Measures by Organisations to Counter Challenges in the Use of Information Technology in Protecting Personal and Business Data in Nairobi County, Kenya

. Globally, most states have adopted new technologies that have seen many process improvements and cost optimisations and enabled them to provide value-added services to their citizens, thereby improving quality of life and achieving rapid growth and development in various sectors of the nation. Kenya is one of the developing countries that has benefited from adopting modern ICT in recent years. Despite government efforts to ensure the successful integration of ICT into various state departments and the private sector to protect and manage data, cases of document loss from individuals and institutions have been on the rise. This paper examined measures by organisations that could be adopted to counter challenges in using information technology to protect personal and business data in Nairobi County. The study’s target population comprised employees from Kenya Revenue Authority and Kenya Data Networks in Nairobi headquarter offices, police officers deployed at NPS offices headquarters and members of the public. The findings established that implementing electronic data management systems in organisations was more appropriate for controlling data loss. In addition, training employees on using the data management system is critical in preventing data loss in an organisation. Creating awareness of electronic data management systems was an effective measure to protect against data loss among organisations. Based on the findings, the paper concludes that strategies that help solve information challenges must be implemented to prevent data loss at personal and organisational levels.


INTRODUCTION
Most states have embraced ICT to manage their sensitive and business-critical information in the contemporary business world. The need to protect such a vital component of a nation must be balanced. The author [1] defines data loss as an act of misplacing certain information that was stored in a device. According to [1], this data loss happens when data is physically or logically removed from the organisation, either intentionally or unintentionally. Various studies have established how data loss has become the most significant problem affecting the operations of businesses and organisations, and everyone is doing all they can to overcome this issue.
Most recent studies have applauded the benefits of digital technologies as they have an essential role in preparing individuals to realise current and future needs. States of the West have invested heavily in research and development to bring more advanced technologies. As a result, this has increased the free flow of public information and sharing crucial information among government agencies has been a fundamental component that many citizens use to make informed and timely decisions [2].
Modern technologies have significantly impacted organisational performance and service delivery [3]. These findings were echoed by [4], who found that IT organisations had tactically added multiple redundant point solutions to overcome individual problems over the years. This amplified the complexities in traditional data centre environments, added risks and increased costs. According to [5], developed countries have taken charge of modern technology and thus are limited to security threats. The study compared many organisations/ businesses in developing countries and established that the majority still needed to catch up in science and technology. Also, [6] noted increasing concern about a gap between the promised vision of modern technologies and current practices in organisations. A recent study argues that most developing countries are far from creating the appropriate conditions to incorporate modern technologies within the existing business ecosystem.
National and international security has been threatened, calling for the new development of databases to urgently save the nations from related attacks. For example, in the United Kingdom (UK), the government introduced a biometric-based national identity card for the UK population in 2006. This intervention aimed at helping security agencies to track down lost documents and identities of citizens through verification of personal data as indicated on the cards. This formed an extensive, effectively centralised database (the National Identity Register) for all UK citizens above 16 years. In addition, the invented register provided an audit trail of an individual's identity registration [7].
In Africa, most countries have focused on areas that would improve the quality of life of their citizens, enhance governance and promote the economy. As a result, technology has caused many transformations in recent years [8]. However, despite the tremendous efforts and resources allocated for development, little progress has been made. Many African countries have yet to come close to developing and transforming their societies to the same standards as developed countries. According to [8], almost threequarters of Africa are yet to implement electronic document management systems effectively. This has, however, resulted in many cases of identity document theft, loss of identity cards and inaccuracy in filling out data regarding individuals has been rampant.
In Kenya, most operations have embraced modern technologies resulting in increased development in various sectors. Both private and public sectors have integrated innovative tools made available by ICT to increase access to and improve the quality and competitiveness of higher education programs [9]. However, a report published by [10] pointed out that private and public sectors still needed to develop a comprehensive database that could provide adequate and meaningful information to the citizens. The author [11] identified the struggle of most agencies that deal with enormous amounts of data, such as Kenya Data Network (KDN) and Kenya Revenue Authority (KRA), due to failed database systems.
Public members' complaints about document loss without a trace have been reported mainly in Nairobi County, where crime has been on the rise for the last ten years. Most organisations and businesses would prefer to integrate new technologies into their data handling systems, thus causing high data leakage, disappearance and damage. This has affected service delivery, organisational production, employee performance, and national security [11].
As highlighted in the above background review, it is evident that data must be protected from data loss problems to give a competitive edge. Therefore, this paper sought to assess the strategies that could be implemented to improve the use of ICT in protecting personal and organisational data in Nairobi County.

