My first midterm for this semester was on Information System Development Practices. Basically, the course is teaching me how to develop an information system, what methodology to follow, what techniques are good, and what’s tools can help. I love this course actually, mainly because of the lecturer, a lovely lady Associate Professor. Another reason why I love this course is there are only 5 of us in the class. Hence, I get more personal attention and guidance. Hehe!
So, the midterm was scheduled before the CNY one week break. I was diligently studying the required chapters (Chapter 1 – 12, mind you!) and trying to remember all the theories that I was supposed to know. The lecturer told us before that she wouldn’t give us definition questions, so for that I thought I was pretty safe. I’m bad at memorizing all the definitions. Anyway, we were told to answer 8 questions out of 12, one question from each chapter. I went for the midterm that day, feeling anxious and full of expectation at the same time. When I read the first question, I panicked. Not only I had to answer 8 questions out of 10 but the first question was not anything closer to what I expected.
Q1: Read the Google horror story. Identify and discuss the part of the story that can be attributed to technological, human, and/or organization issues.
If you are interested, read the story here.
In summary, the story is about this Bob who was an early adopter of everything Google, suddenly lost everything he put on Google especially his GMail through phishing attack. How phishing works? Bob clicked on a link on his email that looks legitimate from some party but actually it’s a phishing email trying to get your credential (username and password). His dilemma was very serious as his life practically depended on Google. He tried a lot of ways to retrieve his deleted account but to no avail. Lucky for him, his well-connected friends forwarded his story to Google, and they restored his account.
After reading the story twice, I wondered how I should answer the question. The question carried 10 marks. In the end, here is my answer:
More people are like Bob who likes to put everything ‘online’ as today Internet services such as Google are so powerful and easy to use. Everything is integrated in every possible ways to make people’s lives easier. The concern with ‘easy’ is actually security. We do not know where exactly is our data/information that we put ‘online’, who can see them, who has access, etc. Since Google somehow can restore Bob’s account, what if we delete our own account, does that mean our data is not actually been deleted? Are we still safe from using technology today?
People are by nature curious and easily fall prey to any spammers. People sometimes are too depending on technology that they become ignorant to any real threats out there. Such is the case of Bob who is lack the awareness of how to securely use technology. People should always take extra care when using any kind of technologies as you never know who can reuse your data to go against you one day. Always question how secure is my data or should I really put this up online?
Organization such as Google should take phishing as a threat to their business. Although phishing or any spams are basically human issue, organization should take extra steps to prevent or educate. They should provide extra service to protect customer privacy.
Honestly, I was not so confident with my answer. I was not sure whether I really answered what the lecturer was looking for. When we got back our papers (yes, the first ever lecturer who actually gave us back our answer papers with all her marking), I was surprised. She was passing my papers to me and told me I got the highest. Whoa! I didn’t expect that. I seriously thought I did badly. Then she said answering question such as that Q1 was the easiest as there’s no right or wrong. I got 10 marks for Q1. Hehe! I think my lecturer is lenient and I thank God for that. 🙂