Thus, use of positivism method was appropriate for the current investigation.
Research design
It is another tool which is related with strategies to collect data. It is considered as arrangement of conditions through which scholar can easily gather details and analyses data properly. There are many types of research designs such as explanatory, exploratory, descriptive etc. Exploratory research design is the type of method which is applied in such places where individual has to investigate the new area (Myers, 2013). That supports in investigating completely new factors that are related with the subject matter. Descriptive research design is another method which describes or provide clear picture of the situation. It is used where individual is required to justify current practices and develop theories.
In the current dissertation scholar has applied descriptive research design. This has supported researcher in obtaining clear picture about security based practices and security IT risk in the information technological firms (Sage.Silverman, 2016). This has supported the scholar in accessing the manner in which IT businesses ensure about security based practices while handling technical operations.
The main reason of using descriptive research design was to analyses non quantified variables effectively. By using this method scholar has become to observe phenomenon from natural process. This has supported in gathering relevant data in less time. If scholar has used exploratory then it may consume more time and individual will get such data which can not be changed. Thus use of descriptive design was appropriate for the dissertation.
Research Approach
Inductive and deductive are two main type of approaches. Both have unique characteristics and have unique features. As per the nature of the study scholar apply these methods into the investigation. Deductive approach is the type of approach in which researcher collect data in order to formulate hypotheses and relate it with existing theory. It is the techniques which is applies in quantitative type of investigations (Taylor, Bogdan and DeVault, 2015). On other hand inductive approach is applies in qualitative type of studies where scholar does not formulate hypotheses, individual conduct the investigation in generalising manner and carry out the study from general to specific manner.
In the current dissertation scholar has taken support of inductive approach. Individual has used already available theories and develop understanding level about manner in which IT businesses ensure about security based practices while handling technical operations. Individual has not used any statistical data in this study and has not created any hypotheses (ŽikiÄ, 2016).
The main reason of choosing inductive research approach was to sense the problem and analyse situation well. As it is logical approach and provide more scope to get quality data ad results. Data intensity of this approach is high. Thus use of this approach was appropriate for the study.
Data collection
It is one of most important part of dissertation, if individual does not have adequate information about subject then it may create consequences for scholar to carry out the study in effective manner. Primary and secondary are two main sources of collecting detail about the subject matter. In the primary data collection technique individual gather information by own, individual ask participants or observe the facts (Myers, 2013). On other hand in the secondary data collection source individual take support of already available information. On the bases of already available details researcher carry out own study.
In the current dissertation researcher has applied secondary data collection sources. As laptop repair is the sensitive task in the IT firms. People may get injured while doing laptop repair if they do not have adequate information. Most of the workers have not adequate knowledge about repairing and sensitive information related to repair. Thus, if researcher could take support of primary data collection source then people will not be able to give adequate detail on this topic. Thus use of secondary data collection sources was appropriate for the current dissertation. Scholar has taken support of books, journals, internet articles in order to gather information about laptop repair. In order to gather information researcher has accesses authorized sites and has taken permission of some IT firms in order to get detail about their laptop repair procedure. Individual has not involved any person in the investigation and has developed understanding by reading books, journals, internet articles on the manner in which IT businesses ensure about security based practices while handling technical operations. In order to gather information about the manner in which IT businesses ensure about security based practices while repairing laptop researcher has used books, journals, internet articles etc. These secondary sources have supported in developing understanding about the subject matter and reaching to the final results.
The main reason of using secondary data collection sources is that it is time effective method and individual has become to gather quality information on laptop repair and company's policies in less time. By using this tool scholar has become able to compare the data and get to know right details. This has supported in longitudinal analyses. Scholar has sort of the information as per the priorities and variables available in the study. Researcher has selected only such articles which are specific related to laptop repair and company's measures. As researcher was having less time thus, individual has decided to select secondary data collection tool for gathering detail about subject matter. Investigator has read earlier books, journals, internet articles related to the subject and selected such articles which are completely related to objectives.
Data Analyses
Scholar has to analyse data in order to get accurate results. Through analyses individual can get findings about the topic. In the current study scholar has taken support of secondary analyses method. Individual has developed themes and on the bases of these themes researcher has analysed the data (Coiro and et.al, 2014). By using books, journals, internet articles individual get to know about the facts of manner in which IT businesses ensure about security based practices while handling technical operations.
