Ethical Issues
Ethics are principles of right and wrong that individual use to make choices to guide their behaviors. But to decide if these principles are right or wrong is very difficult, so many companies and organizations create their own codes of ethics.
Code of Ethics: collection of principles that is intended to guide decision making by members of the organization.
Ethics includes:
1- Responsibility: accept the consequences of your decision.
2- Accountability: determining who is responsible for an action.
3- Liability: legal concept gives to individuals to recover the damage done to them by other individuals.
The ever-expanding use of IT has made many ethical issues. These issues fall in four categories:
1- Privacy Issues: collect information about individuals.
2- Accuracy Issues: accuracy information that has collected.
3- Property issues: ownership and value of information.
4- Accessibility Issues: who should access to information and whether they should have to pay for this access.
Protecting Privacy
Privacy is the right to be left alone and be free. Any privacy data can be integrated to produce a digital dossier (an electronic description of you and your habits). This process called Profiling.
Privacy can be done by many ways such as:
1- - Electronic Surveillance.
2- - Personal Information in Database.
3- - Information on Internet Bulletin Boards, Newsgroups and Social Networking.
4- - Privacy Codes and Policies.
Threats to Information Security
There are several factors contribute to the increasing vulnerability of organizational information assets:
1- 1- Evolution of the information technology resources from mainframe to today’s environment.
2- 2- Government legislation : many types of information must be protected by the low.
3- 3- Computer components and devices are becoming now more smaller and cheaper.
4- 4- Computing skills necessary to be hacker is decreasing.
5- 5- Cyber-crime.
6- 6- Downstream liability.
7- 7- Increased employee use of unmanaged devices.
8- 8- Management support.
Threats to Information Systems:
There are five main categories to help us better understand the complexity of the threat problem:
1- Unintentional acts: which are: Human errors, social engineering , revers social engineering and Social data mining, Deviations in the quality of service by service providers and Environmental hazards.
2- Natural disasters.
3- Technical failures.
4- Management failures.
5- Deliberate acts:
- Espionage or Trespass.
- Information Extortion.
- Sabotage or Vandalism.
- Theft of equipment and information.
- Identity Theft: such as stealing mails or information.
- Compromises to intellectual property, which includes, patent, copyright, trade secret and piracy.
- Software attacks: Viruses, Worm, Trojan Horse, Back Door, etc…
- Alien Software: can be : adware, spyware, spam ware or cookies.
ليست هناك تعليقات:
إرسال تعليق