11_Security and Ethical Challenges
-
Upload
nitin-rastogi -
Category
Documents
-
view
229 -
download
0
Transcript of 11_Security and Ethical Challenges
-
7/28/2019 11_Security and Ethical Challenges
1/60
1
Security and EthicalChallenges
11
-
7/28/2019 11_Security and Ethical Challenges
2/60
2
Identify ethical issues in how the
use of information technologies in
business affects employment,
individuality, working conditions,privacy, crime, health, and solutions
to societal problems.
11 Learning Objectives
-
7/28/2019 11_Security and Ethical Challenges
3/60
3
Identify types of security managementstrategies and defenses, and explainhow they can be used to ensure thesecurity of e-business applications.
How can business managers andprofessionals help to lessen the harmful
effects and increase the beneficialeffects of the use of informationtechnology?
11 Learning Objectives (continued)
-
7/28/2019 11_Security and Ethical Challenges
4/60
-
7/28/2019 11_Security and Ethical Challenges
5/60
5
The use of IT presents major securitychallenges, poses serious ethicalquestions, and affects society insignificant ways.
IT raises ethical issues in the areas of.. Crime
Privacy
Individuality
Employment
Health
Working conditions
11 Ethical Responsibility
-
7/28/2019 11_Security and Ethical Challenges
6/60
6
But, IT has had beneficial results as
well.
So as managers, it is our
responsibility to minimize the
detrimental effects and optimize the
beneficial effects.
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
7/60
7
Business Ethics
Basic categories of ethical issues
Employee privacy
Security of company records Workplace safety
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
8/60
8
Theories of corporate social
responsibility
Stockholder theory
Managers are agents of the stockholders.Their only ethical responsibility is to
increase profit without violating the law or
engaging in fraud
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
9/60
9
Theories of corporate social
responsibility
Stockholder theory
Managers are agents of the stockholders.
Their only ethical responsibility is to
increase profit without violating the law or
engaging in fraud
Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
10/60
10
Theories of corporate social
responsibility (continued)
Social Contract Theory
Companies have ethical responsibilities to
all members of society, which allow
corporations to exist based on a social
contract
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
11/60
11
Theories of corporate social
responsibility (continued) First condition companies must enhance
economic satisfaction of consumers and
employees
Second condition avoid fraudulent practices,
show respect for employees as human beings,
and avoid practices that systematically worsen
the position of any group in society
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
12/60
12
Theories of corporate socialresponsibility (continued)
Stakeholder theory
Managers have an ethical responsibility tomanage a firm for the benefit of all itsstakeholders.
Stockholders
Employees
Customers Suppliers
Local community
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
13/60
13
Theories of corporate social
responsibility (continued)
Sometimes stakeholders are considered to
include
Competitors
Government agencies and special interest
groups Future generations
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
14/60
14
Technology Ethics Four Principles
Proportionality Good must outweigh any harm or risk
Must be no alternative that achieves the sameor comparable benefits with less harm or risk
Informed consent Those affected should understand and accept
the risks
Justice Benefits and burdens should be distributed
fairly
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
15/60
15
Technology Ethics (continued) Minimized Risk
Even if judged acceptable by the other three
guidelines, the technology must be
implemented so as to avoid all unnecessary
risk
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
16/60
16
Ethical Guidelines11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
17/60
17
Ethical guidelines (continued)
Responsible end users
Act with integrity
Increase their professional competence Set high standards of personal
performance
Accept responsibility for their work
Advance the health, privacy, and generalwelfare of the public
11 Ethical Responsibility (continued)
-
7/28/2019 11_Security and Ethical Challenges
18/60
18
Association of Information
Technology Professionals (AITP)
definition includes
The unauthorized use, access,
modification, and destruction of
hardware, software, data, or network
resources Unauthorized release of information
Unauthorized copying of software
11 Computer Crime
-
7/28/2019 11_Security and Ethical Challenges
19/60
19
AITP guidelines (continued)
Denying an end user his/her own
hardware, software, data, or network
resources Using or conspiring to use computer
or network resources to illegally obtain
info or tangible property
11 Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
20/60
20
Hacking
The obsessive use of computers, or the
unauthorized access and use of networked
computer systems
Cyber Theft
Involves unauthorized network entry and
the fraudulent alteration of computerdatabases
11 Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
21/60
21
Unauthorized use at work
Also called time and resource theft
May range from doing private
consulting or personal finances, toplaying video games, to unauthorized
use of the Internet on company
networks
Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
22/60
22
Software Piracy
Unauthorized copying of software
Software is intellectual property protected
by copyright law and user licensingagreements
11 Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
23/60
23
Piracy of intellectual property
Other forms of intellectual property
covered by copyright laws
Music Videos
Images
Articles
Books
Other written works
11 Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
24/60
24
Computer viruses and worms
Virus
A program that cannot work without being
inserted into another program
Worm
A distinct program that can run unaided
11 Computer Crime (continued)
-
7/28/2019 11_Security and Ethical Challenges
25/60
25
IT makes it technically andeconomically feasible to collect,
store, integrate, interchange, and
retrieve data and information quicklyand easily.
