Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities, and Threats - Research Proposal Example

? Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities, and Threats This paper presents a case study for the adoption of e-government in Saudi Arabia where various organizations are studied. The study uses qualitative methods approach where interviews are conducted to various people in various capacities. Literature review also focuses on the scope of e-government adoption in Saudi Arabia and the vulnerabilities of this system of governance. Empirical results demonstrate the e-government application has lots of benefits but it prone to attack from various sources. Introduction Most governments in their attempts to advance their service delivery to the people apply the information and communication technologies particularly the internet to enhance their service delivery system (Fang, 2002). The popularity and the maturation of the computer network allows for the real time sharing of large amounts of useful information between different users. E-government offers governmental administration whereby the citizens and their leaders in the government share the information based on electronic technology (Evangelidis, 2004). The essence of e-government is to break the boundary between the administrative organizations and the citizens of a country thus offering transparency and accountability in the use of public resources. This ensures the buildup of virtual electronic government, which enables the people to get government information, and services through electronic media to enhance the service delivery system. Despite the quick adoption of this lucrative technology, there are problems associated with its operation due to its vulnerabilities and threats as has been witnessed in other places. Security is the most important threat associated with this type of electronic governance system due to various incidences reported in various organizations. This therefore implies that any organization that wishes to employ the use of e-government must be ready to combat the security threats by strengthening the security consciousness. The government of Saudi Arabia has been practicing e-government for the past 15 years with considerable success. The Saudi governments have been harnessing the information revolution to improve the lives of its citizens and businesses operating within their boundaries (Al-Gahtani and Geofrey, 2009). Background information The decision to apply e-government in all the department of the Saudi Arabian government was reached by the cabinet in the year 2005 (Al-Gahtani and Geofrey, 2009). This has necessitated the implementation of the e-government projects in all organizations to enhance the service delivery to its citizens. The Saudi Government have made the rights progress in their determination to enhance security in the various departments of the government. Despite the progress, some delays in the Saudi organizations who work theoretically instead of working practically to embrace e-governance structures in their places. The main reasons for the delays have been due to organizational structures and management principles that are slow in adapting the changes as envisaged (Al-Gahtani and Geofrey, 2009). The implementation of e-government projects has faced various obstacles such as differentiation of the organizations structures making the process difficult. Among the ministries that have recorded slow progress includes the ministry of commerce and the ministry of education while the city council of Al Madena has recorded noticeable progress. Many organization in Saudi Arabia are trying to change their managerial styles and structures in adapting them to technological changes as required by the government. The main difference in those sectors that have succeeded and those that have not is that they apply different tactics and strategies in employing the IT projects in different environments. The results of applying this technology in governance have guaranteed success since there are a number of projects that are growing rapidly. The purpose of this study is to evaluate information security issues in the context of the Saudi Arabian government. This is done by comparing various organizations within Saudi Arabia and their efficiency in the implementation of the e-governance strategies in their workplaces. Aims and Objectives of the research Aim The primary aim of this research project is to conduct a critical analysis of the application of e-governance in the government of Saudi Arabia. Understanding of the e-government project in Saudi Arabia will enable deep understanding of the successes and failure thus leading to effective suggestions for improvement. Objectives In order to achieve the aim of this research project, the following objectives must be accomplished: Provide necessary information about e-governance Conduct an investigation and provide necessary understanding of current organizations structures in conjunction with their behaviors and methodologies as necessitated by the e-governance projects Analyze and identify methods of choosing the best structure for organizations that are struggling with e-government structures Conduct research on how e-government projects work within various Saudi Arabian organizations Research hypothesis H1- The government department that have properly restructured their e-government projects in good working environment works properly and effectively in service delivery. H2-The e-government technological systems are vulnerable to security issues in their application H3-There are potential threats involved in the use of e-government technologies. Research questions What kinds of security threats are witnessed in the implementation of the e-governance? What are the scope and services of the e-government within Saudi Arabia? How can the progress of e-government be measured? To what extent is the e-governance vulnerable to potential attack? What are the –government models are available? How is the IT infrastructure and framework in the context of Saudi Arabia? What is the relationship between IT infrastructure and the success in service delivery? What are some of the best structures that can be applied in the implementation of e-governance? How does the Saudi Arabia government support the e-government policies? How are the e-governance structures and facilities managed in Saudi Arabia? Ethical and legal issues involves in this research The nature of data collection for this research exposes the researcher to a number of ethical issues that should be deal with before the commencement of the research project. Since the research deals with government issues, confidentiality is amongst the most important