Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and Ethical Challenges

Published byMilo Gray Modified over 8 years ago

Similar presentations

Presentation on theme: "Security and Ethical Challenges"— Presentation transcript:

1 Security and Ethical Challenges
11 Security and Ethical Challenges

2 11 Learning Objectives Identify ethical issues in how the use of information technologies in business affects employment, individuality, working conditions, privacy, crime, health, and solutions to societal problems.

3 Learning Objectives (continued)
11 Learning Objectives (continued) Identify types of security management strategies and defenses, and explain how they can be used to ensure the security of e-business applications. How can business managers and professionals help to lessen the harmful effects and increase the beneficial effects of the use of information technology?

4 11 Section I Security, Ethical, and Societal Challenges

5 Ethical Responsibility
11 Ethical Responsibility The use of IT presents major security challenges, poses serious ethical questions, and affects society in significant ways. IT raises ethical issues in the areas of.. Crime Privacy Individuality Employment Health Working conditions

6 But, IT has had beneficial results as well.
11 Ethical Responsibility (continued) But, IT has had beneficial results as well. So as managers, it is our responsibility to minimize the detrimental effects and optimize the beneficial effects.

7 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Business Ethics Basic categories of ethical issues Employee privacy Security of company records Workplace safety

8 Theories of corporate social responsibility
11 Ethical Responsibility (continued) Theories of corporate social responsibility Stockholder theory Managers are agents of the stockholders. Their only ethical responsibility is to increase profit without violating the law or engaging in fraud

9 Ethical Responsibility (continued)
Theories of corporate social responsibility Stockholder theory Managers are agents of the stockholders. Their only ethical responsibility is to increase profit without violating the law or engaging in fraud

10 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Theories of corporate social responsibility (continued) Social Contract Theory Companies have ethical responsibilities to all members of society, which allow corporations to exist based on a social contract

11 Theories of corporate social responsibility (continued)
11 Ethical Responsibility (continued) Theories of corporate social responsibility (continued) First condition – companies must enhance economic satisfaction of consumers and employees Second condition – avoid fraudulent practices, show respect for employees as human beings, and avoid practices that systematically worsen the position of any group in society

12 Theories of corporate social responsibility (continued)
11 Ethical Responsibility (continued) Theories of corporate social responsibility (continued) Stakeholder theory Managers have an ethical responsibility to manage a firm for the benefit of all its stakeholders. Stockholders Employees Customers Suppliers Local community

13 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Theories of corporate social responsibility (continued) Sometimes stakeholders are considered to include Competitors Government agencies and special interest groups Future generations

14 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Technology Ethics Four Principles Proportionality Good must outweigh any harm or risk Must be no alternative that achieves the same or comparable benefits with less harm or risk Informed consent Those affected should understand and accept the risks Justice Benefits and burdens should be distributed fairly

15 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Technology Ethics (continued) Minimized Risk Even if judged acceptable by the other three guidelines, the technology must be implemented so as to avoid all unnecessary risk

16 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Ethical Guidelines

17 Ethical Responsibility (continued)
11 Ethical Responsibility (continued) Ethical guidelines (continued) Responsible end users Act with integrity Increase their professional competence Set high standards of personal performance Accept responsibility for their work Advance the health, privacy, and general welfare of the public

18 11 Computer Crime Association of Information Technology Professionals (AITP) definition includes The unauthorized use, access, modification, and destruction of hardware, software, data, or network resources Unauthorized release of information Unauthorized copying of software

19 Computer Crime (continued)
11 Computer Crime (continued) AITP guidelines (continued) Denying an end user his/her own hardware, software, data, or network resources Using or conspiring to use computer or network resources to illegally obtain info or tangible property

20 Computer Crime (continued)
11 Computer Crime (continued) Hacking The obsessive use of computers, or the unauthorized access and use of networked computer systems Cyber Theft Involves unauthorized network entry and the fraudulent alteration of computer databases

21 Computer Crime (continued)
Unauthorized use at work Also called time and resource theft May range from doing private consulting or personal finances, to playing video games, to unauthorized use of the Internet on company networks

22 Computer Crime (continued)
11 Computer Crime (continued) Software Piracy Unauthorized copying of software Software is intellectual property protected by copyright law and user licensing agreements