The main reason of choosing secondary data analyses tool is that researcher had not to spend much time, money, energy and resources on analysing these information. Other scholars have already analyses these data thus, it was easy to understand for the researcher and finding accurate results by using secondary data analyses method.
Ethical considerations
It is the responsibility of scholar that to follow ethical aspects strictly. In order to conduct this investigation in effective manner scholar has to emphases on ethical aspects. Researcher has taken ethical approval from the concern authorities in order to complete this dissertation in effective manner. Furthermore, scholar has not accessed any site which is unauthorized, individual has read articles and taken data from authorized site. Before conducting investigation on It firms individual has taken permission from the supervisors and supervisor has checked entire dissertation carefully (Gioia, Corley and Hamilton, 2013). Scholar has not forced any person to share their views. Individual has not involved any participants into the investigation in order to gather information about subject matter.
Researcher has maintained confidentiality in the entire dissertation. Scholar has not disclosed any information with third party. Researcher has stored all the details in password protected computer. Scholar has not leaked this detail that has supported in completing this study without any complications. Individual has read books and journals that have been written by other others on the same topic (Creswell, 2013). Individual has understood the manner in which IT businesses ensure about security based practices while handling technical operations and translated this information in own words in the current dissertation. This has supported in avoiding plagiarism issue in the study.
Research limitation
Scholar has faced many issues during the investigation. Investigator was having limited period of time. In such limited duration scholar was unable to complete such lengthy dissertation. But scholar has scheduled activities properly which has helped in meeting the time length. With the assistance of proper scheduling scholar has completed this study on time (ŽikiÄ, 2016). Furthermore, researcher was required funds for gathering data, for using instruments so that data analyses can be done effectively. But due to limited financial resources researcher was unable to use advance technologies. Thus, for analysing the data on manner in which IT businesses ensure about security based practices while handling technical operations researcher has used secondary data analyses tool. This was appropriate for the present study and has supported in finding accurate results on the subject matter (Taylor, Bogdan and DeVault, 2015).
It was very difficult for the scholar to ensure that all information are relevant but for that researcher has compared the data from other authors and reached to the final conclusion. This has supported in ensuring that data that are used in this study are relevant.
As scholar has not collected data from primary sources, it was another limitation of this dissertation. In secondary data sources researcher was unable control over quality of data. Secondary data may be out dated, if individual could use primary data so it would be better to know real situation of companies and laptop repair process in organization. In order to make the research more effective scholar will use primary data collection sources in the future. This would support in minimizing lacking point and improving quality of data.
In order to collect information companies take support of annual report of particular firm, analyses market trends and take feedback from employees of relevant field., This supports them in gathering in-depth details . They do not really comment over it , they just make strategies by looking at the issues.
DATA ANALYSES
Introduction
The data analyses chapter is important part of the study, scholar has to manage data in right format and have to interpret it properly. For that it is essential that used data needs to be clean and clear. There should not be any wrong information about the subject matter. Before analysing the information scholar is required to ensure adequacy and accuracy of the detail so that valid results can be obtained. In this section researcher will use secondary data analyses method in order to analyses information about manner in which IT businesses ensure about security based practices while handling technical operations.
Data Analyses
Theme 1: Importance of security awareness
Interpretation: From the secondary research it is analysed that Companies have to look at the employees' security first. It is the essential tool that helps in reducing costly errors in the workplace. Most of IT firms communicate to their staff members about IT risk so that they take care of standards and try to avoid consequence due to It issues. Increasing accidents while hand;ling laptops not only affect physically to the employees but also it impacts financial condition of the firm as well. Corporations have to install new equipments in the organization which enhance operational costing of the entity. By making people aware with the security issues entity can reduce cost and enhance retention of workers as well.
From the secondary analyses it can be interpreted that overall performance of company is depended upon the efficiency of the skilled workers. If people are performing their work well and they are satisfied then it may support in gaining success and sustaining in the market for longer duration. Security awareness programs enhance satisfaction level of employees and they retain in the workplace for lengthy duration. Human errors can increase issues related to data security headaches. In such condition individual risk of data leakage gets increased which impact on competitive advantage of the business unit. Thus, by giving security awareness training IT companies ensure that their confidential information remain maintain.
Theme 2: Issues that may occur while repairing of laptop
Interpretation: From the secondary analyses it can be interpreted that laptop, computers etc. all technical devices are very important in the world place, It is responsibility of employees and organization as well that to ensure that person repair the laptop properly. The most common issue that arise while repairing of laptop that attack of blue screen. In such condition current data can be hacked by other computers and can destroyed by viruses. It is most complex issue due to which IT firms can face huge difficulties and can get failed to met with the customer requirements. Furthermore, improper assembling of parts can cause physical harm to the employees those who operate this laptop after repairing. This is the major issue that increase damage and affects branding of IT support corporations to great extent. Overheating is the major problems in laptops due to which battery can get blast. In such condition laptop can get crush suddenly. In such condition company has to invest in new parts and has to insert fresh parts into it. If repairing is not being done properly then it increases cost of the firm to great extent.
Theme 4: Best practices which enhances the security awareness
Interpretation: From the secondary analyses it can be interpreted that assembling of security awareness team is considered as best practice that can support in minimizing IT risk and making people aware with the security. In this respect IT firms develop formal security program, in which it involves skilled and experience people those who have lengthy experience of dealing with technical equipments. This team has responsibly to develop knowledge of employees, delivery necessary sensitive information and maintain security in the workplace. Security awareness team ensures and monitor working pattern of workers and accordingly it guides well. This helps the firm in accomplishing its objective soon. Size and membership of this team depends upon the needs and size of the organization to great extent. From the analyses it can be interpreted that identifying level of responsibility is the main aspect through which IT firms can meet with their objectives. By making people aware with their role and responsibilities in the workplace such type of issues and can reduced and performance can be improved.
From the analyses it can be interpreted that companies are focusing on the security of the employees thus, they make strict rule and regulation that can help in minimizing accidents. Companies have to follow standards and policies that can support in reducing chances of risk of security. Secondary analyses can be interpreted as participation of workers in overall security strategy of the company. It firms have skilled and talented staff members those who have better knowledge about cyber security and hardware issues. They all discuss upon company's strategy and give their views on it. This supports the firm in implementing effective policies that can support in meeting with standards and minimizing security risk in the workplace.
Theme 5: Geographical and socio-cultural dimensions
Interpretation: From the secondary analyses' method it is analysed that technological dimension support the firm in its growth and sustaining in the market for longer duration. In the modern business environment companies are making massive changes in their technical devices so that they can improve their efficiency level. Earlier there were no computers, laptop all work was being done manually. But now entities have adequate technical equipments that assist in smooth functioning of the operations. This has increased competition in the corporate world and has helped in enhancing communication as well. Socio-cultural dimensions includes changes in demographic characteristics, norms, customs, values etc. Geographical distribution and density of population are considered as essential socio cultural dimensions. There are many rural areas where people do not have adequate resources and technical equipments. When employees come to such rural areas then it creates difficulty for them to understand the repairing methods of laptop and understand standard as well. Such type of the difference in geographical condition increase security risk in the business. When people have no knowledge about handling of technical equipments then it becomes difficult for the organization to make them understand with sensitive information. This is the main reason due to which employees fail to perform their duties well.
From the secondary analyses it can be interpreted that social norms and values do not allow person to follow some practices. Such as in some cultural wearing leather gloves is not acceptable. If individual repair technical or electrical equipments without wearing gloves then it increases chances of getting touch with electricity shock etc.
Theme 6: Strategies and monitoring process that IT firm adopts to ensure that staff members are following security based practices
Interpretation: From the secondary research analyses it can be interpreted that information technology firms are taking care of the element that there employees get safer environment while handling laptop and other technical devices. In this respect these entities organize meetings and training programs for the staff members so that their performance can be improved. Workers are the life blood of the organization if they are not safe and secure then it may affect their satisfaction level to great extent. In order to monitor that whether staff members are following security based practices or not entity generally supervise their performance. Company has made several policies in order to improve security services of the firm. Each employee is being monitored against these polices. It supports the organization in gaining success and keeping their workers secure while laptop repair. On other hand it is analysed that Aveva Group plc monitor performance of the employees against the standards. It measures their performance level and ensure that people repair the laptop and other technical devices by following standards. That is the reason that organization has developed healthy environment where all workers are happy and satisfied.
It is analysed that Axios system firm has made strategy where all the staff members have to perform their duties of laptop repair under supervision of their seniors. They have to discuss the process of repairing with seniors and they have to follow their guidelines strictly. This supports entity in reducing work based accidents and helps in retaining staff members in the workplace for longer duration. Whereas from the secondary analyses it can be interpreted that Atego company organize meetings with the staff members and check their skills regarding laptop repairing. This supports in identifying the loop fall in the system and accordingly company organize external training programs for them. It helps in making people aware with the actual standards that need to be followed. This supports in repairing laptop without any IT risks. It develops healthy environment in the workplace and minimize accidents in the organization.
