By : Mark Anthony P. Cezar. Overview of Ethics Ethics for IT Workers and IT Users Computer and...

transcript

ETHICS IN IT

By : Mark Anthony P. Cezar

OUTLINE

Overview of EthicsEthics for IT Workers and IT Users Computer and Internet CrimePrivacyFreedom of ExpressionIntellectual PropertySoftware DevelopmentThe impact of technology on productivity and quality of lifeSocial NetworkingEthics of IT Organizations

Book Reference:

Ethics in Information TechnologyGEORGE W. REYNOLDSThird Edition

Ethics must begin at the top of an organization. It is a leadership issue and the chief executive must set an example.

-Edward Henessy

Each Society forms a set of rules that establishes the boundaries of generally accepted.

These rules made as MORAL CODE by which society lives.

The term MORALITY refers to social conventions about right and wrong that are so widely shared that they become basis for an established consensus.

What is Ethics?

A set of Beliefs about right and Wrong behavior within a society.

ETHICAL BEHAVIORConforms to generally accepted norms

IS LYING AND CHEATING UNETHICAL?Opinions about what constitutes ethical behavior often vary dramatically.

SOFTWARE PIRACY ?•A practice of making copies of software•Enable others to access software to which they are not entitled.

SOFTWARE PIRACY ?

In 2007.38 % of all software in circulation world wide was pirated.

Cost of nearly $48 billion

SOFTWARE PIRACY ?

The highest piracy rate 93% was in

Armenia, Bangladesh,Azerbaijan andMoldova.

The lowest piracy rates were inUnited States (20%)New Zealand (22%)

VIRTUES VERSUS VICES

VIRTUES Are incline people to do what is acceptableVICESAre habits and uacceptable behavior

VIRTUES VICES

Fairness Vanity

Generosity Greedy

Loyalty Envy

Virtues and Vices define people personal value system-complex scheme of moral values by which they live.

THE IMPORTANCE OF INTEGRITY

A person who acts with INTEGRITY acts in accordance with a personal code of principles. One of the cornerstone of ethical behavior-extending people same respect and consideration that you expect to receive from others.

THE DIFFERENCE OF MORALS,ETHICS AND LAWS

MORALAre one’s personal beliefs about right and wring, while the term ethics describes standard or codes of behavior expected of an individual by a group to which an individual belongs.

Example – Ethics of the Law Profession

Attorneys defend and accused client to the best of their ability, even if they know that the client is guilty of the most heinous and morally objectionable crime.

LAWIs a system of rules that tells us what we can and cannot do.

LAW are enforce by a set of institution.

LEGAL ACTS are acts that conform to the law.MORAL ACTS conform with what an individual believes the right thing to do.

Law can proclaim an act as legal, although many people consider it as immoral example – abortion.

ETHICS IN THE BUSINESS WORLDEthics has risen to the top of the business because the risks associated with inappropriate behavior have increased.

WHY FOSTERING GOOD BUSINESS ETHICS IS IMPORTANT.

Organization have five reason promoting work environment in which employees are encouraged to act ethically when making business decision.

1. Gaining the good will of the community

2. Creating an organization that operates consistently.

3. Fostering good business practices

4. Protecting the organization and its employees from legal action.

5. Avoiding unfavorable publicity.

MICROSOFT STATEMENT OF VALUES

As a company and as individual we value integrity, honesty, openness, personal excellence, constructive self criticism, continual self improvement and mutual respect. We are committed to our customers and partners and have passion in technology.

Approach to dealing with moral issues

Principle

Virtue Ethics Approach The Ethical choice best reflects in moral virtues in yourself and in community

Utilitarian Approach The ethical choice produces the greatest excess of benefits over harm

Fairness Approach The ethical choice treats everyone the same and shows no favoritism and discrimination

Common Good Approach The ethical choice advance the common good

Four common approaches to ethical decision making

Example that raise public concern about the ethical use of information technology.

