Ch11 Ethics
-
Upload
saranya-rajarathinam -
Category
Documents
-
view
227 -
download
0
Transcript of Ch11 Ethics
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 1/38
Security & Ethical Challenges
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 2/38
2
Learning Objectives
Identify ethical issues in how the use
of information technologies in businessaffects employment, individuality,working conditions, privacy, crime,
health, and solutions to societalproblems.
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 3/38
3
Ethical Responsibility
The use of IT presents major securitychallenges
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 4/38
4
Ethical Responsibility(continued)
Business Ethics
Basic categories of ethical issues
Employee privacy
Security of company records
Workplace safety
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 5/38
5
Ethical Responsibility(continued)
Technology Ethics
Four Principles
Proportionality Good must outweigh any harm or risk
Must be no alternative that achieves the same orcomparable benefits with less harm or risk
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 6/38
6
Ethical Responsibility(continued)
Technology Ethics (continued) Informed consent
Those affected should understand and accept therisks
Justice
Benefits and burdens should be distributed fairly
Minimized Risk Even if judged acceptable by the other three
guidelines, the technology must be implemented soas to avoid all unnecessary risk
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 7/38
7
Computer Crime
Association of Information TechnologyProfessionals (AITP) definition includes
The unauthorized use, access, modification, anddestruction of hardware, software, data, ornetwork resources
Unauthorized release of information
Unauthorized copying of software
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 8/38
8
Hacking
The obsessive use ofcomputers, or the
unauthorized accessand use of networkedcomputer systems
Cyber Theft
Involves unauthorizednetwork entry and thefraudulent alteration ofcomputer databases
Computer Crime
Who commits computer crime?
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 9/38
9
Computer Crime (continued)
Unauthorized use at work
Also called time and resource theft
May range from doing private consultingor personal finances, to playing videogames, to unauthorized use of theInternet on company networks
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 10/38
10
Computer Crime (continued)
Piracy ofintellectual property
Other forms ofintellectual propertycovered bycopyright laws
Music
Videos
Images
Articles
Books
Other written works
Software Piracy
Unauthorized
copying of software Software is
intellectual propertyprotected bycopyright law and
user licensingagreements
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 11/38
11
Computer Crime (continued)
Computer viruses and worms
Virus
A program that cannot work without beinginserted into another program
Worm
A distinct program that can run unaided
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 12/38
12
Privacy Issues
IT makes it technically andeconomically feasible to collect, store,
integrate, interchange, and retrievedata and information quickly andeasily.
Benefit – increases efficiency andeffectiveness
But, may also have a negative effect onindividual’s right to privacy
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 13/38
13
Privacy Issues (continued)
Privacy on the Internet
Users of the Internet are highly visible and open
to violations of privacy Unsecured with no real rules
Cookies capture information about you everytime you visit a site
That information may be sold to third parties
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 14/38
14
Privacy Issues (continued)
Privacy on the Internet (continued)
Protect your privacy by
Encrypting your messages
Post to newsgroups through anonymousremailers
Ask your ISP not to sell your information to
mailing list providers and other marketers
Decline to reveal personal data and interestsonline
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 15/38
15
Privacy Issues (continued)
Privacy laws
Attempt to enforce the privacy ofcomputer-based files andcommunications
Electronic Communications Privacy Act Computer Fraud and Abuse Act
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 16/38
16
Privacy Issues (continued)
Computer Libel and Censorship
The opposite side of the privacy debate
Right to know (freedom of information)
Right to express opinions (freedom ofspeech)
Right to publish those opinions (freedom of
the press)
Spamming
Flaming
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 17/38
17
Other Challenges
Employment
New jobs have been created and
productivity has increased, yet there hasbeen a significant reduction in sometypes of jobs as a result of IT.
