Documente Academic
Documente Profesional
Documente Cultură
2
Security, Ethical, and Societal Challenges of IT
3
Beneficial vs Detrimental Effects
4
Ethical Responsibility of Business Professionals
5
Business Ethics
6
Technology Ethics
7
Ethical Guidelines
8
Computer Crimes
• Computer
crime
is
defined
by
the
Association
of
Information
Technology
Professionals
(AITP)
as
including
(1)
the
unauthorized
use,
access,
modification,
and
destruction
of
hardware,
software,
data,
or
network
resources;
(2)
the
unauthorized
release
of
information;
(3)
the
unauthorized
copying
of
software;
(4)
denying
an
end
user
access
to
his
or
her
own
hardware,
software,
data,
or
network
resources;
and
(5)
using
or
conspiring
to
use
computer
or
network
resources
to
obtain
information
or
tangible
property
illegally
9
Cyber Crime
• Hacking:
Hacking
,
in
computerese,
is
the
obsessive
use
of
computers
or
the
unauthorized
access
and
use
of
networked
computer
systems
• Cracking:
criminal
hacking;
using
personal
knowledge
vulnerabilities
he
orshe finds
and
exploits
them
for
private
advantage;
Hacking
(white
hat)
vs
Cracking
(black
hat)
• Cyber
Theft:
Many
computer
crimes
involve
the
theft
of
money.
In
most
cases,
the
scope
of
such
financial
losses
is
much
larger
than
the
incidentsreported
• Cyberterrorism:
The
National
Conference
of
State
Legislatures
(NCSL)
defined
as
The
use
of
information
technology
by
terrorist
groups
and
individuals
to
further
their
agenda.
This
can
include
use
of
information
technology
to
organize
and
execute
attacks
against
networks,
computer
systems
and
telecommunications
infrastructures,
or
for
exchanging
information
or
making
threats
electronically.
• Cyberterorrism can
weaken
country’s
economy,
affect
on
internet-‐based
business
10
Cyber Crime (2)
• Unauthorized
use
at
work:
The
unauthorized
use of
computer
systems
and
networks
can
be
called
time
and
resource
theft
• The
New
York
Times
fired
23
workers
because
they
were
distributing
racist
and
sexually
offensive
jokes
on
the
company’s
e-‐mail
system.
• Xerox
Corp.
fired
more
than
40
workers
for
spending
up
to
eight
hours
a
day
on
pornography
sites
on
the
Web
• Software
Piracy:
unauthorized
copying
of
software;
Unauthorized
copying
is
illegal
because
software
is
intellectual
property
that
is
protected
by
copyright
law
and
user
licensing
agreements
• Theft
of
Intellectual
Property:
unauthorized
copy
of
music,
videos,
images,
articles,
books,
and
other
written
works
• Computer
viruses
and
worms:
• a
virus
is
a
program
code
that
cannot
work
without
being
inserted
into
another
program
• A
worm
is
a
distinct
program
that
can
run
unaided
• Adware
and
spyware:
defined
as
any
software
that
employs
users’
Internet
connection
in
the
background
without
their
knowledge
or
explicit
permission
11
Privacy Issue
• The
power
of
information
technology
to
store
and
retrieve
information,
however,
can
have
a
negative
effect
on
the
right
to
privacy of
every
individual
• With
regard
to
the
Internet,
opt-‐in versus
opt-‐out is
central
to
the
debate
over
privacy
legislation
• US:
Opt-‐out
• EU:
Opt-‐in
• Consumer
protection
groups
typically
endorse
an
opt-‐in
• business
interests
back
opt-‐out
12
Privacy Issues
• Privacy
on
the
internet:
The
Internet
is
notorious
for
giving
its
users
a
feeling
of
anonymity
when
in
reality
they
are
highly
visible
and
open
to
violations
of
their
privacy
• The
using
of
Cookie
file
• Computer
Matching:
profiling
software
failed
to
match
individuals
profile
• Computer
Libel
and
Censorship:
• freedom
of
information-‐ The
opposite
side
of
the
privacy
debate
is
the
right
of
people
to
know
about
matters
others
may
want
to
keep
private-‐
• Freedom
of
speech;
the
right
of
people
to
express
their
opinions
about
such
matters
• Freedom
of
the
press:
and
the
right
of
people
to
publish
those
opinions
13
Other challenges
• Employment
challenges:
the
use
of
computers
to
achieve
automation
of
work
activities.
Additional
jobs
have
been
created
because
information
technologies
• Computer
Monitoring:
computers
are
being
used
to
monitor
the
productivity
and
behavior
of
millions
of
employees
while
they
work,
for
some
reasons computer
monitoring
has
been
criticized
as
unethical
• Challenges
in
Working
conditions:
Information
technology
has
eliminated
monotonous
or
obnoxious
tasks;
this
shift
allows
people
to
concentrate
on
more
challenging
and
interesting
assignments,
upgrade
the
skill
level
–IT
upgrade
the
quality
of
work
• Challenges
of
Individuality:
IT
eliminate
the
human
relationships
present
in
non-‐
computer
systems
14
Health Issues
• The
use
of
information
technology
in
the
workplace
raises
a
variety
of
health
issues
• Ergonomics:
• sometimes
called
human
factors
engineering
• The
goal
of
ergonomics
is
to
design
healthy
work
environments
that
are
safe,
comfortable,
and
pleasant
for
people
to
work
in,
thus
increasing
employee
morale
and
productivity
• Ergonomics
emphasizes
the
healthy
design
of
the
workplace,
workstations,
computers
and
other
machines,
• Job
design:
providing
for
work
breaks
from
heavy
video
monitor
use
every
few
hours
15
Security Management
16
Security Management
• The
goal
of
security
management is
the
accuracy,
integrity,
and
safety
of
all
information
system
processes
and
resources
• security
managers
must
acquire
and
integrate
a
variety
of
security
tools
and
methods to
protect
a
company’s
information
system
resources.
17
Important security measures
18
Other security measurs
• Security
codes:
Typically,
a
multilevel
password system
is
used
for
security
management.
Password
to
logon,
password
to
read,
password
to
write
• Backup
files:
on-‐premises
and
off-‐premises
backup
location
• Security
monitors:
programs
that
monitor
the
use
of
computer
systems,
• Biometric
Security:
These
are
security
measuresprovided by
computer
devices
that
measure
physical
traits
that
make
each
individual
unique
19
Biometric Techniques
20
Other security measurs
• Disaster
recovery
• Natural
and
human-‐made
disasters
• Many
business
are
significantly
affected
by
losing
even
a
few
hours
of
computing
power
• Disaster
recovery
procedures
and
formalize
them
in
a
Disaster
Recovery
Plan
(DRP)
21
System Control and Audits
• Information
system
controls:
are
methods
and
devices
that
attempt
to
ensure
the
accuracy,
validity,
and
propriety
of
information
system
activities
• Information
system
(IS)
controls
must
be
developed
to
ensure
proper
data
entry,
processing
techniques,
storage
methods,
and
information
output.
22
System Controls and Audit (2)
• Auditing
Security
• Periodic
examination
of
IT
Security
management
y
internal
auditing
staff
of
external
auditors
• Another
important
objective
of
business
system
audits
is
testing
the
integrity
of
an
application’s
audit
trail
• Audit
trail:
the
presence
of
documentation
that
allows
a
transaction
to
be
traced through
all
stages
of
its
information
processing.
• Many
times,
this
electronic
audit
trail takes
the
form
of
control
logs that
automatically
record
all
computer
network
activity
on
magnetic
disk
or
tape
devices.
23
System Controls and Audit (3)
24
Problems at hand
25