ethical issues. The researcher will be faced with the challenge of highlighting the weaknesses witnessed in various arms of the government for fear of negative implication. Some organizations may also hesitate from giving important information to avoid unnecessary competition from their competitors. Honesty may also be a problem during data collection as some of the respondents may exaggerate information in order to protect their work by covering their weaknesses. The respondents may also minimize their efforts if they feel that the information they posses are rare and may be stolen by their competitors in other departments and other countries. The participants should be people of integrity to enable easy and quick access of valuable information from the relevant sources and people. The legal issues concerning data collection may also hamper the process and the speed of this research project. Collection of information from the ministry involves many channels that must be followed before obtaining such information. This involves writing of a formal letter in good time that must also require a positive response from various departments in good time. The information acquired from the various government departments should also be accurate to avoid negative reaction from the government. Literature review The scope of e-government use E-government is an abbreviation used to refer to electronic government or digital government that involves electronic interaction between the government and the citizens, the employees and businesses. Fang (2002) describe e-government as a government operated system of information and communication technologies that enhances interaction and service delivery to the people concerned. Fraga (2002) also define e-government as the employment of internet and the World Wide Web in the government information system to strengthen effective and efficient service delivery to the people. According to Coleman (2006), e-government is the enhanced capacity of the public sector together with tis citizens to address particular development issues affecting the country with a lot of ease. From the above definitions, it is clear that e-government employs the use of internet technology to connect the government services to its citizens. It employs the use of the technology as the main framework in developing and the application of the e-government policy. Most of the countries that apply e-governance does it with the aim of improving transparency, accountability, proper service delivery and improve the efficiency of governance (Ndou, 2004). The models for e-government Based on the interaction and the target groups, there are four different e-government models. According to Coleman (2006), the models are; Government to Citizens (G2C), Government to Business (G2B), Government to Government (G2G) and Government to Employees (G2E). Some researchers don’t include employees as part of the e-government model by claiming that they are part of the government and are thus included in the Government to Government (G2G) model (Zhou and Hu, 2008). The government to citizen model is considered the most important as the government is mandated to provide services to its citizens on daily basis hence requires more interaction between them. This technology allows the government agencies to communicate directly to its citizens thus promoting accountability and transparency in the use of public resources. Since the government is divided into several ministries, the e-government is usually done in line with the concerned ministries like the ministry of health, the ministry of commerce, the ministry of public service among other ministries (Evangelidis, 2004). This strategy enables the government to develop useful deliverable services to the citizens in many sectors of education, health and other social services. The government encourages people to participate in various sectors of the nation building through G2C interaction. The process of G2C interaction has enabled the government to its activities like elections, questionnaires, and to get public opinions. The Government to Business (G2B) model allows for the smooth interaction between the government agencies both local and international. This interaction enables the government to deliver services and responsibilities effectively since they depend on other agencies in delivering their mandate. The Government to Employees (G2E) enables the government to interact smoothly with its employees. This enhances the various government processes such as training and handling employee complaints in a quick and interactive manner. The government is also offers new opportunities for pension laws, retirement options and other issues that may be of great significance to the employees. E-government readiness Before a country embraces the e-government technology, it should first demonstrate the ability and capacity to handle the IT infrastructure accordingly. The aspects of readiness include a country’s economic development status, technological development, and human resource development to handle the whole process. E-government challenges The provision of e-governance helps everybody concerned due to huge benefits that come with it. Fraga (2002) argues that before realization of these huge benefits, there are many challenges that must be dealt with. He adds that the complexity and the multidimensionality of the projects have complicated the working of the e-government resulting to various challenges. Ndou (2004) also asserts that the ICT infrastructure requires readiness and computer literacy in order to facilitate the effective exchange of communication between the two sides involved. The telecommunication equipment requires technical know-how to install and maintain every time to avoid lapses which may hinder information flow (Coleman, 2006). Preparing appropriate infrastructure is one of the biggest challenges to the government due to high cost that come with best infrastructure. The laws and policies of the country should also aim at protecting and promoting communication exchange in all sectors of the public (Evangelidis, 2004). Lack of appropriate laws still hinder communication efforts and needs streamlining. The laws should also protect electronic activities, procedures, and functions such as electronic signatures to enhance ICT activities within the country. The laws that hinder privacy, security, and restrictions to electronic interactions should be reviewed to enhance information flow. The skilled personnel are indispensable component of e-government projects for effective implementation of the communication methods. Availability of essential staff is considered a prerequisite for the implementation of the e-government