Ch11 Ethics

8/2/2019 Ch11 Ethics

http://slidepdf.com/reader/full/ch11-ethics 1/38

Security & Ethical Challenges



2

Learning Objectives

Identify ethical issues in how the use

of information technologies in businessaffects employment, individuality,working conditions, privacy, crime,

health, and solutions to societalproblems.



3

Ethical Responsibility

The use of IT presents major securitychallenges



4

Ethical Responsibility(continued)

Business Ethics

Basic categories of ethical issues

Employee privacy

Security of company records

Workplace safety



5


Technology Ethics

Four Principles

Proportionality Good must outweigh any harm or risk

Must be no alternative that achieves the same orcomparable benefits with less harm or risk



6


Technology Ethics (continued) Informed consent

Those affected should understand and accept therisks

Justice

Benefits and burdens should be distributed fairly

Minimized Risk Even if judged acceptable by the other three

guidelines, the technology must be implemented soas to avoid all unnecessary risk



7

Computer Crime

Association of Information TechnologyProfessionals (AITP) definition includes

The unauthorized use, access, modification, anddestruction of hardware, software, data, ornetwork resources

Unauthorized release of information

Unauthorized copying of software



8

Hacking

The obsessive use ofcomputers, or the

unauthorized accessand use of networkedcomputer systems

Cyber Theft

Involves unauthorizednetwork entry and thefraudulent alteration ofcomputer databases

Computer Crime

Who commits computer crime?



9

Computer Crime (continued)

Unauthorized use at work

Also called time and resource theft

May range from doing private consultingor personal finances, to playing videogames, to unauthorized use of theInternet on company networks



10


Piracy ofintellectual property

Other forms ofintellectual propertycovered bycopyright laws

Music

Videos

Images

Articles

Books

Other written works

Software Piracy

Unauthorized

copying of software Software is

intellectual propertyprotected bycopyright law and

user licensingagreements



11


Computer viruses and worms

Virus

A program that cannot work without beinginserted into another program

Worm

A distinct program that can run unaided



12

Privacy Issues

IT makes it technically andeconomically feasible to collect, store,

integrate, interchange, and retrievedata and information quickly andeasily.

Benefit – increases efficiency andeffectiveness

But, may also have a negative effect onindividual’s right to privacy



13

Privacy Issues (continued)

Privacy on the Internet

Users of the Internet are highly visible and open

to violations of privacy Unsecured with no real rules

Cookies capture information about you everytime you visit a site

That information may be sold to third parties



14


Privacy on the Internet (continued)

Protect your privacy by

Encrypting your messages

Post to newsgroups through anonymousremailers

Ask your ISP not to sell your information to

mailing list providers and other marketers

Decline to reveal personal data and interestsonline



15


Privacy laws

Attempt to enforce the privacy ofcomputer-based files andcommunications

Electronic Communications Privacy Act Computer Fraud and Abuse Act



16


Computer Libel and Censorship

The opposite side of the privacy debate

Right to know (freedom of information)

Right to express opinions (freedom ofspeech)

Right to publish those opinions (freedom of

the press)

Spamming

Flaming



17

Other Challenges

Employment

New jobs have been created and

productivity has increased, yet there hasbeen a significant reduction in sometypes of jobs as a result of IT.



18

Other Challenges (continued)

Computer Monitoring Concerns workplace privacy

Monitors individuals, not just work Is done continually. May be seen as violating

workers’ privacy & personal freedom

Workers may not know that they are beingmonitored or how the information is beingused

May increase workers’ stress level

May rob workers of the dignity of their work



19

Other Challenges (continued)

Working Conditions

IT has eliminated

many monotonous,obnoxious tasks,but has createdothers

Individuality

Computer-based

systems criticizedas impersonalsystems thatdehumanize anddepersonalize

activities

Regimentation



20

Health Issues

Job stress

Muscle damage

Eye strain

Radiation exposure

Accidents Some solutions

Ergonomics (human factors engineering)

Goal is to design healthy work environments



21

Health Issues (continued)



Section II

Security Management



23

Tools of Security Management

Goal

Minimize errors, fraud, and losses in thee-business systems that interconnectbusinesses with their customers,

suppliers, and other stakeholders



24



25

Internetworked Security Defenses

Encryption

Passwords, messages, files, and other data istransmitted in scrambled form and unscrambledfor authorized users

Involves using special mathematical algorithmsto transform digital data in scrambled code

Most widely used method uses a pair of publicand private keys unique to each individual



26

Internetworked SecurityDefenses (continued)

Firewalls

Serves as a “gatekeeper” system that

protects a company’s intranets and other computer networks from intrusion

Provides a filter and safe transfer point

Screens all network traffic for proper

passwords or other security codes



27


Denial of Service Defenses

These assaults depend on three layers of

networked computer systems Victim’s website

Victim’s ISP

Sites of “zombie” or slave computers

Defensive measures and securityprecautions must be taken at all threelevels



28


E-mail Monitoring

“Spot checks just aren’t good enough

anymore. The tide is turning towardsystematic monitoring of corporate e-mailtraffic using content-monitoring softwarethat scans for troublesome words that

might compromise corporate security.”



29


Virus Defenses

Protection may accomplished through

Centralized distribution and updating ofantivirus software

Outsourcing the virus protection responsibilityto ISPs or to telecommunications or security

management companies



30

Other Security Measures

Security codes

Multilevel password system

Log onto the computer system Gain access into the system

Access individual files



31

Other Security Measures(continued)

Backup Files

Duplicate files of data or programs

File retention measures

Sometimes several generations of filesare kept for control purposes



32


Security Monitors

Programs that monitor the use of

computer systems and networks andprotect them from unauthorized use,fraud, and destruction



33


Biometric Security

Measure physical traits that make eachindividual unique

Voice

Fingerprints

Hand geometry

Signature dynamics

Keystroke analysis

Retina scanning

Face recognition and Genetic pattern analysis



34


Computer Failure Controls

Preventive maintenance of hardware and

management of software updates Backup computer system

Carefully scheduled hardware or software

changes Highly trained data center personnel



35


Fault Tolerant Systems

Computer systems that have redundant

processors, peripherals, and software Fail-over

Fail-safe

Fail-soft



36


Disaster Recovery

Disaster recovery plan

Which employees will participate and theirduties

What hardware, software, and facilities will beused

Priority of applications that will be processed



37

System Controls and Audits

Information System Controls

Methods and devices that attempt to

ensure the accuracy, validity, andpropriety of information system activities

Designed to monitor and maintain thequality and security of input, processing,and storage activities



38

System Controls and Audits(continued)

Auditing Business Systems

Review and evaluate whether proper and

adequate security measures andmanagement policies have beendeveloped and implemented

Testing the integrity of an application’s

audit trail

Documents

Ch11 Ethics