Benefit increases efficiency and
effectiveness But, may also have a negative effect on
individuals right to privacy
11 Privacy Issues
-
7/28/2019 11_Security and Ethical Challenges
26/60
26
Examples of important privacy
issues
Accessing private e-mail and computer
records & sharing information aboutindividuals gained from their visits to
websites and newsgroups
Always knowing where a person is viamobile and paging services
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
27/60
27
Examples of important privacy
issues (continued)
Using customer information obtained
from many sources to marketadditional business services
Collecting personal information to
build individual customer profiles
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
28/60
28
Privacy on the Internet
Users of the Internet are highly visible
and open to violations of privacy
Unsecured with no real rules
Cookies capture information about you
every time you visit a site
That information may be sold to thirdparties
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
29/60
29
Privacy on the Internet (continued)
Protect your privacy by
Encrypting your messages
Post to newsgroups through anonymousremailers
Ask your ISP not to sell your information to
mailing list providers and other marketers
Decline to reveal personal data andinterests online
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
30/60
30
Computer matching
Computer profiling and matching
personal data to that profile
Mistakes can be a major problem
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
31/60
31
Privacy laws
Attempt to enforce the privacy of
computer-based files and
communications Electronic Communications Privacy Act
Computer Fraud and Abuse Act
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
32/60
32
Computer Libel and Censorship
The opposite side of the privacy debate
Right to know (freedom of information)
Right to express opinions (freedom ofspeech)
Right to publish those opinions (freedom of
the press)
Spamming Flaming
11 Privacy Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
33/60
33
Employment
New jobs have been created and
productivity has increased, yet there
has been a significant reduction insome types of jobs as a result of IT.
11 Other Challenges
-
7/28/2019 11_Security and Ethical Challenges
34/60
34
Computer Monitoring Concerns workplace privacy
Monitors individuals, not just work
Is done continually. May be seen asviolating workers privacy & personalfreedom
Workers may not know that they are beingmonitored or how the information is being
used May increase workers stress level
May rob workers of the dignity of their work
11 Other Challenges (continued)
-
7/28/2019 11_Security and Ethical Challenges
35/60
35
Working Conditions IT has eliminated many monotonous,
obnoxious tasks, but has created others
Individuality
Computer-based systems criticized asimpersonal systems that dehumanize
and depersonalize activities Regimentation
11 Other Challenges (continued)
-
7/28/2019 11_Security and Ethical Challenges
36/60
36
Job stress
Muscle damage
Eye strain
Radiation exposure
Accidents
Some solutions
Ergonomics (human factors engineering) Goal is to design healthy work environments
11 Health Issues
-
7/28/2019 11_Security and Ethical Challenges
37/60
37
11 Health Issues (continued)
-
7/28/2019 11_Security and Ethical Challenges
38/60
38
Beneficial effects on society
Solve human and social problems
Medical diagnosis
Computer-assisted instruction Governmental program planning
Environmental quality control
Law enforcement
Crime control
Job placement
11 Societal Solutions
-
7/28/2019 11_Security and Ethical Challenges
39/60
39
Security Management
11 Section II
-
7/28/2019 11_Security and Ethical Challenges
40/60
40
Goal
Minimize errors, fraud, and losses in
the e-business systems that
interconnect businesses with theircustomers, suppliers, and other
stakeholders
11 Tools of Security Management
-
7/28/2019 11_Security and Ethical Challenges
41/60
41
11 Tools of Security Management (continued)
-
7/28/2019 11_Security and Ethical Challenges
42/60
42
Encryption Passwords, messages, files, and other
data is transmitted in scrambled formand unscrambled for authorized users
Involves using special mathematicalalgorithms to transform digital data inscrambled code
Most widely used method uses a pairof public and private keys unique toeach individual
11 Internet worked Security Defenses
-
7/28/2019 11_Security and Ethical Challenges
43/60
43
Firewalls
Serves as a gatekeeper system that
protects a companys intranets and
other computer networks fromintrusion
Provides a filter and safe transfer point
Screens all network traffic for proper
passwords or other security codes
11 Internet worked Security Defenses (continued)
-
7/28/2019 11_Security and Ethical Challenges
44/60
44
Denial of Service Defenses
These assaults depend on three layers
of networked computer systems
Victims website Victims ISP
Sites of zombie or slave computers
Defensive measures and security
precautions must be taken at all three
levels
11 Internet worked Security Defenses (continued)
-
7/28/2019 11_Security and Ethical Challenges
45/60
45
E-mail Monitoring
Spot checks just arent good enough
anymore. The tide is turning toward
systematic monitoring of corporate e-mail traffic using content-monitoring
software that scans for troublesome
words that might compromise corporate
security.