Theme 7: Ways that support in improving security and minimizing risk
Interpretation: From the secondary research analyses it can be interpreted that security is the main issue in the recent era in IT firms. There are many entities those which are operating in this field but many accidents are occurring in the workplace when employees deal with technical devices. It is analysed that by making effective regulations and policies as per the industry standards entity can improve security based services when individual repair laptop. Companies are required to use high quality assets or inventories for laptop repairing. This is the best way through which issues or risk can be minimized to great extent in the workplace. Workers know that they have to deal with electrical devices ion such condition they may face physical injury. In order to improve security Aveva Group plc, Axios system firm, Atego company have to make effective policies so that standards can maintained and such type of accidents can be minimized. Use of poor quality equipments can cause physical injury, due to this battery blast etc. cases can take place. For that it is required to use high quality inventories while assembling or repairing of laptop and other technical devices.
From the secondary research it can be interpreted that by arrangement of training programs and security awareness programs are the best ways through which security can be improved in the workplace. It is the way that supports in enhancing knowledge of workers that how to deal with laptop, what issue may take place while repairing of laptop and how they can prevent themselves etc. Such type of awareness can increasing knowledge of the persons about effective dealing with technical devices and that can take care of prevention measures so that no IT risks take place. This is the only manner through which entities can keep their workers secure and can raise their confidence to great extent.
DISCUSSION
From the above study it is analysed that computer security is considered as one of the most important aspect that need to be maintain in the organization. Safeguarding of computer resources, data integrity, access to authorised users are the main elements that companies ensure to follow. Companies have to handle and manage large number of data. They use laptop 24*7 in such condition laptop may get damage or its parts may get affected badly. In such situations companies give such damage laptop to their technical staff members to repair it. Whenever they repair such equipments issues like battery blast, data hacking, damage to data issue may take place. It creates consequence for the business and increase its operational cost. Apart from this many times it causes physical harm to employees as well. In such condition people become dissatisfied towards the firms. From the study it is analysed that safeguarding is very important aspect in the organization. Security awareness is very important thing in IT companies.
It is analysed that digital security is associated with security awareness in which companies take initiative to educate their employees regarding how to deal with technical equipments and other electrical devices in the organization. Most of the time employees when deal with laptop then IT issues may harm them physically. Inattentive staff does not have much knowledge about IT security based practices. This is may issue due to which workers have to face consequences. IT security best practices helps in providing countless opportunities to the organization in securing confidential information of the firm from hackers and other competitors. It is very important that workers have proper knowledge about the laptop repair process because day to day employees activity impact on the overall performance of the business unit. By organizing security awareness programs companies can ignore IT risk to great extent. As per the study of Enterprise management associates, Inc. (EMA) 2014 has discusses that approx 58% employees store confidential information in laptop but whenever laptop gets damages then in repairing process these confidential details get deleted or hacked. This is big loss to the firm because it leaks their planning and management details to the competitors. Apart from this due to increasing human errors impact on over all device and issues related to battery blast etc. cause physical harm to the staff members. This increase dissatisfaction in the mind of employees and they think that company is unable to provide them secure environment. This impact on their performance and they move to other firms.
From the above study it is analysed that security awareness programs are helpful in detecting suspicious activities. By this way workers can minimize chances of security incidents in the workplace. Proper awareness training enhance knowledge of the workers and help them repairing the laptop with extra care. This awareness programs make the employees aware with the appropriate use of resources and helps in continuous improvement. By this way accidents can get minimized that can assist in improving reputation of the business unit. Aveva Group plc, Axios system firm, Atego companies provide IT solutions to the corporate and normal clients. When repairing of laptop is not done by the firms properly then companies will get failed to provide effective IT solutions then it decreases satisfaction level of consumers. It is the best way that supports in maintaining stability.
From the above study it is analysed while repairing laptop many IT issues may take place in the organization. Most of the firms those which are operating in the information technology field have to deal regularly with technical devices and electrical devices. In such condition when people repair the equipments then chances of battery blast etc. take place in the corporation which may cause physical harm to the workers as well. Apart from this when issue take place in the business unit, at that time satisfaction level of workers gets decreased. By this way people think to leave their jobs and entity also have to buy new laptop. This increases operational cost of the entity and reduce its brand image. Increasing IT risk enhance team problems in the workplace. By this way people fail to coordinate well with others and that increases communication problems as well.