1. Many employees might have their email and internet access monitored while at work , as employee struggle to balance their need to manage important company asset and work time with employee desire for privacy and self direction.

2. Millions of people have downloaded music and movies at no charge and in apparent violations of copyright laws at tremendous expense to the owner of those copyrights.

3. Organization contact million of people world through unsolicited email(spam) as an extremely low cost marketing approach.

4. Hackers break into databases of financial and retail institutions to steal customer information, then use it to commit identity theft-opening new accounts and charging purchases to unsuspecting victim.

5.Students around the world have been caught downloading material from the web and plagiarizing content for their term papers.

6. Web site plant cookies or spyware on visitors hard drive to attack their online purchases and activities.

SELF DISCUSSION ANAYLSYS - Seatwork

1.You are a recent graduate of a well respected business school, but you are having problems getting a job.You worked with a professional resume service to develop a well written resume and placed in on several websites:you also sent it directly to contacts a dozen companies.So far you have not even had an invitation for an interview. You know that one of your shortcomings is that you have no real job experience to speak of.You are considering beefing up your resume by exaggerating the extent of the class project you worked on for a few weeks under the supervision of your brother in law. You could reword your resume to make it sound as if your actually employed and that your responsibilities were greater than they actually were. What should you do?

SELF DISCUSSION ANAYLSYS - Seatwork

2. A coworker calls you at 9:00 am at work ad asks for a favor. He is having in car trouble and will be an hour late for work. He explains that he has already been late for work twice this month and that a third time will cost him four hours of pay. He asks you to stop to his cubicle turn his computer on and place some papers on the desk so that it appears that he is in. You have worked on some small projects with this co worker and have gone lunch together. He seems nice enough and does his share of the work, but you are not sure what to tell him. What would you do?

Ethics for IT Workers and IT USERS

Professionalism : It is not the job you do ,It is how you do the job.

IT Technicians fired after reporting child Porn.

ARE IT WORKERS PROFESSIONAL?

A PROFESSION is a calling that requires specialized knowledge and often and intensive academic preparation.

FROM A LEGAL PERSPECTIVE – IT workers are not recognized as professional because they are not licensed by the state.

As Many courts have rules that IT workers are not liable for malpractice because they do not meet the legal deffinition

ARE IT WORKERS PROFESSIONAL?.

For Example:

Doctor Prescribe of correct drugs and medication

Professional exercise and carry rights in a lifelong training program

ALTHOUGH . . .

Not legally classified as professional , IT workers are considered part of the professional service industry.

An IT workers provides services to clients.

IT Workers provide hardware and software services and works to act in the client’s best interest.

PROFFESIONAL RELATIONSHIP THAT MUST BE MANAGED

IT workers typically become involved in many different relationships including those employers, clients, supplier and other professional.

BUSINESS SOFTWARE ALLIANCE

Is a trade group that represents the worlds largest software and hardware manufacturers.

Mission is to stop unauthorized copying of software.

Check BSA WEBsite

TRADE SECRET

Information generally unknown to the public and that the company has taken strong measures to keep it confidential.

WHISTLE BLOWING

Is an effort by an employee to attract attention to a negligent, illegal ,, unethical ,abusive or dangerous act by a company that threatens the public interest.

Is the crime of obtaining good ,services or property through deception or trickery.

To prove fraud in a court of law four elements must be demonstrate.

1.Wrongdoer demonstrate false representation of material fact.2.Wrongdoer intended to deceive the innocent party.3.Innocent party justifiably relied on misrepresentation4.Innocent party was injured.

MISREPRESENTATION

Misstatement or incomplete statement of material fact. If the misrepresentation causes the other party to enter in a contract that party may have the legal right to cancel the contract or seek reimbursement for damages.

BREACH OF CONTRACT

Occurs when one party fails to meet the terms of a contact.

MATERIAL BREACH OF CONTRACT

Occurs when a party fails to perform certain express or implied obligation.

