Professional Documents
Culture Documents
MIS Ch 7 Managing IT Ethical and Security Challenges
MIS Ch 7 Managing IT Ethical and Security Challenges
MANAGING INFORMATION
TECHNOLOGY
Impact on organizations
Information system is one of the resources’ of an
organization which poses a major resource
management challenge.
affects operational efficiency, employee productivity,
and customer service & satisfaction.
is a major source of information & support needed for
effective decision making .
affects organizational structure because it can reduce
the layers & numbers of middle level management.
3
Impact of Information systems on society:
Advantages
A shift on employment - employment is increasing in
information sector because the economy is heavily
depending on the creation, management & distribution of
information.
Usage of internet services:-the number of services
available to home users is growing. Electronic mail,
education service & video games, home banking, etc.
Change on life style - individuals can do their jobs
independent of their workplace. Information systems have
created the opportunity for high standard of living and
increasing leisure time.
4
Ethics and Social Issues
Ethics
Principles of right and wrong that can be used by individuals
acting as free moral agents to make choices to guide their
behavior
Information technology and Information Systems have
indeed raised new questions for both individuals and
societies within the ethical arena.
They create opportunities for intense social change;
threatening existing distributions of power, money, rights
and obligations.
5
Ethical & Social Issues
Ethical, Social, and Political Issues
Model
Ethical, social, and political issues are closely linked. (See next
slide)
The ethical dilemma you may face as a manager of information
systems typically is reflected in social and political debate.
6
Ethical & Social Issues
7
Ethical & Social Issues
Ethical, Social, and Political Issues
Model
Imagine society as a more or less calm pond on a summer day, a
delicate ecosystem in partial equilibrium with individuals and with
social and political institutions.
Individuals know how to act in this pond because social institutions
(family, education, organizations) have developed well-honed rules of
behavior, and these are backed by laws developed in the political
sector that prescribe behavior and promise sanctions for violations.
Now toss a rock into the center of the pond. But imagine instead of a
rock that the disturbing force is a powerful shock of new information
technology and systems hitting a society more or less at rest.
What happens? ripples, of course.
8
Ethical & Social Issues
Ethical, Social, and Political Issues
Model
Suddenly individual actors are confronted with new situations often
not covered by the old rules.
Social institutions cannot respond overnight to these ripples—it
may take years to develop etiquette, expectations, social
responsibility, “politically correct” attitudes, or approved rules.
Political institutions also require time before developing new laws
and often require the demonstration of real harm before they act.
In the meantime, you may have to act.
You may be forced to act in a legal “gray area.”
9
IT Security, Ethics, and Society
10
I. Computer Crime
Is a growing threat caused by irresponsible actions of few
computer professional and end users, who are taking
advantage of the widespread use of computers and IT in
our society.
Computer crime includes
Unauthorized use, access, modification, or destruction of
hardware, software, data, or network resources
The unauthorized release of information
The unauthorized copying of software
Denying an end user access to his/her own hardware, software,
data, or network resources
Using or conspiring to use computer or network resources illegally
to obtain information or tangible property
11
Computer Crime (Cont’d)
Cyber
Hacking
Theft
Computer
Viruses
Unauthorized
Piracy
Use at work
12
1.1. Hacking
13
1.2. Cyber Theft
16
2. Privacy Issues
computer records
Collecting and sharing information about individuals gained
17
3. Employment Challenges of IT
Lost Job Lost
Opportunities Individuality
Working
Conditions
Health
Security Management
Issues
18
3. Employment Challenges
19
Employment Challenges (Cont’d)
Working Conditions
20
4. Health Issues
Heavy use of computers is linked to
eyestrain,
damaged arm,
neck muscles, and
radiation exposure.
Ergonomics (Also called human factors engineering)
is the science that seeks Solutions to some of these
health problems
The Goal of ergonomics is to design healthy work environments that
are Safe, comfortable, and pleasant for people to work
21
Ergonomics (Cont’d)
Ergonomics examines three major
factors in the workplace:
The tools used by the worker; e.g. computer
screens, computer human interfaces, etc.;
The work environment, e.g. lighting, work
surfaces, climate etc.; and
The job content and context, e.g. characteristics
of the task, shift work, rest breaks etc.
22
Security Management of IT
23
Internetworked Security Defenses
Encryption: uses to protect data that is transmitted via the
Internet, intranets, or extranets.
Installing multiple intrusion-detection systems e.g. firewalls,
and multiple routers to control incoming traffic in order to
reduce choke points.
Centralizing, distribution and updating of antivirus software to
Build defenses against the spread of computer viruses
Setting and enforcing security policies such as e-mail
monitoring policy to prevent the infiltration of destructive
programs like Trojan Horses.
24
Other Security Measures (Cont’d)
Security Codes. The use of passwords to control access
to information assets.
Backup Files. Such files may be stored off-premises and
can be a key component in disaster recovery.
Security Monitors. are programs that
Monitor the use of hardware, software, and data resources
of a computer.
collect statistics on any attempt of misuse.
Biometric Security Controls: include such detection
devices as voice recognition and fingerprinting, which must
correspond to the authorized person before admitting personnel
to the system.
25
Security and control issues
Three major areas of control
Information System Controls
Methods and devices that
ensures the accuracy, validity,
and propriety of information
system activities
Procedural controls Include:
Separation of duties
documentation
Authorization requirements
Auditing
Telecommunications controls
Insurance
26
The End
27