strategies lest they fail. The government should initiate effective training programs to avoid detrimental effects of the e-government application detrimental. E-government vulnerability Vulnerability refers to a system susceptibility to various negative consequences arising from various sources. It is a function of a system exposure to global change and stimuli arising from various areas of unknown sources and selfish interest. According to Coleman (2006), the ICT systems have four areas that can be attacked, they are the peripherals, programs, input, and output, and they are all vulnerable. The technological factors are among the issues contributing to vulnerability of the e-government system. The use of passwords, the virus attack on the systems also contributes to possible routes in which the e-government is vulnerable to attack. The security or the protection ways depend on the protection needs of the system since when they are increased over the limit; it reduces the computer performance (Ndou, 2004; Coleman, 2006). If the protection is reduced below the limits, the system is more prone to attack. In order to combat vulnerability, the IT experts are forced to use solutions such as antiviruses and firewall protection among other technologies that are extremely costly. The human factors also contribute to the vulnerability of the system by various ways. Human beings may use wrong file to perform a specific task or even delete some files mistakenly leading to increased vulnerability. Human errors are more likely to increase technological braches than the technological errors (Fraga, 2002). Research methodology There are various methods of conducting research with the aimed of effectively answering research questions. This research will employ the use of qualitative methods in coming up with a model of effectively answering the research questions. Bell (2005) argues that the approach adopted and the methods of data collection depend on nature of the inquiry and the type of information required by the researcher to fulfill his research objectives. This method applies the use of interviews since in-depth information is required, and the subject matter is potentially sensitive hence needs to be handled carefully (Wilkinson, 2002). The best method for carrying out this research is therefore by use of interviews. The four types of interviews are to be conducted tailored to specific people in various department and positions in the government. Interview Category Interview Type Interviewee Qualifications A E-government planners Monitoring e-government progress B Leaders Working as decision makers Assigning projects and asking for reports Having authority over the organization Affecting or being affected by the failure C Managers Affected or affecting e-government project Participating via knowledge or in IT projects D IT experts Working as IT project managers The IT technical team The interview sections will be divided into three main parts that includes introduction, questioning, and the closure of the interview process. The introduction entails a friendly welcoming and highlighting the project aims and objectives. The questioning time takes most of the time of the interviewing process and includes a recording of the response from the interviewees. The third part will involve thanking the participant for their contribution to the research process. This study will involve 201 respondents. Reliability and Validity In quantitative research, the reliability of the research depends on the researcher himself as the instrument of the research process as demonstrated by Patton (2001). However, according to Bell (2005) reliability of qualitative research highly depends on the design of the study, analysis of the results and quality of the whole process of the study. Patton (2001), states that any qualitative researcher should be highly concerned with validity and reliability while designing and analyzing the study to minimize unnecessary errors within the study. Limitations of the study Some interviewees never trusted the idea that interviews are used confidentiality hence feared to record reliable information expected from them. Some respondents also shied away from my interviews and totally refused to be interviewed for fear that the information may be used against them. Results Despite a few setbacks during the research process, the interviews were done successfully. The recording from the interviews were well handled and the results presented in graphs and charts. The managers showed that e-government process is effective in enhancing services to the people in various capacities. The managers also showed that the government is supportive in initiatives that support the uses of ICT services in service delivery. The leaders also showed continued support for the e-government services. However, they both showed that the uses of e-governance is associated with some threats and risks. The technicians also supported that the system is vulnerable to several threats and they constantly deal with such threats. The IT experts expressed willingness in dealing with threats on several occasions but expressed confidence that the e-governance system is effective in delivering services to the people. References S.S, Al-Gahtani and S.W, Geoffrey. H.J. Information Technology (IT) in Saudi Arabia: Culture and the acceptance and use of IT. Information and Management. 2009. (44) pp. 681-691. J. Bell. Doing Your Research Project: A guide for first-time researchers in education, health and social science, 2005. London: Open University Press, p. 6. Z. Fang . E-Government in Digital Era: Concept, Practice and Development, International Journal of the Computer, 2002. 10(2), pp. 1-22. E. Fraga. Trends in e-Government: How to Plan, Design, Secure, and Measure e-Government, Government Management Information Sciences (GMIS) Conference, 2002. Santa Fe, New Mexico V. Ndou. E–government for developing countries: opportunities and challenges. EJISDC. The Electronic Journal on Information Systems in Developing Countries, 2004. 18 (1), pp. 1-24. M.Q. Patton. Qualitative evaluation and research methods (3rd ed.). Thousand Oaks, CA: 2002. Sage Publications, Inc. D. Wilkinson,. The Researcher's Toolkit: The Complete Guide to Practitioner Research. 2002. London: Taylor and Francis, p. 46. Zhou, Z and Hu, C. 2008. Study on the E-government Security Risk Management. International Journal of Computer Science and Network 208 Security, VOL.8 No.5 S. Coleman. African e-Governance – Opportunities and Challenges, University of Oxford, Oxford University Press. 2006. A. Evangelidis. FRAMES-A Risk Assessment Framework for E-Services, Electronic Journal of E-Government, 2004. 2(1), pp. 21-30. Read More