FREQUENT CAUSES OF PROBLEMS IN IT PROJECTS

Customer change the scope of the project or the system requirementsPoor communication between customer and vendor leads to performance that does not meet expectationVendor delivers a system that meets the customer requirement, but a competitor comes out with a system that offers more advanced and useful featuresCustomer fails to reveals information about legacy systems or databases that make the new system extremely difficult to implement

IT WORKERS AND SUPPLIER

IT workers deal with many different hardware and software and service providers. Most IT understand that building a good working relationship with supplier encourages the flow of communication as well as the sharing of ideas.

BRIBERY involves providing money property and favors to someone in business or government to obtain business advantage.

Example

Software supplier sales representative who offers money to another company employee to get its business.

DISTINGUISHING BETWEEN BROBERY AND GIFTS

BRIBES GIFTS

Made in secret, as they are neither legally nor morally acceptable

Made openly in public, as a gesture of friendship or goodwill

Are often made indirectly through a third party

Are made directly from donor to recipient

Encourage an obligation for the recipient to act favorably toward the donor

Come with no expectation of a future favor for the donor

IT WORKERS AND OTHER PROFESSIONAL

A number of ethical problem can arise among members of the IT profession. One of the most common is RESUME INFLATION which involves lying on a resume and claiming competence in IT skill that is in high demand, Even though an IT worker might benefit in short term by exaggerating hier or her qualification. Such an action can hurt the profession and individual in the long run.

Another Ethical issue is the inappropriate sharing of corporate information. IT workers have access to corporate databases of private and confidential information about employees, customers, suppliers, new product plan, promotions, budget and so on.

IT WORKERS AND IT USERS

IT USER distinguish as the person who uses a hardware and software product from the it worker who develop install, service and support the product.

IT user needs to deliver organization benefits to increase productivity.

PROFESSIONAL CODE OF ETHICS

States the principles and core values are essential to the work of a particular occupational group.

PRINCIPLE IN PROFESSIONAL CODE OF ETHICS

Ethical Decision Making

High Standard of Practice and Ethical Behavior

Trust and Respect from the general public

Evaluation Benchmark

POFESSIONAL ORGANIZATION

ACM - Association for computing machinery

AITP – Association of Information Technology Professional

IEEE-CS Institute of Electrical and Electronics Engineers Computer Society

PMI – Project Management Institute

SNA - SysAdmin, Audit, Network Security

CERTIFICATION

Indicates that a professional posses a particular set of skills, knowledge or abilities, in the opinion of certifying organization.

VENDOR CERTIFICATION

Many IT vendors – such as CISCO, IBM, MICROSOFT, Sun, Sap and Oracle – offer certification program for their products.

Workers who successfully complete a program can represent themselves as certified users of manufacturers product.

THE CASE FOR LICENSING IT WORKERS

The days of simple, stand-alone information systems are over. Modern systems are highly complex, interconnected and critically dependent on one another.

IT PROFESSIONAL MALPRACTICE

NEGLIGENCE has been defined as not doing something that a reasonable person would do, or doing something that a reasonable person would not do.

DUTY OF CARE refers to the obligation to protect people against unreasonable harm or risk.

COMMON ETHICAL ISSUES FOR IT USERS

SOFTWARE PIRACY

INAPPROPRIATE USE OF COMPUTING RESOURCE

INAPPROPRIATE SHARING OF INFORMATION

SUPPORTING THE ETHICAL PRACTICES OF IT USERS

Establishing guidelines of use of company software

Defining and Limiting the appropriate use of IT resources

Structuring Information Systems to protect data information

Installing and Maintaining Corporate firewall

SELF DISCUSSION ANAYLSYS

1. Your old room mare from college was recently let go from his firm during a wave of employee termination to reduce costs.you have kept in touch over the six years since schoolsand he has asked you to get a position in the IT organization where you work for. Your offered to review his resume make sure that it gets to the right person, and even put in a good work for him.However as you read the resume ,it is obvious that your friends has greatly exaggerated his accomplishment at his former place of work and even added some IT related certifications that you are sure he never earned. What would you do?