23 Computer Crime (continued)
11 Computer Crime (continued) Piracy of intellectual property Other forms of intellectual property covered by copyright laws Music Videos Images Articles Books Other written works

24 Computer Crime (continued)
11 Computer Crime (continued) Computer viruses and worms Virus A program that cannot work without being inserted into another program Worm A distinct program that can run unaided

25 11 Privacy Issues IT makes it technically and economically feasible to collect, store, integrate, interchange, and retrieve data and information quickly and easily. Benefit – increases efficiency and effectiveness But, may also have a negative effect on individual’s right to privacy

26 Privacy Issues (continued)
11 Privacy Issues (continued) Examples of important privacy issues Accessing private and computer records & sharing information about individuals gained from their visits to websites and newsgroups Always knowing where a person is via mobile and paging services

27 Privacy Issues (continued)
11 Privacy Issues (continued) Examples of important privacy issues (continued) Using customer information obtained from many sources to market additional business services Collecting personal information to build individual customer profiles

28 Privacy Issues (continued)
11 Privacy Issues (continued) Privacy on the Internet Users of the Internet are highly visible and open to violations of privacy Unsecured with no real rules Cookies capture information about you every time you visit a site That information may be sold to third parties

29 Privacy Issues (continued)
11 Privacy Issues (continued) Privacy on the Internet (continued) Protect your privacy by Encrypting your messages Post to newsgroups through anonymous r ers Ask your ISP not to sell your information to mailing list providers and other marketers Decline to reveal personal data and interests online

30 Privacy Issues (continued)
11 Privacy Issues (continued) Computer matching Computer profiling and matching personal data to that profile Mistakes can be a major problem

31 Privacy Issues (continued)
11 Privacy Issues (continued) Privacy laws Attempt to enforce the privacy of computer-based files and communications Electronic Communications Privacy Act Computer Fraud and Abuse Act

32 Privacy Issues (continued)
11 Privacy Issues (continued) Computer Libel and Censorship The opposite side of the privacy debate Right to know (freedom of information) Right to express opinions (freedom of speech) Right to publish those opinions (freedom of the press) Spamming Flaming

33 11 Employment Other Challenges
New jobs have been created and productivity has increased, yet there has been a significant reduction in some types of jobs as a result of IT.

34 Other Challenges (continued)
11 Other Challenges (continued) Computer Monitoring Concerns workplace privacy Monitors individuals, not just work Is done continually. May be seen as violating workers’ privacy & personal freedom Workers may not know that they are being monitored or how the information is being used May increase workers’ stress level May rob workers of the dignity of their work

35 Other Challenges (continued)
11 Other Challenges (continued) Working Conditions IT has eliminated many monotonous, obnoxious tasks, but has created others Individuality Computer-based systems criticized as impersonal systems that dehumanize and depersonalize activities Regimentation

36 11 Health Issues Job stress Muscle damage Eye strain
Radiation exposure Accidents Some solutions Ergonomics (human factors engineering) Goal is to design healthy work environments

37 Health Issues (continued)
11 Health Issues (continued)

38 Beneficial effects on society
11 Societal Solutions Beneficial effects on society Solve human and social problems Medical diagnosis Computer-assisted instruction Governmental program planning Environmental quality control Law enforcement Crime control Job placement

39 11 Section II Security Management

40 Tools of Security Management
11 Tools of Security Management Goal Minimize errors, fraud, and losses in the e-business systems that interconnect businesses with their customers, suppliers, and other stakeholders

41 Tools of Security Management (continued)
11 Tools of Security Management (continued)

42 Internet worked Security Defenses
11 Internet worked Security Defenses Encryption Passwords, messages, files, and other data is transmitted in scrambled form and unscrambled for authorized users Involves using special mathematical algorithms to transform digital data in scrambled code Most widely used method uses a pair of public and private keys unique to each individual

43 11 Internet worked Security Defenses (continued) Firewalls Serves as a “gatekeeper” system that protects a company’s intranets and other computer networks from intrusion Provides a filter and safe transfer point Screens all network traffic for proper passwords or other security codes

44 Denial of Service Defenses
11 Internet worked Security Defenses (continued) Denial of Service Defenses These assaults depend on three layers of networked computer systems Victim’s website Victim’s ISP Sites of “zombie” or slave computers Defensive measures and security precautions must be taken at all three levels

45 11 Internet worked Security Defenses (continued) Monitoring “Spot checks just aren’t good enough anymore. The tide is turning toward systematic monitoring of corporate traffic using content-monitoring software that scans for troublesome words that might compromise corporate security.”