11 Internet worked Security Defenses (continued)
-
7/28/2019 11_Security and Ethical Challenges
46/60
46
Virus Defenses
Protection may accomplished through
Centralized distribution and updating of
antivirus software Outsourcing the virus protection
responsibility to ISPs or to
telecommunications or security
management companies
11 Internet worked Security Defenses (continued)
-
7/28/2019 11_Security and Ethical Challenges
47/60
47
Security codes
Multilevel password system
Log onto the computer system
Gain access into the system Access individual files
11 Other Security Measures
-
7/28/2019 11_Security and Ethical Challenges
48/60
48
Backup Files
Duplicate files of data or programs
File retention measures
Sometimes several generations of filesare kept for control purposes
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
49/60
49
Security Monitors
Programs that monitor the use of
computer systems and networks and
protect them from unauthorized use,fraud, and destruction
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
50/60
50
Biometric Security Measure physical traits that make each
individual unique Voice
Fingerprints
Hand geometry
Signature dynamics
Keystroke analysis
Retina scanning
Face recognition and Genetic patternanalysis
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
51/60
51
Computer Failure Controls
Preventive maintenance of hardware
and management of software updates
Backup computer system Carefully scheduled hardware or
software changes
Highly trained data center personnel
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
52/60
52
Fault Tolerant Systems
Computer systems that have
redundant processors, peripherals,
and software Fail-over
Fail-safe
Fail-soft
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
53/60
53
Disaster Recovery
Disaster recovery plan
Which employees will participate and their
duties What hardware, software, and facilities will
be used
Priority of applications that will be
processed
11 Other Security Measures (continued)
-
7/28/2019 11_Security and Ethical Challenges
54/60
54
Information System Controls Methods and devices that attempt to
ensure the accuracy, validity, and
propriety of information systemactivities
Designed to monitor and maintain the
quality and security of input,
processing, and storage activities
11 System Controls and Audits
-
7/28/2019 11_Security and Ethical Challenges
55/60
55
Auditing Business Systems
Review and evaluate whether proper
and adequate security measures and
management policies have beendeveloped and implemented
Testing the integrity of an
applications audit trail
11 System Controls and Audits (continued)
-
7/28/2019 11_Security and Ethical Challenges
56/60
56
What can be done to improve e-commerce security on the Internet?
What potential security problems do
you see in the increasing use of
intranets and extranets in business?
What might be done to solve suchproblems?
11 Discussion Questions
-
7/28/2019 11_Security and Ethical Challenges
57/60
57
What artificial intelligencetechniques can a business use toimprove computer security and fight
computer crime?
What are your major concernsabout computer crime and privacyon the Internet? What can you doabout it?
11 Discussion Questions (continued)
-
7/28/2019 11_Security and Ethical Challenges
58/60
58
What is disaster recovery? Howcould it be implemented at your
school or work?
Is there an ethical crisis in e-
business today? What role does
information technology play inunethical business practices?
11 Discussion Questions (continued)
-
7/28/2019 11_Security and Ethical Challenges
59/60
59
What business decisions will you have tomake as a manager that have both an
ethical and IT dimension?
What would be examples of one positive
and one negative effect of the use of e-
business technologies in each of the
ethical and societal dimensions illustratedin the chapter?
11 Discussion Questions (continued)
R f
-
7/28/2019 11_Security and Ethical Challenges
60/60
60
References James A. O'Brien; George M. Marakas.
Management Information Systems:
Managing Information Technology in the
Business Enterprise 6th Ed., Boston:
McGraw-Hill/ Irwin,2004
11