2.You are in charge of awarding all PC service contracts for your employer. In recent emails with the company PC service contractor, you casually exchanged ideas about home landscaping ,your favorite past time. You also mentioned that you would like to have a few bradford pear trees in your yard, along with a thank you note in your mail box from a PC service contractor. You really want the tree, but you didn’t mean for the contractor to buy them for you. You suspect that the contractor interpreted your email comment as a hint that you wanted him to buy a trees. You also worry that the contractor still has the email. If your contractor sent your boss a copy, it might look as if you were trying to solicit a bribe. Can be trees considered be a bribe? What would you do?

COMPUTER AND INTERNET CRIME

COMPUTER SECURITY RISKS

What is a computer security risk? Action that causes loss of or damage to computer

system.

COMPUTER VIRUSES, WORMS, AND TROJAN HORSES

What are viruses, worms, and Trojan horses?

Virus is a potentially damaging computer program

Worm copies itself repeatedly,

using up resources

and possibly shutting down computer or

network

Trojan horse hides within

or looks like legitimate

program until triggered

Payload (destructive event) that is

delivered when you open file, run infected program, or boot computer with infected disk

in disk driveCan spread and

damage files

Does not replicate itself on

other computers

How can a virus spread through an e-mail message?Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.

Step 2. They use the Internet to send the e-mail message to thousands of users around the world.

Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.

Step 3a. Some users open the attachment and their computers become infected with the virus.

How can you protect your system from a macro virus?

Set macro security level in applications that allow you to write macros.

At medium security level, warning displays that document contains macro Macros are instructions saved in

an application, such as word processing or spreadsheet program

What is an antivirus program?

Identifies and removes computer viruses

Most also protect against worms and Trojan horses

What is a virus signature?

Specific pattern of virus code Also called virus

definition. Antivirus programs look

for virus signatures

Keeps file in separate area of hard disk

How does an antivirus program inoculate a program file?

Records information

about program such

as file size and creation

dateAttempts to remove

any detected virus

Uses information to detect if

virus tampers

with fileQuarantines

infected files that it

cannot remove

What are some tips for preventing virus, worm, and Trojan horse infections?

Install a personalfirewall program

If the antivirus program flags an e-mail attachment as infected, delete

the attachment immediately

Set the macro security in programs so you

can enable or disable macros

Never open an e-mail attachment

unless you are expecting it and

it is from a trusted source

Install an antivirus program on all of your computers

Check all downloaded programs for

viruses, worms, or Trojan horses

What is a denial of service attack and back door?

A denial of service attack is an assault whichdisrupts computer access to an Internet service

such as the Web or e-mail

A back door is a program or set of instructionsin a program that allow users to bypass

security controls when accessing a computerresource

What is spoofing?Makes a network

or Internet Transmission appear legitimate

IP spoofing occurs when an intrudercomputer fools a network into believingits IP address is from a trusted source

Perpetrators of IP spoofing trick theirvictims into interacting

with a phony Web site

What is a firewall? Security system consisting of hardware and/or software

that prevents unauthorized intrusion

What is a personal firewall utility? Program that protects personal computer and its data from

unauthorized intrusions Monitors transmissions to and from computer Informs you of attempted intrusion

UNAUTHORIZED ACCESS AND USE

How can companies protect against hackers?

p. 564 - 565 Next

Intrusion detection softwareanalyzes network traffic, assesses

system vulnerabilities, and identifies intrusions and

suspicious behavior

Access control defines who can access computer & what actions

they can take

Audit trail records access attempts

What are other ways to protect your personal computer?

Disable file and printer sharing on Internet connection

File and printer sharing

turned off

What is a user name?

Unique combination of characters that identifies user

Password is private combination of characters associated with the user name that allows access to computer resources

How can you make your password more secure? Longer passwords provide greater security

What is a possessed object?

