Lecture 13 - Security and Ethical Challenges[1]
-
Upload
mika-douglas -
Category
Documents
-
view
52 -
download
0
Transcript of Lecture 13 - Security and Ethical Challenges[1]
Security and Ethical Challenges
Business Information Systems
Security and Ethical Challenges 2
Lecture Outline
Security, Ethical, and Societal Challenges of IT
Security Management of Information Technology
Security and Ethical Challenges 3
Security, Ethical, and Societal Challenges of IT
As a business professional, you have a responsibility to promote ethical uses of information technology in the workplace
Security and Ethical Challenges 4
Security, Ethical, and Societal Challenges of IT
Business ethics – concerned with the numerous ethical questions that managers must confront as part of their daily business decision making
Security and Ethical Challenges 5
Security, Ethical, and Societal Challenges of IT
Basic categories of ethical business issues related to information technology:– Equity:
Intellectual property rights
– Rights:Customer privacy
Employee privacy
Security and Ethical Challenges 6
Security, Ethical, and Societal Challenges of IT
Basic categories of ethical business issues related to information technology:– Honesty:
Security of company information through hiring
– Safety:Workplace safety
Security and Ethical Challenges 7
Security, Ethical, and Societal Challenges of IT
Ethical decisions can be made through:– Stockholder theory – holds that managers are
agents of the stockholders, and their only ethical responsibility is to increase the profits of the business without violating the law or engaging in fraudulent practices
Security and Ethical Challenges 8
Security, Ethical, and Societal Challenges of IT
Ethical decisions can be made through:– Social contract theory – states that companies
have ethical responsibilities to all members of society, which allows corporations to exist according to a social contract
Security and Ethical Challenges 9
Security, Ethical, and Societal Challenges of IT
Ethical decisions can be made through:– Social contract theory may include:
Companies must enhance the economic satisfaction of consumers and employees without polluting the environment or depleting natural resources, misusing political power, or subjecting their (direct and indirect) employees to dehumanizing working conditions
Security and Ethical Challenges 10
Security, Ethical, and Societal Challenges of IT
Ethical decisions can be made through:– Social contract theory conditions :
Companies must avoid fraudulent practices, show respect for their employees as human beings, and avoid practices that systematically worsen the position of any group in society
Security and Ethical Challenges 11
Security, Ethical, and Societal Challenges of IT
What is a company’s obligation toward its employee’s?
What is a company’s obligation toward the protection of customer data?
Security and Ethical Challenges 12
Security, Ethical, and Societal Challenges of IT
Ethical decisions can be made through:– Stakeholder theory – maintains that managers
have an ethical responsibility to manage a firm for the benefit of all its stakeholders, that is, all individuals and groups that have a stake in, or claim on, a company
Security and Ethical Challenges 13
Security, Ethical, and Societal Challenges of IT
Association of Information Technology Professionals (AITP) Standards of Professional Conduct:– In recognition of my obligation to my employer
I shall:Avoid conflicts of interest and ensure that my employer is aware of any potential conflicts
Protect the privacy and confidentiality of all information entrusted to me
Security and Ethical Challenges 14
Security, Ethical, and Societal Challenges of IT
AITP Standards of Professional Conduct:– In recognition of my obligation to my employer
I shall:Not misrepresent or withhold information that is germane to the situation
Not attempt to use the resources of my employer for personal gain or for any purpose without proper approval
Not exploit the weakness of a computer system for personal gain or personal satisfaction
Security and Ethical Challenges 15
Security, Ethical, and Societal Challenges of IT
AITP Standards of Professional Conduct:– In recognition of my obligation to society I
shall:Use my skill and knowledge to inform the public in all areas of my expertise
To the best of my ability, ensure that the products of my work are used in a socially responsible way
Support, respect, and abide by the appropriate local, state, provincial, and federal laws
Security and Ethical Challenges 16
Security, Ethical, and Societal Challenges of IT
AITP Standards of Professional Conduct:– In recognition of my obligation to society I
shall:Never misrepresent or withhold information that is germane to a problem or a situation of public concern, nor will I allow any such known information to remain unchallenged
Not use knowledge of a confidential or personal nature in any unauthorized manner to achieve personal gain
Security and Ethical Challenges 17
Security, Ethical, and Societal Challenges of IT
Computer crime:– Is a growing threat to society caused by the
criminal or irresponsible actions of individuals who are taking advantage of the widespread use and vulnerability of computers and the Internet and other networks
Security and Ethical Challenges 18
Security, Ethical, and Societal Challenges of IT
Computer crime includes:– The unauthorized use, access, modification, and
destruction of hardware, software, data, or network resources
– The unauthorized release of information to 3rd parties
– The unauthorized copying of software– Using or conspiring to use computer or network
resources to illegally obtain information or tangible property
Security and Ethical Challenges 19
Security, Ethical, and Societal Challenges of IT
Hacking – the obsessive use of computers, or the unauthorized access and use of networked computer systems
Security and Ethical Challenges 20
Security, Ethical, and Societal Challenges of IT
Common Hacking Tactics:– Denial of service– Scans– Sniffer programs– Spoofing or Phishing– Trojan horse
Security and Ethical Challenges 21
Security, Ethical, and Societal Challenges of IT
Common Hacking Tactics:– War dialing– Logic bombs– Buffer overflow– Password crackers– Dumpster diving
Security and Ethical Challenges 22
Security, Ethical, and Societal Challenges of IT
Cyber theft – theft of money, e.g., In 1994 Russian hacker Vladimir Levin stole US$11 million from Citibank in New York
Unauthorized use at work – unauthorized use of computer systems and networks can be called time and resource theft
Security and Ethical Challenges 23
Security, Ethical, and Societal Challenges of IT
Internet abuses in the workplace:– General email abuses– Unauthorized usage and access– Copyright infringement/plagiarism– Newsgroup postings on non-related topics– Transmission of confidential data– Pornography
Security and Ethical Challenges 24
Security, Ethical, and Societal Challenges of IT
Internet abuses in the workplace:– Non-work-related download/upload– Usage of external ISPs– Moonlighting
Security and Ethical Challenges 25
Security, Ethical, and Societal Challenges of IT
Software piracy
Theft of intellectual property
Computer viruses and worms
Adware and spyware
Security and Ethical Challenges 26
Security, Ethical, and Societal Challenges of IT
Privacy issues:– Privacy on the Internet– Computer matching– Privacy laws– Computer libel and censorship:
Spamming
Flaming
Security and Ethical Challenges 27
Security, Ethical, and Societal Challenges of IT
Other challenges:– Employment challenges– Computer monitoring– Challenges in working conditions– Challenges in individuality– Health issues:
Cumulative trauma disorder
Carpal tunnel syndrome
Security and Ethical Challenges 28
Security Management of Information Technology
Goal of security management – the accuracy, integrity, and safety of all information system processes and resources
Security and Ethical Challenges 29
Security Management of Information Technology
Internetworked security defenses:– Encryption– Firewalls– Denial of service defenses– E-mail monitoring– Virus defenses
Security and Ethical Challenges 30
Security Management of Information Technology
Other security measures:– Security codes– Backup files– Security monitors– Biometric security– Computer failure controls– Fault tolerant systems– Disaster recovery– System controls and audits
End of Lecture Thirteen
Security and Ethical Challenges