Tuesday, 27 September 2011

Week 5: Ethics and Security

Explain the Ethical Issues Surrounding Information Technology

As the internet and information software has become more advanced, the ethical issues surrounding information technology have become more and more pronounced in the world of eBusiness.

The five main technology-related ethical issues faced by businesses and individuals today include;

·         Intellectual Property:- The collection of rights that protect creative and intellectual effort

·         Copyright:- The exclusive right to do, or omit to do, certain acts with intangible property such as music, video games and other propriety  documents

·         Pirated Software:- The unauthorised duplication, distribution, or sale of copyrighted software

·         Counterfeit Software:- Software that is manufactured to look like the real thing and sold as such
As seen in the following video, the issues of pirated and counterfeited software especially, has become a prominent ethical concept stemming from advances in the technology that is now available to individuals.






Describe a Situation Involving Technology That is Ethical but Illegal

Within the area of information ethics there are very few hard and fast rules for always determining what is or is not ethical. The fact is that knowing the law, will not always help you in making the ‘right’ choice because what might be ethical is not always legal.
Take for example, a situation in which someone is in a position to save someone’s life, but the only way to do so is by sharing confidential information. What would be the right thing to do?
Alternately, another scenario could involve the action of backing up software. Under the Copyright Act (1968), it is technically illegal to copy, use and distribute software, but think of a business such as a doctor’s surgery running on a database program like BlueChip. From an ethical perspective it is the surgery’s duty to maintain, and care for all their patients’ records. Is it ok then if, as long as they are not sharing these records with any other party, they make a copy of the software to back-up all the information it holds in the event of a crash?



Describe and Explain One of the Computer Use Policies That a Company Might Employ
When it comes to the treatment and access of corporate information, it is important that managers of an organisation create a corporate culture amongst their staff based on ethical principles. This can be achieved through the development of written policies known as ‘computer use policies’ or ‘e-Policies’. These policies set the company’s policies and procedures that address the ethical use of computers and internet usage within the work environment.
 The most important of these policies is that known as the Ethical Computer Use Policy (ECUP). As the basis of all other policies the organisation might establish, an ECUP ensures that users know how to behave at work and that the organisation has a published standard by which to deal with user infractions. For example, this type of policy is widely used amongst business and educational facilities, where, after an appropriate number of warnings, the continuous breach of its conditions may result in the termination of an employee, or suspension of a student.
In this way, the enforcement of an ECUP is most effective when it is done on the basis of informed consent. Under this concept, a conscientious effort must be made on behalf of the organisation to inform all users of the conditions of the policy, and by agreeing to use the system on this basis, it is understood that the user consents to abide by these rules



What Are The 5 Main Technology Security Risks?

When they hear the term ‘Technology Security Risk’, the first thought that passes through many people’s minds are Spam and Software Viruses. Although it is true that these two concepts do pose a significant threat to internet and technological security, they are not the only ones in existence. Instead, the vast amount of security risks that can impact the use of technology in business can be divided into 5 main types;

·         Human Error

·         Natural Disaster

·         Technical Failures

·         Deliberate Acts

·         Management Failure

 As can be seen below, within these 5 risks, there are many threats to a business’ information technology besides the most recognized of Spam and Software Viruses.



Outline One Way to Reduce Each Risk




What is a Disaster Recovery Plan, What Strategies Might a Firm Employ?

As seen by the recent disasters such as the September 11 Terrorist Attacks, Victorian Bushfires and Queensland Floods, all organisations should have a comprehensive data recovery plan in place to prepare for unexpected occurrences.  As a detailed process for recovering information and regaining access to IT systems after a disaster has taken place, this type of plan outlines such things as;

       ·         Communications Plan

      ·         Alternative Sites

      ·         Business Continuity

      ·         Location of Backup Data

In this way, Disaster Recovery Plans help a business to plan ahead
and develop executable strategies to deal with contingencies. By
doing this, the company ensures business continuity by making all
employees aware of exactly what happens in the event of a disaster. Some of these strategies include;

·       Storing back-up date and information in an off-site facility


·       Establishing a Hot Site (a fully equipped facility where the company can move immediately after a disaster and resume business)


·       Establishing a Cold Site (a separate facility that does not have any computer equipment , but where employees can move after a disaster)


·       Ensuring all recovery procedures are well documented and accessible to all organisation members        


·       Conducting regular recovery testing


No comments:

Post a Comment