Item that you must carry to gain access to computer or facility

Often used with numeric password called personal identification number (PIN)

What is a biometric device?

Authenticates person’s identity using personal characteristic Fingerprint, hand

geometry, voice, signature, and iris

HARDWARE THEFT AND VANDALISM

What are hardware theft and hardware vandalism? Hardware theft is act of stealing

computer equipment Cables sometimes used to lock

equipment Some notebook computers use

passwords, possessed objects, and biometrics as security methods

For PDAs, you can password-protect the device

Hardware vandalism is act of defacing or destroying computer equipment

SOFTWARE THEFT

What is software theft?

Act of stealing or illegally copying

software or intentionally

erasing programs

Software piracy is illegal duplication of copyrighted software

SOFTWARE THEFT

What is a license agreement? Right to use software Single-user license

agreement allows user to install software on one computer, make backup copy, and sell software after removing from computer

SOFTWARE THEFT

What are some other safeguards against software theft?

Product activation allows user to input product identification number online or by phone and receive unique installation identification

number

Business Software Alliance (BSA) promotes better understanding of software piracy

problems

INFORMATION THEFT

What is encryption? Safeguards against information theft Process of converting plaintext (readable data) into ciphertext (unreadable characters) Encryption key (formula) often uses more than one method To read the data, the recipient must decrypt, or decipher, the data

INFORMATION THEFT

How can I encrypt the contents of files and folders in WindowsXP?

Secure site is Web site that uses

encryption to secure data

INTERNET SECURITY RISKS

How do Web browsers provide secure data transmission?

Digital certificate is notice that guarantees Web site is legitimate

Many Web browsers use encryption

What is a certificate authority (CA)?

Authorized person or company that issues and verifies digital certificates

Users apply for digital certificate from CA

What is Secure Sockets Layer (SSL)? Provides encryption of all data that passes between

client and Internet server

Web addresses beginning with “https” indicate secure connections

Undervoltage—drop in electrical supply

SYSTEM FAILURE

What is a system failure?

p. 574 Next

Overvoltage or power surge—

significant increase in electrical power

Noise—unwanted electrical signal

Caused by aging hardware, natural disasters, or electrical

power disturbances

Can cause loss of hardware, software, or data

Prolonged malfunction of computer

SYSTEM FAILURE

What is a surge protector? Protects computer and equipment

from electrical power disturbances

Uninterruptible power supply (UPS) is surge protector that provides power during power loss

BACKING UP — THE ULTIMATE SAFEGUARD

What is a backup?

Duplicate of file, program, or disk

Full backupall files in computer

Selective backupselect which files

to back up

Selective backupselect which files

to back up

Three-generation backup

preserves three copies of important files

Three-generation backup

preserves three copies of important files

In case of system failure or corrupted files, restore files by copying to original location

WIRELESS SECURITYHow can I ensure my wireless communication is secure? Secure your wireless access point (WAP) WAP should not broadcast your network name Enable Wired Equivalent Privacy or Wi-Fi Protected

Access (WPA)

ETHICS AND SOCIETY

What are computer ethics?

Information privacyInformation privacy

Intellectual property rights—rights to which creators are entitled for

their work

Intellectual property rights—rights to which creators are entitled for

their work

Software theftSoftware theft Information accuracyInformation accuracy

Codes of conductCodes of conduct

Unauthorized use of computers and

networks

Unauthorized use of computers and

networks

Moral guidelines that govern use of computers and information systemsMoral guidelines that govern use of computers and information systems

ETHICS AND SOCIETY

What is an IT code of conduct?

Written guideline that helps determine whether computer action is ethical

Employers can distribute to employees

INFORMATION PRIVACY

What is information privacy?