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 18/38
18
Other Challenges (continued)
Computer Monitoring Concerns workplace privacy
Monitors individuals, not just work Is done continually. May be seen as violating
workers’ privacy & personal freedom
Workers may not know that they are beingmonitored or how the information is beingused
May increase workers’ stress level
May rob workers of the dignity of their work
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 19/38
19
Other Challenges (continued)
Working Conditions
IT has eliminated
many monotonous,obnoxious tasks,but has createdothers
Individuality
Computer-based
systems criticizedas impersonalsystems thatdehumanize anddepersonalize
activities
Regimentation
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 20/38
20
Health Issues
Job stress
Muscle damage
Eye strain
Radiation exposure
Accidents Some solutions
Ergonomics (human factors engineering)
Goal is to design healthy work environments
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 21/38
21
Health Issues (continued)
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 22/38
Section II
Security Management
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 23/38
23
Tools of Security Management
Goal
Minimize errors, fraud, and losses in thee-business systems that interconnectbusinesses with their customers,
suppliers, and other stakeholders
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 24/38
24
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 25/38
25
Internetworked Security Defenses
Encryption
Passwords, messages, files, and other data istransmitted in scrambled form and unscrambledfor authorized users
Involves using special mathematical algorithmsto transform digital data in scrambled code
Most widely used method uses a pair of publicand private keys unique to each individual
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 26/38
26
Internetworked SecurityDefenses (continued)
Firewalls
Serves as a “gatekeeper” system that
protects a company’s intranets and other computer networks from intrusion
Provides a filter and safe transfer point
Screens all network traffic for proper
passwords or other security codes
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 27/38
27
Internetworked SecurityDefenses (continued)
Denial of Service Defenses
These assaults depend on three layers of
networked computer systems Victim’s website
Victim’s ISP
Sites of “zombie” or slave computers
Defensive measures and securityprecautions must be taken at all threelevels
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 28/38
28
Internetworked SecurityDefenses (continued)
E-mail Monitoring
“Spot checks just aren’t good enough
anymore. The tide is turning towardsystematic monitoring of corporate e-mailtraffic using content-monitoring softwarethat scans for troublesome words that
might compromise corporate security.”
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 29/38
29
Internetworked SecurityDefenses (continued)
Virus Defenses
Protection may accomplished through
Centralized distribution and updating ofantivirus software
Outsourcing the virus protection responsibilityto ISPs or to telecommunications or security
management companies
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 30/38
30
Other Security Measures
Security codes
Multilevel password system
Log onto the computer system Gain access into the system
Access individual files
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 31/38
31
Other Security Measures(continued)
Backup Files
Duplicate files of data or programs
File retention measures
Sometimes several generations of filesare kept for control purposes
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 32/38
32
Other Security Measures(continued)
Security Monitors
Programs that monitor the use of
computer systems and networks andprotect them from unauthorized use,fraud, and destruction
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 33/38
33
Other Security Measures(continued)
Biometric Security
Measure physical traits that make eachindividual unique
Voice
Fingerprints
Hand geometry
Signature dynamics
Keystroke analysis
Retina scanning
Face recognition and Genetic pattern analysis
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 34/38
34
Other Security Measures(continued)
Computer Failure Controls
Preventive maintenance of hardware and
management of software updates Backup computer system
Carefully scheduled hardware or software
changes Highly trained data center personnel
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 35/38
35
Other Security Measures(continued)
Fault Tolerant Systems
Computer systems that have redundant
processors, peripherals, and software Fail-over
Fail-safe
Fail-soft
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 36/38
36
Other Security Measures(continued)
Disaster Recovery
Disaster recovery plan
Which employees will participate and theirduties
What hardware, software, and facilities will beused
Priority of applications that will be processed
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 37/38
37
System Controls and Audits
Information System Controls
Methods and devices that attempt to
ensure the accuracy, validity, andpropriety of information system activities
Designed to monitor and maintain thequality and security of input, processing,and storage activities
8/2/2019 Ch11 Ethics
http://slidepdf.com/reader/full/ch11-ethics 38/38
38
System Controls and Audits(continued)
Auditing Business Systems
Review and evaluate whether proper and
adequate security measures andmanagement policies have beendeveloped and implemented
Testing the integrity of an application’s
audit trail