Post on 13-Dec-2015
transcript
ETHICS IN IT
By : Mark Anthony P. Cezar
OUTLINE
Overview of EthicsEthics for IT Workers and IT Users Computer and Internet CrimePrivacyFreedom of ExpressionIntellectual PropertySoftware DevelopmentThe impact of technology on productivity and quality of lifeSocial NetworkingEthics of IT Organizations
Book Reference:
Ethics in Information TechnologyGEORGE W. REYNOLDSThird Edition
Ethics must begin at the top of an organization. It is a leadership issue and the chief executive must set an example.
-Edward Henessy
Each Society forms a set of rules that establishes the boundaries of generally accepted.
These rules made as MORAL CODE by which society lives.
The term MORALITY refers to social conventions about right and wrong that are so widely shared that they become basis for an established consensus.
What is Ethics?
A set of Beliefs about right and Wrong behavior within a society.
ETHICAL BEHAVIORConforms to generally accepted norms
IS LYING AND CHEATING UNETHICAL?Opinions about what constitutes ethical behavior often vary dramatically.
SOFTWARE PIRACY ?•A practice of making copies of software•Enable others to access software to which they are not entitled.
SOFTWARE PIRACY ?
In 2007.38 % of all software in circulation world wide was pirated.
Cost of nearly $48 billion
SOFTWARE PIRACY ?
The highest piracy rate 93% was in
Armenia, Bangladesh,Azerbaijan andMoldova.
The lowest piracy rates were inUnited States (20%)New Zealand (22%)
VIRTUES VERSUS VICES
VIRTUES Are incline people to do what is acceptableVICESAre habits and uacceptable behavior
VIRTUES VICES
Fairness Vanity
Generosity Greedy
Loyalty Envy
Anger
Virtues and Vices define people personal value system-complex scheme of moral values by which they live.
THE IMPORTANCE OF INTEGRITY
A person who acts with INTEGRITY acts in accordance with a personal code of principles. One of the cornerstone of ethical behavior-extending people same respect and consideration that you expect to receive from others.
THE DIFFERENCE OF MORALS,ETHICS AND LAWS
MORALAre one’s personal beliefs about right and wring, while the term ethics describes standard or codes of behavior expected of an individual by a group to which an individual belongs.
Example – Ethics of the Law Profession
Attorneys defend and accused client to the best of their ability, even if they know that the client is guilty of the most heinous and morally objectionable crime.
LAWIs a system of rules that tells us what we can and cannot do.
LAW are enforce by a set of institution.
LEGAL ACTS are acts that conform to the law.MORAL ACTS conform with what an individual believes the right thing to do.
Law can proclaim an act as legal, although many people consider it as immoral example – abortion.
ETHICS IN THE BUSINESS WORLDEthics has risen to the top of the business because the risks associated with inappropriate behavior have increased.
WHY FOSTERING GOOD BUSINESS ETHICS IS IMPORTANT.
Organization have five reason promoting work environment in which employees are encouraged to act ethically when making business decision.
1. Gaining the good will of the community
2. Creating an organization that operates consistently.
3. Fostering good business practices
4. Protecting the organization and its employees from legal action.
5. Avoiding unfavorable publicity.
MICROSOFT STATEMENT OF VALUES
As a company and as individual we value integrity, honesty, openness, personal excellence, constructive self criticism, continual self improvement and mutual respect. We are committed to our customers and partners and have passion in technology.
Approach to dealing with moral issues
Principle
Virtue Ethics Approach The Ethical choice best reflects in moral virtues in yourself and in community
Utilitarian Approach The ethical choice produces the greatest excess of benefits over harm
Fairness Approach The ethical choice treats everyone the same and shows no favoritism and discrimination
Common Good Approach The ethical choice advance the common good
Four common approaches to ethical decision making
Example that raise public concern about the ethical use of information technology.
1. Many employees might have their email and internet access monitored while at work , as employee struggle to balance their need to manage important company asset and work time with employee desire for privacy and self direction.
2. Millions of people have downloaded music and movies at no charge and in apparent violations of copyright laws at tremendous expense to the owner of those copyrights.
3. Organization contact million of people world through unsolicited email(spam) as an extremely low cost marketing approach.
4. Hackers break into databases of financial and retail institutions to steal customer information, then use it to commit identity theft-opening new accounts and charging purchases to unsuspecting victim.
5.Students around the world have been caught downloading material from the web and plagiarizing content for their term papers.