Legal for employers to use monitoring software programs

Difficult to maintain today because data is stored online

Employee monitoring is using computers to observe employee

computer use

Right of individuals and companies to deny or restrict collection and use of

information about them

INFORMATION PRIVACYWhat are some ways to safeguard personal

information?Fill in only necessary information

on rebate, warranty, and registration forms

Avoid shopping club and buyers cards

Install a cookie manager to filter cookies

Inform merchants that you do not want them to distribute

your personal information

Limit the amount of information you provide to Web sites; fill in only required information

Clear your history file when you are finished browsing

Set up a free e-mail account; use this e-mail address for

merchant forms

Turn off file and print sharing on your Internet connection

Install a personal firewall

Sign up for e-mail filtering through your

Internet service provider or use an antispam program,

such as Brightmail

Do not reply to spam for any reason

Surf the Web anonymously with a program such as Freedom Web Secure or through an anonymous

Web site such as Anonymizer.com

INFORMATION PRIVACY

What is an electronic profile? Data collected when

you fill out form on Web

Merchants sell your electronic profile

Often you can specify whether you want personal information distributed

INFORMATION PRIVACY

What is a cookie?

Set browser to accept cookies, prompt you to accept cookies,

or disable cookies

Some Web sites sell or trade information

stored in your cookies

Small file on your computer that contains

data about you

User preferences

Interests and

browsing habits

How regularly you visit Web sites

INFORMATION PRIVACY

How do cookies work?

INFORMATION PRIVACY

What are spyware, adware, and spam?

Spyware is program placed on computer without user’s knowledge

Adware is a programthat displays onlineadvertisements

Spam is unsolicited e-mail message sent to many recipients

INFORMATION PRIVACY

How can you control spam?

Collects spam incentral location

that you can view any time

Service that blocks e-mail

messages from designated

sources

E-mail filtering

Sometimes removes valid

e-mail messages

Attempts to remove spam

Anti-spam program

INFORMATION PRIVACY

What is phishing?

Scam in which a perpetratorsends an official looking

e-mail that attemptsto obtain your personal and

financial information

INFORMATION PRIVACY

What privacy laws have been enacted?

INFORMATION PRIVACY

What privacy laws have been enacted? (cont’d)

INFORMATION PRIVACY

What is content filtering?

p. 586 - 587 Fig. 11-31 Next

Process of restricting access to certain material

Internet Content Rating Association (ICRA) provides rating system of Web content

Web filtering software restricts access to specified sites

INFORMATION PRIVACY

What is computer forensics?

Also called digital forensics, network forensics, or cyber-forensics

Discovery, collection, and analysis of evidence found on computers and networks

Computer forensic analysts must have knowledge of the law, technical experience, communication skills, and willingness to learn

Computer vision syndrome (CVS)—eye and vision

problems

Computer vision syndrome (CVS)—eye and vision

problems

HEALTH CONCERNS OF COMPUTER USE

What are some health concerns of computer use?

Repetitive strain injury (RSI)Repetitive strain injury (RSI)

Computer addiction—when computer consumes entire

social life

Computer addiction—when computer consumes entire

social life

Tendonitis—inflammation of tendon due to repeated motionTendonitis—inflammation of

tendon due to repeated motion

Carpal tunnel syndrome (CTS)—inflammation of nerve that

connects forearm to palm

Carpal tunnel syndrome (CTS)—inflammation of nerve that

connects forearm to palm

What precautions can prevent tendonitis or carpal tunnel syndrome? Spread fingers apart for

several seconds while keeping wrists straight

Gently push back fingers and then thumb

Dangle arms loosely at sides and then shake arms and hands

How can you ease eyestrain when working at the computer?

What is ergonomics? Applied science devoted to comfort, efficiency, and safety

in workplacekeyboard height: 23” to 28”

feet flat on floor

adjustable height chair with 5 legs for stability

adjustable seat

adjustable backrest

elbows at 90° and arms and hands parallel to floor

What is green computing? Reducing electricity and environmental waste while

using computer

By : Mark Anthony P. Cezar. Overview of Ethics Ethics for IT Workers and IT Users Computer and...

Documents