Threats to electronic records security in the Malaysian government organizations

Malaysian government organizations which are engaging in conducting public business have many reasons to protect their records security from any threats, regardless the format of the records. Some of the reasons are as follows: first, the records area national heritage containing important information pertaining to the country's administration and history. Second, the government organizations conduct business on the behalf of the public, and their records contain information that documents the rights and interests of the public and government. Unfortunately, records in an electronic format are more vulnerable to any threats and less secure than records in a paper format. For example, deleting electronic records accidentally without realizing it and entering data wrongly are common mistakes among staff in any organizations. Furthermore, intentional security threats in the form of hacking, malicious attacks on network, and frauds involving electronic records are all common occurrences in any organizations. Hence, in line with this situation, this paper attempts to study and understand the various types of threats to electronic records security in the Malaysian government organizations. This paper also aims to recommend several possible techniques to protect the records security. This study is based on two techniques to collect data. The techniques are content analysis for studying the content of a website and a review of documentation, such as books, article journals, seminar papers, circulars, newspapers, magazines and reports from nongovernment and government organizations that are relevant to the scope of the study. The findings show that there are several threats to electronic records at Malaysian government organizations, such as human errors and omission, electric power irregularities, espionage or trespass, employee crime, theft and fraud, malicious codes, denial of services (dos) attacks, force of nature, technical hardware failure, technical software failure and technological obsolescence. Hence, in order to protect the electronic records, there are several techniques that have been identified, namely: virus protection software, controlling access, audit trails, backup and recovery mechanism, establish network security systems, store vital electronic records offsite, establishing a disaster preparedness plan and a security awareness program for staff.