METHODOLOGY
The study adopted the descriptive survey design to enable the researcher to gather information, interpret, summarise, and present for clarity. This research design allowed the researcher to determine information security challenges in the absence of ICT in managing personal data in Nairobi County, Kenya.
The target population included all the employees of Kenya Revenue Authority and Kenya Data Networks in Nairobi headquarters offices, police officers deployed at NPS offices headquarters, and members of the public. The study targeted these institutions because they were known to deal with enormous amounts of data for both personal and business. The police officers were part of this study because of their mandate to help track lost personal and business documents. Lastly, the researcher engaged members of the public to share their experiences of losing business and personal records. The accessible population was 35 employees of Kenya Revenue Authority and 30 employees from Kenya Data Net-works in Nairobi headquarters offices, 20 police officers deployed at NPS offices headquarters, and 25 members of the public, making a total of 110 participants.
The study employed purposive and simple random sampling techniques to select the required sample from the target population of 110 participants that were drawn from the four groups of the study that is the employees of Kenya Revenue Authority and Kenya Data Networks in Nairobi headquarters offices and police officers deployed at NPS offices headquarters and members of the public.
Primary data was collected using a selfadministered structured questionnaire administered to the sampled police officers, employees of Kenya Data Network and Kenya Revenue Authority and members of the public. The interview guide was used to conduct interviews with a key informant from the three organisations, NPS, KRA and KDA, to complement the data collected using the questionnaires. Three critical informants from top-level management of the organisations were interviewed, one from each.
Secondary data was extracted from the police Occurrence Book records. Qualitative data were analysed using thematic analysis, while quantitative data was analysed using descriptive and inferential statistics. Relevant ethical considerations were observed, such as obtaining authorising documents from relevant institutions and ensuring privacy, confidentiality and anonymity measures were in place. Lastly, data collected from the field was scrutinised and processed to ensure proper data management.

RESULTS AND DISCUSSION
The initial sample consisted of 110 participants. However, only 90 questionnaires were filled out and returned, while 20 were not received even after follow-up. The completed and returned questionnaires yielded a response rate of 81.8%.
In addition, the study conducted interviews with key informants from the three organisations, NPS, KRA and KDA, to complement the data collected using the questionnaires.
The study examined the three vital demographic variables of the respondents, which included; gender, age and duration of employment.
The results revealed that male respondents formed the most significant portion of the sample size, 55.6%, while females were 44.4% of the respondents. Regarding age, 48% of the respondents were between 26 and 35.
Lastly, regarding the duration of employment, the study findings established that the majority, 65% of the respondents, had worked in these organisations for 1 to 2 years.

Acquisition of an electronic record-keeping system
Under this subtheme, the study sought whether the sampled organisations had used the electronic record-keeping system to manage the organisational data records. The responses are recorded in Table 1 below. The study results showed that the majority, 77% of the respondents, agreed to have acquired the electronic record-keeping system to prevent data loss, 18% disagreed, and 5% said they didn't know. The results implied that the electronic record-keeping system had been more convenient than the manual one, as more findings from the interviews indicated that using the electronic record-keeping system had saved many organisations from massive data loss. The first respondent, who was a key informant, reported that, "Acquisition of electronic record keeping for the organisation is among the best decision we made in the past few years. The system has brought solutions to data loss that a manual had caused. In addition, we can run huge data through the system at once and save it for future reference." Further, from those reported to have been using an electronic record-keeping system, the study asked the respondents how long they had been using the electronic record-keeping system. The responses are illustrated in Table 2. The findings indicated that the majority, 35% of the respondents, said that they had been using an electronic record-keeping system within 0-2 years, 29% said 3-5%, 24% said 5-10 years, and 12% said they had been using the system for more than 10years.
The results implied that most people had yet to embrace the electronic record-keeping system and were still stuck with the manual method. This explains why there was a high number of cases reported of lost documents among the sampled population.
Furthermore, findings from the interviews established that most of the respondents who used the electronic record-keeping system rated its convenience in carrying out their departmental duties very high. This is according to the second respondent, who reported: "As an organisation dealing with enormous data, we adopt new technologies to prevent data loss. Before moving to digital record-keeping systems, there were high cases of lost documents in the past years. Retrieving files was an uphill task. We had to hire more labour, which was costly and affected service delivery. For the last ten years, we have increased performance as our staff enjoy working with electronic data management systems that quicken the process. We hardly have cases of lost documents or data as all records have been transferred and stored up to our electronic recordkeeping systems." These findings implied that organisations that have been using electronic data management systems for the longest have reduced cases of data loss. Also, these findings support the Innovation Diffusion theory by Rodgers (1995), who stated that specific technology spreads faster in an organisation due to the information they have received about the technology.

Training on electronic data management system
Under this sub-theme, the study asked the respondents whether they had been trained in using electronic data management systems. Their responses are illustrated in Table 3. The study results established that the majority, 77% of the respondents, had been trained while 23% had not. 45% of respondents had been trained in electronic data management, and 54% reported having been trained yearly.
The majority, 45% of the respondents, said they hired technical expertise to train them on electronic data recording, while 77% reported that they much preferred electronic data management systems.
From the findings, training in electronic data management was seen as a good measure that reduced data loss in an organisation. Organisations and businesses ought to train their employees to make it easier to transition from manual to electronic records management systems. Employees should take more personal responsibility for managing records once electronic data management is implemented in the organisation so that individual and organisational data can be protected from loss.
In addition, as established in the study, variety in skills and expertise results in a quality product. Therefore, the government of Kenya should invest in technical experts to ensure organisations/institutions have adequate digital data management systems.

Develop a digital tracking method for lost data
The researcher asked the respondents whether their organisation had acquired a digital tracking method for lost data/documents. Findings from the interviews indicated that most of the organisations didn't know about a digital tracking method, as reported by the third respondent, "Every day, I receive reports of citizens who have lost their national Identification Cards, ATM cards and other personal items that require police intervention to help them track the lost items. Unfortunately, tracking down lost items has been an uphill task. This is because we are still using traditional tracking methods. Also, reaching out to persons whose items had been found has been difficult".
Another respondent affirmed the previously reported findings; "Recently, the organisation has acquired a digital tracking device that has enabled us to control and retrieve lost data/documents within our institution. This has reduced cases of lost data and files. Also, we can connect with our clients who have misplaced their documents and require our intervention." These findings show the gap due to organisations' need for digital tracking devices. For adequate data protection, the researcher recommends institutions develop a digital tracking system to help trace lost documents and link finders of lost items to owners.
Campaigning or creating awareness on electronic data management systems to protect data loss among organisations Under this subtheme, the researcher asked the respondents their views on using electronic data management systems to prevent data loss in other organisations across Nairobi County. The findings are indicated in Table 4. Data analysis revealed that most respondents (64%) agreed to recommend using electronic data management systems to protect against data loss, 23% disagreed, and 14% didn't know the response. These results implied that electronic data management systems had impressed many, as few cases of lost documents were reported.
These findings corroborate those of [10], who established that most governmental institutions had been applying electronic document management systems. Thus, data loss cases were low in the Palestinian Pension Authority.
In addition, the researcher asked the respondents whether they had been sensitised on electronic data management systems to prevent data loss in Nairobi County. The results are illustrated in Figure 2. The results showed that almost half of the respondents, 45%, had not been sensitised, 36% reported that the sensitisation was done to a minimal extent, 14% said sensitisation was done to a small area, and 5% said sensitisation was done to a large extent.
Based on the findings, it is clear that a lack of awareness of the importance of proper data management systems contributes to high data loss. The members of the public should be educated on the use of modern technologies. The author [12] demonstrated in the convergence theory that the main aim of technologies was to put together the social world's diverse cultural values and beliefs.

CONCLUSIONS
Based on the findings, the paper concludes that strategies that help solve information challenges must be implemented to prevent data loss at personal and organisational levels. Implementing electronic data management systems in the organisation was found more appropriate to control data loss. Lastly, training employees on the usage of data management systems is critical in working towards preventing data loss in an organisation. Creating awareness of electronic data management systems was an effective measure to protect against data loss among organisations.