This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Page 1 of 15 ITM 309 Fall 2010 Exam Two Review Outline November 3, 2010 Ethics and Information Security Chapter 4 1 Business Ethics Ethics the principles and standards that guide our behavior toward other people Issues affected by technology advances 1) Intellectual property- Intangible creative work that is embodied in physical form 2) Copyright- The legal protection afforded an expression of an idea, such as a song, video game, and some types of proprietary documents 3) Fair use doctrine- In certain situations, it is legal to use copyrighted material 4) Pirated software- The unauthorized use, duplication, distribution, or sale of copyrighted software 5) Counterfeit software- Software that is manufactured to look like the real thing and sold as such Privacy is a major ethical issue 1) Privacy the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent 2) Confidentiality the assurance that messages and information are available only to those who are authorized to view them 2 BW: Ethics 101 for Interns Ethics in the Workplace: 1) Workplace monitoring is a concern for many employees 2) Organizations can be held financially responsible for their employees actions 3) The dilemma surrounding employee monitoring in the workplace is that an organization is placing itself at risk if it fails to monitor its employees, however, some people feel that monitoring employees is unethical IT and Ethics ( Individuals form the only ethical component of Information Technology): 1) Individuals copy, use , and distribute software 2) Search organizational databases for sensitive and personal information 3) Individuals create and spread viruses 4) Individuals hack into computer systems to steal information 5) Employees destroy and steal information 3 Security Management Planning and Lines of Defense Information Security the protection of information from accidental or intentional misuse by persons inside or outside an organization The First Line of Defense- People: Organizations must enable employees, customers, and partners to access information electronically. The biggest issue surrounding information security is not a technical issue, but a people issue 33% of security incidents originate within the organization. Insiders legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident. Page 2 of 15 The first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan Information security policies identify the rules required to maintain information security Information security plan details how an organization will implement the information security policies Five steps to create an information security plan : 1) Develop the information security policies...
View Full Document
This note was uploaded on 11/09/2010 for the course ITM 309 taught by Professor Rodammer during the Spring '08 term at Michigan State University.
- Spring '08