8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
1/23
Ethical, Privacy and Security
Issues
John Benedict BationMorell BegoniaKorina Andrea Del CastilloRaphael EnriquezGeraldine Francisco
Ma. Rica Tapang
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
2/23
Objectives:
To understand the different kinds of ethicalissues in Information Technology
To know and understand how organizations
deal with them To understand the basic concepts of ethics
in IT Development
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
3/23
Ethics Defined:
Moral codes are the rules that establish theboundaries of generally accepted behavior.
Morality refers to social conventions about right
and wrong human conduct. Ethics.A branch of philosophy that deals with
what is considered to be right and wrong.
A Code of Ethics is a collection of principles that
are intended to guide decision making bymembers of an organization.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
4/23
Why Ethics are important:
Protect an organization and its employeesfrom legal action.
Create an organization that operates
consistently. Provide a livelihood for employees.
Avoid unfavorable publicity.
Gain the goodwill of the community.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
5/23
Ethics in Information Technology
The increased use of informationtechnology has raised many ethical issuesfor todays IT professional. Licensing of IT professionals
Internet communication
Intellectual property
Employee/employer issues
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
6/23
Ethics in Information Technology
Todays workers are subject to the monitoring oftheir e-mail and Internet access while at work, asemployers and employees struggle to balance theneed of the employer to manage importantcompany assets and employees work time versusthe employees desire for privacy and self-direction.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
7/23
Ethics in Information Technology
Millions of people have used Napster softwareto download music at no charge and inapparent violation of copyright laws.
DoubleClick, an advertising network that tracksusers as they move around the Internet, wassued after it revealed plans to match a mass
mailing marketing list with its anonymousdatabase of Internet users, thus revealing theWeb users identities.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
8/23
Ethics in Information Technology
Students around the world have been caughtdownloading material from the Internet andplagiarizing content for their term papers.
Hackers engaged in acts of cyberterrorismdefaced hundreds ofWeb sites and left hatemessages after a collision between a United
States spy plane and a Chinese jet fighter.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
9/23
Other Ethical Issues raised:
Who should have accessto data?
Who is responsible for maintainingaccuracyand security?
To whom does databelong?
Doesthe abilityto capture dataimplyacorresponding responsibilityto
monitor its use? How muchinformation is necessaryand relevant for decision making?
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
10/23
The Four Categories of EthicalIssues
PrivacyIssues involves collecting, storing and
disseminating information about individuals. What is the safeguards when we want to
reveal secret info? What things can people keep to themselves
and notbeing cracked?
AccuracyIssues involves the authenticity, fidelity and
accuracy of information that is collected and
processed.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
11/23
The Four Categories of EthicalIssues
PropertyIssues involves the ownership and value of information. Who owns the info? What are the just and fair prices for its exchange?
AccessibilityIssues revolve around who should have access to
information and whether they should have to pay
for this access. What info does a person have a right to obtain? What will be the requirement and condition that
info can be delivered?
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
12/23
Protecting Privacy
Privacy. The right to be left alone and to befree of unreasonable personal intrusions.
Privacy Codesand Policies.An
organizations guidelines with respect toprotecting the privacy of customers, clients,and employees.
International Aspects of Privacy. Privacyissues that international organizations andgovernments face when information spanscountries and jurisdictions.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
13/23
Compromises to IntellectualProperty
Intellectual property. Property createdby individuals or corporations which isprotected under trade secret, patent, and
copyright laws. Trade secret. Intellectual work, such as abusiness plan, that is a company secret and
is notbased on public information. Patent. Document that grants the holder
exclusive rights on an invention or processfor 20 years.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
14/23
Compromises to IntellectualProperty (Continued)
Copyright. Statutory grant that providescreators of intellectual property withownership of the property for life of the
creator plus 70 years. Piracy. Copying a software program
without making payment to the owner.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
15/23
Protecting Information Resources
Risk. The probability that a threat willimpact an information resource.
Risk management. To identify, control
and minimize the impact of threats. Riskanalysis. To assess the value of each
assetbeing protected, estimate the
probability it mightbe compromised, andcompare the probable costs of itbeingcompromised with the cost of protecting it.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
16/23
Protecting Information Resources(Continued)
Risk mitigation is when the organizationtakes concrete actions against risk. It hastwo functions:
(1) implement controls to prevent identifiedthreats from occurring, and
(2) developing a means of recovery should thethreatbecome a reality.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
17/23
Risk Mitigation Strategies
Risk Acceptance.Accept the potentialrisk, continue operating with no controls,and absorb any damages that occur.
Risk limitation. Limit the risk byimplementing controls that minimize theimpact of threat.
Risktransference. Transfer the risk byusing other means to compensate for theloss, such as purchasing insurance.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
18/23
Controls
Controls evaluation. Identifies securitydeficiencies and calculates the costs ofimplementing adequate control measures.
General controls. Established to protect the
system regardless of their application. Physical controls. Physical protection of computerfacilities and resources.
Accesscontrols. Restriction of unauthorized useraccess to computer resources; use biometrics andpasswords controls for user identification.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
19/23
Controls (Continued)
Communications (networks)controls. Toprotect the movement of data across networksand include border security controls,authentication and authorization.
irewalls. System that enforces access-control policybetween two networks.
Encryption. Process of converting an original messageinto a form that cannotbe read by anyone except the
intended receiver.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
20/23
Controls (Continued)
irtual Private Networking. Uses theInternet to carry information within acompany and among business partners butwith increased security by uses ofencryption, authentication and accesscontrol.
Application controls. Controls that
protect specific applications and include:input, processing and output controls.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
21/23
Netiquette
"Netiquette" is network etiquette, the do'sand don'ts of online communication.
Netiquette covers both common courtesyonline and the informal "rules of the road"
of cyberspace.
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
22/23
Rules of Netiquette
Rule 1: Remember the Human
Rule 2: Adhere to the same standards ofbehavior onlinethat you follow in real life
Rule 3: Know where you are in cyberspace
Rule 4: Respect other people's time and bandwidth
Rule 5: Make yourself look good online
Rule 6: Share expert knowledge
Rule 7: Help keep flame wars under control
Rule 8: Respect other people's privacy
Rule 9: Don't abuse your power
Rule 10: Be forgiving of other people's mistakes
8/8/2019 Report_chapter 12 Ethical, Privacy and Security Issues
23/23
References
http://higheredbcs.wiley.com/legacy/college/rainer/0471736368/ppt/ch03.ppt
http://www.misq.org/archivist/vol/no10/issue1/vol10no1mason.html
http://www.slideshare.net/kusmulyono/ethical-issues-in-ict-presentation#text-version
http://www.albion.com/netiquette/corerules.html
http://articles.techrepublic.com.com/5100-22_11-6091121.html
Top Related