From the above discussion it is analysed that most of IT firms are adopting various best practices to make their employees aware so that IT risks and accidents can be minimized to great extent. Arrangement of security awareness training programs is the best practices that assist in improving knowledge and skills of the employees. In the training programs entities give them proper information about sensitive things so that they can take care of these elements while repairing of laptop. On other hand in training programs companies involve external trainers those who are expert of this field. These expert people give them practical knowledge about how laptop needs to be repaired, what equipments are required to be assembled and what type of quality they need to be maintained. This training programs helps workers in identifying their mistakes and they take care of security elements in the future whenever they deal with laptop and other technical devices.
Above study has discussed about best practices which can enhance awareness about security while handling laptop and repairing these technical devices. In this respect it is analysed that personal supervision of seniors and management is the best element through which security can be ensured by IT firms. Most of the companies such as Aveva Group plc, Axios system firm, Atego company provide personal supervision to each employees. Whenever technical staff members is required to repair a laptop then at the same time senior staff members would be present there. This helps in analysing their mistakes and making them aware with the practical information. This supports in minimizing chances of errors in the workplace and people be safe. Most of the times companies face difficulties to make the person aware regarding security those who do not belong to such field. If the person does not have basic knowledge about handling of technical devices then overall training programs may get affected and it fails to meet with its real objective.
Development of effective security policies is the best practice that support in improving overall condition of IT corporations. Most of the companies make regulations that can help in meeting with the standards. Government has made proper standards for each element, it is compulsory that employer provide healthy and safer environment to the employees so that no issues take place. Entities are making effective risk mitigation control strategies so that all workers can perform their work properly and no harm take place. Corporations assemble quality equipments in the Laptop so that issues related to blast of battery, damage of hard disk etc. do not take place. Significant risk mitigating strategies support in reducing accidents and minimizing operational cost of the firm. Company time to time conduct audit in the workplace in which committee gives report about risk management aspect of the firm. This supports in making necessary changes in the company's polices and improving overall business performance. Furthermore, entity assess the risk that are involved in the workplace related to security and engage external parities for ICT services in order to mitigate such risk. This policy of IT firms are helpful and beneficial in minimizing the issues related to information technology and support in handling of technical devices effectively.Â
Monitoring process plays significant role in the business unit. Aveva Group plc, Axios system firm, Atego companies those which are operating their business in IT field, they have to monitor overall working of the company closely. There are many technical engineers work those who have to deal with such equipments daily. If they do not take care of security then it may cause physical harm and can affect organization's reputation as well. In order to ensure security best practices firms always test the skill of the person before recruiting them for the post. In the interview session recruitment committee ask them questions related to technical field. This helps in analysing skills of the person and hiring right candidate in the workplace. Apart from this, corporations always ensure that people follow policies and regulations. Whenever they have to repair laptop then it is compulsory for them to wear gloves. But due to lack of monitoring process people do not follow such type of regulations strictly. In such condition security risk get increased soon. If monitoring is being done closely then it is the best manner of reducing number of accidents in the workplace. By this way staff will be satisfied and they will retain in the organization for longer duration. Overall performance of entity is depended upon the practices of the firm, it corporations take care of standards and maintain standards in the workplace then it will support the organization in dealing with issues well and maintaining security of the workers.
CONCLUSION
From the above study it can be concluded that prevention from risk is the main concern of organization. Firms always try to prevent their employees from It risk and always provide them secure environment so that they can perform their work effectively. Security issues not only impact on brand image but also harm employees physically and mentally. Security awareness is most important element of the business operations. IT based firms make their workers aware with the standards and sensitive information so that these technical staff can take care of such things while repairing the laptop and other technical equipments. It is beneficial tool for retaining staff members in the workplace for longer duration and improving the performance level. Companies provide support to workers for developing understanding level and reacting properly when such type of IT risk arise in the workplace.
