Security and Privacy Issues Associated With Social Media

Posted on July 2, 2018 by Cheapest Assignment

Order Now

Assignment Brief

Assessment Item 4

Value: 40%

Length: 4000 WORDS

Submission method options

Alternative submission method


The final assessment for ITC596 is to deliver an IT Risk Assessment Case Study in support of a significant technology decision that is to be taken by a fictional company called Aztek that operates in the Australian Financial Services sector.

Senior executives in both business and technology divisions within Aztec have collected a portfolio of projects from their respective strategists that could be potentially funded for deployment. The portfolio includes projects such as:

  • Allowing employees to bring their own devices (laptops, tablets and mobile phones for example) into the workplace to be used as their main or sole devices in achieving their work tasks.
  • Migrating business-critical applications and their associated data sources to an external Cloud hosting solution.
  • Outsourcing key IT functionality such as the network, desktop management or application development to a third party.
  • Upgrading or introducing a major technology such as mobile platforms and applications, migrating to an improved networking technology (such as IPv6), creating a corporate-wide email archive for compliance purposes, or upgrading applications and desktop operating systems.

Call – +44-74800-56698

Each of these potential projects carries significant IT risks which will need to be managed to support the business case as to whether the project should go forward. In this case study, you are the IT Risk Assessment lead at Aztek, and your role is to be the interface between business stakeholders and technologists, translating potential technical difficulties into risk language to facilitate effective decision-making by stakeholders.

For the Aztek case study you will need to select one of the projects from the list above for a thorough IT Risk Assessment. You may select another project beyond those listed above with the approval of the subject coordinator, and you may wish to select a project that is relevant to your workplace for example.

Security and Privacy Issues Associated With Social Media

Your deliverable for this ITC 596 Case Study is an IT Risk Assessment report, written for the intended audience of Aztek management providing a risk assessment of the project you have selected to consider.

Your report must be a Microsoft Word document, 15 – 25 pages in length at 12 point font and single spacing. The report must address the following criteria:

  • An Executive Summary at the beginning of the report which provides a clear statement of the IT technology project that is being assessed, and an overview of your recommendations to Aztek management as to the merits of the project based on your risk assessment (2 – 3 pages in length).
  • A review of the project with respect to the Financial Services sector, which would include any relevant government or industry regulation or compliance, and any established best practices (2 – 3 pages in length).
  • A review of the project impact on the current security posture of Aztec, as expressedbyits current maturity against IT Security policies and procedures (3 – 5 pages in length).
  • A risk assessment based on threats, vulnerabilities and consequences derived from an IT control framework and any existing industry risk recommendations for the project. For example, there are several consortia for Cloud Computing that have created IT Risk Assessments for this technology (4 – 10 pages in length).
  • Specially address risks for Data Security from the viewpoint in the project of what data will be used, who will have access to the data and where will the data flow (2 – 4 pages in length).


This assignment is for students to meet the following learning outcomes.

  • be able to justify the goals and various key terms used in risk management and assess IT risk in business terms;
  • be able to apply both quantitative and qualitative risk management approaches and to compare and contrast the advantages of each approach;
  • be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk;
  • be able to critically evaluate IT security risks in terms of vulnerabilities targeted by hackers and the benefits of using intrusion detection systems, firewalls and vulnerability scanners to reduce risk.



Social media has revolutionized the mode of interaction among the general population which is characterized by interactive communication. The development of information and communication technologies has led to the acquisition of prolific opportunities to integrate flexible information sharing features on social media platforms. Social media websites have acquired substantial popularity among a huge user base which exceeds millions and the examples of Facebook, Twitter and Instagram suggest the same.

As per Gangopadhyay & Dhar, the substantial rate of adoption of social media websites among users could be identified as a favourable trend in the domain of information and communication technologies. However, the colossal volume of users associated with individual social media platforms also creates pitfalls in terms of privacy and security issues (Gangopadhyay & Dhar, 2014). This leads to the presence of the substantial volume of information on these networks which make them vulnerable to security threats and misappropriation of privacy.

One of the formidable examples of privacy intrusions could be observed in the sensitive personal information posted by the wife of Sir John Sawers, the incoming head of MI6, the British intelligence agency. The following research report aims at identifying major issues that can be noted in the context of privacy and security issues on social media, identifying their impact in the real world and the reflection on the discussion to derive alternatives for resolution of the issues (Gritzalis et al., 2014).

Call – +44-74800-56698

Issues with social media:

The example of Facebook clearly focuses on the aspect of clarifying privacy issues. The website requires users to open an account through the provision of authentic details pertaining to themselves. The information access privileges observed in the website imply that friends, other friends of friends and almost all users have the flexibility to access the personal information shared by a user. Despite the features provided on the website for modifying the privacy settings in their profile which would change the different privileges for access of user information, the users are not particularly aware of the privacy issues that could emerge in social networks (He, 2013).

The common consequences which could be identified in the context of privacy and security on social media refer to identity theft, online bullying, hacking, phishing and innovative security threats to the social networking profiles of users. The majority of share of users on social media is largely vested in the youth among which users are more likely to post personal information without any consideration for privacy settings.