46 11 Virus Defenses Protection may accomplished through
Internet worked Security Defenses (continued) Virus Defenses Protection may accomplished through Centralized distribution and updating of antivirus software Outsourcing the virus protection responsibility to ISPs or to telecommunications or security management companies

47 Other Security Measures
11 Other Security Measures Security codes Multilevel password system Log onto the computer system Gain access into the system Access individual files

48 11 Backup Files Duplicate files of data or programs
Other Security Measures (continued) Backup Files Duplicate files of data or programs File retention measures Sometimes several generations of files are kept for control purposes

49 11 Other Security Measures (continued) Security Monitors Programs that monitor the use of computer systems and networks and protect them from unauthorized use, fraud, and destruction

50 11 Other Security Measures (continued) Biometric Security Measure physical traits that make each individual unique Voice Fingerprints Hand geometry Signature dynamics Keystroke analysis Retina scanning Face recognition and Genetic pattern analysis

51 Computer Failure Controls
11 Other Security Measures (continued) Computer Failure Controls Preventive maintenance of hardware and management of software updates Backup computer system Carefully scheduled hardware or software changes Highly trained data center personnel

52 Fault Tolerant Systems
11 Other Security Measures (continued) Fault Tolerant Systems Computer systems that have redundant processors, peripherals, and software Fail-over Fail-safe Fail-soft

53 11 Disaster Recovery Disaster recovery plan
Other Security Measures (continued) Disaster Recovery Disaster recovery plan Which employees will participate and their duties What hardware, software, and facilities will be used Priority of applications that will be processed

54 System Controls and Audits
11 System Controls and Audits Information System Controls Methods and devices that attempt to ensure the accuracy, validity, and propriety of information system activities Designed to monitor and maintain the quality and security of input, processing, and storage activities

55 Auditing Business Systems
11 System Controls and Audits (continued) Auditing Business Systems Review and evaluate whether proper and adequate security measures and management policies have been developed and implemented Testing the integrity of an application’s audit trail

56 What can be done to improve e-commerce security on the Internet?
11 Discussion Questions What can be done to improve e-commerce security on the Internet? What potential security problems do you see in the increasing use of intranets and extranets in business? What might be done to solve such problems?

57 11 Discussion Questions (continued) What artificial intelligence techniques can a business use to improve computer security and fight computer crime? What are your major concerns about computer crime and privacy on the Internet? What can you do about it?

58 11 Discussion Questions (continued) What is disaster recovery? How could it be implemented at your school or work? Is there an ethical crisis in e-business today? What role does information technology play in unethical business practices?

59 Discussion Questions (continued)
11 Discussion Questions (continued) What business decisions will you have to make as a manager that have both an ethical and IT dimension? What would be examples of one positive and one negative effect of the use of e-business technologies in each of the ethical and societal dimensions illustrated in the chapter?

60 11 References James A. O'Brien; George M. Marakas. Management Information Systems: Managing Information Technology in the Business Enterprise 6th Ed., Boston: McGraw-Hill/ Irwin,2004

Download ppt "Security and Ethical Challenges"

Similar presentations

Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Cookies Are small text filer with or unique ID tag that are embedded in a Web browser and saved on the user hard drive. Cookies also make it possible.

Cookies Are small text filer with or unique ID tag that are embedded in a Web browser and saved on the user hard drive. Cookies also make it possible.
©2002, Pearson Education Canada 1.1 c h a p t e r 1 1 MANAGING THE DIGITAL FIRM: CANADA AND BEYOND CANADA AND BEYOND.

©2002, Pearson Education Canada 1.1 c h a p t e r 1 1 MANAGING THE DIGITAL FIRM: CANADA AND BEYOND CANADA AND BEYOND.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.
Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 10-2 Competencies Describe concerns associated with computer.

1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved Competencies Describe concerns associated with computer.
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.

Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.

1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.
MIS 301 Information Systems in Organizations

MIS 301 Information Systems in Organizations

Similar presentations

Ads by Google