McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B7 Ethics
B7-2 LEARNING OUTCOMES 1.Summarize the guidelines for creating an information privacy policy 2.Identify the differences between an ethical computer use policy and an acceptable computer use policy 3.Describe the relationship between an privacy policy and an Internet use policy
B7-3 LEARNING OUTCOMES 4.Explain the effects of spam on an organization 5.Summarize the different monitoring technologies and explain the importance of an employee monitoring policy
B7-4 INTRODUCTION Ethics – the principles and standards that guide our behavior toward other people Important ethical concepts stemming from IT –Intellectual property –Copyright –Fair use doctrine –Pirated software –Counterfeit software
B7-5 INTRODUCTION ePolicies address information privacy and confidentiality issues –ePolicies – policies and procedures that address the ethical use of computers and Internet usage –Privacy – the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent –Confidentiality – the assurance that messages and information are available only to those who are authorized to view them
B7-6 Ethics Individuals form the only ethical component of an IT systems
B7-7 Ethics Acting ethically and legally are not always the same
B7-8 INFORMATION HAS NO ETHICS Information does not care how it is used Information will not stop itself from sending spam, viruses, or highly-sensitive information Information cannot delete or preserve itself
B7-9 Developing Information Management Policies Organizations strive to build a corporate culture based on ethical principles that employees can understand and implement ePolicies typically include: –Ethical computer use policy –Information privacy policy –Acceptable use policy – privacy policy –Internet use policy –Anti-spam policy
B7-10 ETHICAL COMPUTER USE POLICY Ethical computer use policy – contains general principles to guide computer user behavior The ethical computer user policy ensures all users are informed of the rules and, by agreeing to use the system on that basis, consent to abide by the rules
B7-11 ETHICAL COMPUTER USE POLICY
B7-12 INFORMATION PRIVACY POLICY Information privacy policy - contains general principles regarding information privacy –Would you mind if your Visa company shared all of your purchasing information? –Who owns the information on your Visa? –Why would people want to purchase Visa information?
B7-13 ACCEPTABLE USE POLICY Acceptable use policy (AUP) – a policy that a user must agree to follow in order to be provided access to a network or to the Internet An AUP usually contains a non-repudiation clause –Nonrepudiation – a contractual stipulation to ensure that e-business participants do not deny (repudiate) their online actions ( therefore, keep all your s)
B7-14 ACCEPTABLE USE POLICY
B7-15 PRIVACY POLICY Organizations can reduce the risks of and instant messaging communication tools by implementing and adhering to an privacy policy privacy policy – details the extent to which messages may be read by others ( is not safe)
B7-16 PRIVACY POLICY
B7-17 PRIVACY POLICY
B7-18 INTERNET USE POLICY Internet use policy – contains general principles to guide the proper use of the Internet
B7-19 ANTI-SPAM POLICY Spam – unsolicited Spam accounts for 40% to 60% of most organizations’ and cost U.S. businesses over $14 billion in 2005 Anti-spam policy – simply states that users will not send unsolicited s (or spam) Use X2009abc at stfx dot ca to disguise address
B7-20 MONITORING TECHNOLOGIES Monitoring – tracking people’s activities by such measures as number of keystrokes, error rate, and number of transactions processed –Key logger or key trapper software –Hardware key logger –Cookie –Adware –Spyware –Web log –Clickstream