According to Jabee & Alam, the consistent reports of privacy issues emerging in social media has led to large-scale changes in the privacy settings of the majority of websites (Jabee & Alam, 2016). However, the privacy settings could not be assumed as functional entities in resolving the privacy issues encountered by social media users (Kumar et al., 2013).

Identity theft is a profound security threat which could be observed in the context of social media which could be realized by attackers through applications in which they could access information provided in the profile of the social media user. The permission of the user for the applications would imply that the attackers could access all the information in order to misuse it for their personal interests. Social networking sites, especially Facebook, have a substantial share of its users in the age group of 15 to 25 years (Khan, Swar & Lee, 2014).

Research studies have communicated that majority of young users do not have awareness or are negligent towards the privacy settings of their online profiles on social media websites. The primary activity of young users on social media is related to the posting of updates that is also a favourite pastime of the young users. The concerns of identity theft lead to mandatory obligations for users to delete their accounts in order to avoid the negative consequences associated with misappropriation of their identity on social media (Moses et al., 2014).

Security and Privacy Issues Associated With Social Media

Fake profiles on social media platforms could also imply formidable threats in terms of privacy issues since they are formed without the knowledge of the actual user thereby implying the violation of ethical norms. The research studies that have been administered to determine the extent to which social media users are sharing their personal information and photographs indicate that despite maintaining a close circle of friends on social media, the personal information of these users is subject to external intrusion (McDonald & Thompson, 2016).

Call – +44-74800-56698

Cyberbullying has emerged as a major by-product of large-scale adoption of social media. The information shared by users on social media is subject to receiving comments from other users. Therefore, the concerns of cyberbullying could be observed largely on social media since the policy settings of social media websites do not provide any restriction on the vulgar nature of comments posted by other users.

As per Spiekermann et al, the different comments could lead to over publicizing of the issue thereby leading to detrimental consequences for the social image of the involved user. Furthermore, the threats of hacking have been profoundly observed as security threats for social media users (Spiekermann et al., 2015). The major developments in attack strategies have led to the proliferation of major technologies such as Phishing, watering hole, clickjacking, and content-based image retrieval. The concerns of Phishing imply detrimental consequences for economic aspects of users since phishing attacks are primarily focused on accessing profile information of users that could be utilized for retrieving financial and banking information of the user (Sen, 2013).

Clickjacking is one of the commonly used tools by hackers in which they post videos or any content to the social media page of the victim. When the victim clicks on the link, the hackers are able to perform certain malicious actions on the system of the user (Ventola, 2014). Contemporary attack strategies such as CBIR and Watering Hole identified in research studies are largely reflective of the profound issues that could emerge in the consistently evolving domain of social media.

The example of Watering Hole attack which was noted in January 2013 suggested the requirement for emphasizing on the measures to address security and privacy issues. The motivations of hackers, in this case, were not to access profile information or funds. On the contrary, the hackers aimed to corrupt the systems of developers with a MAC Trojan which was not only implemented in the case of Facebook but also on other websites.

Impact of the issues:

The impact of the privacy and security observed in social media from majority of research studies and literature review studies could be observed in the deterioration of user experience on social media, the trust of users for sharing photographs and audiovisual content on social media websites and other psychological implications underlying the impact of privacy and security issues (Sen, 2013). Identity theft relates to a profound psychological impact on the victim that could lead to their gradual exclusion from the social media platform.

According to Ventola, the impact of identity theft could also be observed in the long-ranging effects since hackers could also implement malicious attacks on the social media profiles of friends and other users on social media profiles hacked by them. The element of trust is leveraged by hackers in such scenarios to obtain flexible intrusion into other systems (Ventola, 2014). The impact of identity theft could also be observed in the form of misappropriation of virtual identity to hide real identities could lead to psychological consequences for the victims that are associated with such profiles.

The application of identity theft is observed in case of confidence tricksters and criminal entities that could lead to real-life crime scenarios. The increasing adoption of social media for monitoring of staff behavior and the process of employment also leads to the vulnerability of organizational information to external threats. Organizations could face adverse consequences in terms of threats to their image in event of security and privacy intrusions observed in their case (McDonald & Thompson, 2016).

Call – +44-74800-56698


A comprehensive illustration of the issues that could be identified in the context of security and privacy of user information on social media alongside the impact of the issues in the real world has to be reviewed from a critical perspective in order to obtain plausible suggestions to resolve the issues.

The primary source of the issues related to privacy and security of user information on social media could be observed in the substantial amount of personal information posted by users on social media. Therefore limiting the amount of information shared on social media could be reflective of a promising preventive strategy. Another factor that was identified from the discussions on research studies pertaining to security and privacy issues associated with social media was reflective of the lack of unawareness of users regarding the privacy settings in the social media websites.

Therefore the users should be consistently updated regarding the privacy settings of the social media platforms with which they are involved in order to customize the information access privileges so that specific people can access the information shared by users. Third-party applications should be considered with appropriate scrutiny in order to review the permissions required by the applications for access to personal information.


The research report presented a comprehensive impression of the security and privacy issues associated with social media. The report utilized critical review of the literature to draw major insights into the issues that are observed in the context of social media and the impact of the issues in the real world. The final section of the report was inclined towards reflecting on the discussions in the report to present viable suggestions to resolve the identified issues.

Call – +44-74800-56698

Order Now