FirstNameLastName_ MMT2 Task 3 1.12.2019.docx - Student...

This preview shows page 1 - 5 out of 11 pages.

Student Name: Jay Usher Student ID: 001040467 Student Email: [email protected] Degree Program: MBA IT Management My Program Mentor: Sue Fawcett MMT2 Task 3 Student ID: 001040467 WGU IT STRATEGIC SOLUTIONS — MMT2 TASK 3
Task 3 Contents A_ETHICAL ISSUES: ................................................................................................................................ A1. UNETHICAL USES: INTERNAL: ...................................................................................................... A2. UNETHICAL USES: EXTERNAL: ..................................................................................................... B. SECURITY THREATS: .......................................................................................................................... B1. SECURITY THREATS INTERNAL: ................................................................................................... B2. SECURITY THREATS: EXTERNAL: ................................................................................................. C. UPDATED COMPANY POLICIES: ....................................................................................................... C1. MITIGATE UNETHICAL USES: ......................................................................................................... C2. MITIGATE SECURITY THREATS: .................................................................................................... D. SOURCES: ........................................................................................................................................... 2
Task 3 A_ETHICAL ISSUES: The goal of this paper is to examine the effectiveness of AEnergy’s security policies for both internal and external users. For the policies to be effective, they should be understandable, whole, available, and officially acknowledged by all users with the expectation that they will be held accountable for these security policies. Companies should consistently review their security policies, update them as needed, and ensure they are being effectively enforced for users, both internal and external. A1. UNETHICAL USES: INTERNAL: 1. One unethical use by an internal user would be unauthorized use of private data. This is a direct violation of the security policy. The company stores personal and confidential private data on internal and external users or customers and there is a legal expectation that this data is secure and not used as leverage to intimidate or harass employees or customers. An employee could gain access to this private and confidential data and use it for unethical reasons, such as blackmail, and this behavior would put the company in legal risk. One example of an employee using confidential data to blackmail a customer is gaining the customers cell phone number, calling them, and asking for money or their confidential information would be released to the public. 2. Another unethical use by an internal user using a company device with GPS capability to track someone. Monitoring another customer or employee’s travels, such as monitoring where they go, with the intent to intimidate or blackmail them could increase the company’s legal risk (McNall, Stanton, 2011). An example of an employee using confidential information would be a supervisor tracking a subordinate’s locations during a day where the employee called in sick and then trying to fire them for lying about actually being sick. A2. UNETHICAL USES: EXTERNAL: 3
Task 3 1. Often external users are given permission to access limited areas on company site. Many times, they are assigned a visitor badge. However, if that external user were to use that badge to access forbidden areas, even if they coerced another employee to allow them into those areas, this would be unethical use of technology. Going into restricted areas can expose them to confidential information or allow them access to use technology they are not allowed to access. In certain scenarios allowing restricted users to access confidential data can violate contractual agreements with customers or clients and could result in loss of proprietary products or information.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture