Thursday, September 23, 2010

Chapter 4 – Ethics and Information Security

Q1. Explain the ethical issues surrounding information technology.
Ethical issues are the principles and standards that guide our behaviour towards other people. Ones privacy and confidentiality becomes an informational issue shared upon networks. Intellectual property, copyright, fair use doctrine, pirated software and counterfeit software raise ethical issues regarding this informational technology.

Q2. Describe a situation involving technology that is ethical but illegal
When purchasing a software package the individual copies the software. One copy you use and the other is kept as a ‘back up’ package. This is not unethical, as you are not using the copy inappropriately, however it is still illegal.

Q3. Describe and explain one of the computer use policies that a company might employ
An ethical computer use policy contains general principles to guide computer use behaviour. During work hours, certain work has priority. For example if an employee goes on the internet to play computer games or on social networking sites such as Facebook.


Q4. What are the 5 main technology security risks?
  • Human error – occurs by humans
  • Natural Disasters – earthquakes, floods
  • Technical Failure – hardware failures, crashes and software bugs
  • Deliberate acts – malicious, sabotage
  • Management failure – insufficient training, wrong procedures

    Q5. Outline one way to reduce each risk
    • Ensure you have a strong and secure password
    • Monitor activities
    • Make sure all information and data has a backup
    • Engage in firewalls and tighter security for confidential information and data
    • Authentication

    Q6. What is a disaster recovery plan, what strategies might a firm employ?

    It is a detailed process for recovering information or an IT system in the event of a catastrophic disaster such as a flood or a fire. Strategies to implement are as follows:
    • Location of the back up information, usually on offsite facilities
    • ‘Hot Site’: where an organization can move to immediately after a disaster occurs and resume business. It is a separate, fully equipped facility
    • Communication Plans
    • Regular recovery testing
    • Well documented procedures














Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)