From the study it can be articulated that Incorrect installation, formatting of files, use of poor quality equipments are the main issue due to which security gets affected. Assemble of security awareness team is the best practice that is followed by most of the IT firms such as Aveva Group plc, Axios system firm, Atego company that in reducing IT risk of organizations. Assembling of security awareness team support the firm in monitoring the progress of the employees. This team ensure that people repair laptop with extra care and they do not meet with the risk. Security team monitors performance of workers effectively and they recheck their work while repairing of laptop. Implementation of tracking mechanism is considered as best practice to reduce security risk in workplace. Tracking supports in identifying issues in the operations and performance loop fall of the workforce. That supports in making necessary changes in the training programs throughout which overall knowledge of the person regarding handling of equipments can be improved. Whenever workers handle or repair laptop then concern authorities track their working methods. It helps in identifying their mistakes and giving them training accordingly.
Above study can be summarized as that companies are required to make people aware with the sensitive information such as computer failure, misuse of software, unauthorized deletion, fires etc. This may enhance awareness of the people and they pay attention on their technical devices. They repair it by following standards and companies polices so that no issues take place with them and with laptop as well.
CRITICAL EVALUATION
As this study was completely based on laptop repair, there are many other technical devices that are handled by employees in IT firms. In future study can be conducted on these technical equipments. Furthermore, in the future scholar can carry out the investigation on importance of technical devices and how to handle such equipments well in the organization.
References
Books and journals
Ab Rahman, N. H. and Choo, K. K. R., 2015. A survey of information security incident handling in the cloud. Computers & Security. 49. pp.45-69.
Caputo, D. D. and et.al., 2016. Barriers to usable security? three organizational case studies. IEEE Security & Privacy. 14(5). pp.22-32.
Coiro, J. and et.al., 2014. Handbook of research on new literacies. Routledge.
Creswell, J. W., 2013. Research design: Qualitative, quantitative, and mixed methods approaches. Sage publications.
Epstein, M. J. and Buhovac, A. R., 2014. Making sustainability work: Best practices in managing and measuring corporate social, environmental, and economic impacts. Berrett-Koehler Publishers.
Gioia, D. A., Corley, K. G. and Hamilton, A. L., 2013. Seeking qualitative rigor in inductive research: Notes on the Gioia methodology. Organizational Research Methods. 16(1). pp.15-31.
Kahtan, H., Bakar, N. A. and Nordin, R., 2014. Embedding dependability attributes into component-based software development using the best practice method: A guideline.Journal of Applied Security Research. 9(3). pp.348-371.
Kokilam, M. B., Joshi, H. G. and Kamath, V. G., 2016. Strengthening the Pharmaceutical Supply Chain Management with Information Communication Technology Intervention: A Windfall to the Indian Rural Public Healthcare System. Journal of Health Management. 18(2). pp.274-289.
Myers, M. D., 2013. Qualitative research in business and management.
Sage.Silverman, D., 2016. Qualitative research. Sage.
Skopik, F., Settanni, G. and Fiedler, R., 2016. A problem shared is a problem halved: A survey on the dimensions of collective cyber defense through security information sharing.Computers & Security. 60. pp.154-176.
Taylor, S. J., Bogdan, R. and DeVault, M., 2015. Introduction to qualitative research methods: A guidebook and resource. John Wiley & Sons.
Tøndel, I. A., Line, M. B. and Jaatun, M. G., 2014. Information security incident management: Current practice as reported in the literature. Computers & Security. 45. pp.42-57.
ŽikiÄ, B., 2016. Qualitative Field Research in Anthropology: An Overview of Basic Research Methodology. Issues in Ethnology and Anthropology. 2(2). pp.123-135.
Online
Information Supplement: Best Practices for Implementing a Security Awareness Program, 2014. [Online. Available through
Security Threats, 2017. [Online]. Savailable through
Every company needs to have a security program, 2008. [Online]. Available through
APPENDIX
While carrying out the research project I have developed my skills and I become more capable as researcher. Earlier to this investigation I was not well aware with IT risk and importance of security awareness in the organization. But while working on this topic I have realised importance of security awareness training program in IT organizations. Furthermore, I have developed my technical skills, earlier I was not having in-depth practical knowledge about computer hardware, software and its repairing techniques. But this study have improved my technical knowledge to great extent. My research skills have been improved a lot. I got to know how to get right content from books, journals, internet articles. As my study was based on secondary sources thus, I was unable to communicate with respondents. Earlier to this investigation my communication skill was average and I have not developed this skill at all. My presentation skills have been developed, now I am able to present myself in front of mass audience. Earlier I was not having confidence to present myself but now I can effective give presentation at corporate level.