6. Web site plant cookies or spyware on visitors hard drive to attack their online purchases and activities.
SELF DISCUSSION ANAYLSYS - Seatwork
1.You are a recent graduate of a well respected business school, but you are having problems getting a job.You worked with a professional resume service to develop a well written resume and placed in on several websites:you also sent it directly to contacts a dozen companies.So far you have not even had an invitation for an interview. You know that one of your shortcomings is that you have no real job experience to speak of.You are considering beefing up your resume by exaggerating the extent of the class project you worked on for a few weeks under the supervision of your brother in law. You could reword your resume to make it sound as if your actually employed and that your responsibilities were greater than they actually were. What should you do?
SELF DISCUSSION ANAYLSYS - Seatwork
2. A coworker calls you at 9:00 am at work ad asks for a favor. He is having in car trouble and will be an hour late for work. He explains that he has already been late for work twice this month and that a third time will cost him four hours of pay. He asks you to stop to his cubicle turn his computer on and place some papers on the desk so that it appears that he is in. You have worked on some small projects with this co worker and have gone lunch together. He seems nice enough and does his share of the work, but you are not sure what to tell him. What would you do?
Ethics for IT Workers and IT USERS
Professionalism : It is not the job you do ,It is how you do the job.
IT Technicians fired after reporting child Porn.
ARE IT WORKERS PROFESSIONAL?
A PROFESSION is a calling that requires specialized knowledge and often and intensive academic preparation.
FROM A LEGAL PERSPECTIVE – IT workers are not recognized as professional because they are not licensed by the state.
As Many courts have rules that IT workers are not liable for malpractice because they do not meet the legal deffinition
ARE IT WORKERS PROFESSIONAL?.
For Example:
Doctor Prescribe of correct drugs and medication
Professional exercise and carry rights in a lifelong training program
ALTHOUGH . . .
Not legally classified as professional , IT workers are considered part of the professional service industry.
An IT workers provides services to clients.
IT Workers provide hardware and software services and works to act in the client’s best interest.
PROFFESIONAL RELATIONSHIP THAT MUST BE MANAGED
IT workers typically become involved in many different relationships including those employers, clients, supplier and other professional.
BUSINESS SOFTWARE ALLIANCE
Is a trade group that represents the worlds largest software and hardware manufacturers.
Mission is to stop unauthorized copying of software.
Check BSA WEBsite
TRADE SECRET
Information generally unknown to the public and that the company has taken strong measures to keep it confidential.
WHISTLE BLOWING
Is an effort by an employee to attract attention to a negligent, illegal ,, unethical ,abusive or dangerous act by a company that threatens the public interest.
FRAUD
Is the crime of obtaining good ,services or property through deception or trickery.
To prove fraud in a court of law four elements must be demonstrate.
1.Wrongdoer demonstrate false representation of material fact.2.Wrongdoer intended to deceive the innocent party.3.Innocent party justifiably relied on misrepresentation4.Innocent party was injured.
MISREPRESENTATION
Misstatement or incomplete statement of material fact. If the misrepresentation causes the other party to enter in a contract that party may have the legal right to cancel the contract or seek reimbursement for damages.
BREACH OF CONTRACT
Occurs when one party fails to meet the terms of a contact.
MATERIAL BREACH OF CONTRACT
Occurs when a party fails to perform certain express or implied obligation.
FREQUENT CAUSES OF PROBLEMS IN IT PROJECTS
Customer change the scope of the project or the system requirementsPoor communication between customer and vendor leads to performance that does not meet expectationVendor delivers a system that meets the customer requirement, but a competitor comes out with a system that offers more advanced and useful featuresCustomer fails to reveals information about legacy systems or databases that make the new system extremely difficult to implement
IT WORKERS AND SUPPLIER
IT workers deal with many different hardware and software and service providers. Most IT understand that building a good working relationship with supplier encourages the flow of communication as well as the sharing of ideas.
BRIBERY involves providing money property and favors to someone in business or government to obtain business advantage.
Example
Software supplier sales representative who offers money to another company employee to get its business.
DISTINGUISHING BETWEEN BROBERY AND GIFTS
BRIBES GIFTS
Made in secret, as they are neither legally nor morally acceptable
Made openly in public, as a gesture of friendship or goodwill
Are often made indirectly through a third party
Are made directly from donor to recipient
Encourage an obligation for the recipient to act favorably toward the donor
Come with no expectation of a future favor for the donor
IT WORKERS AND OTHER PROFESSIONAL
A number of ethical problem can arise among members of the IT profession. One of the most common is RESUME INFLATION which involves lying on a resume and claiming competence in IT skill that is in high demand, Even though an IT worker might benefit in short term by exaggerating hier or her qualification. Such an action can hurt the profession and individual in the long run.
Another Ethical issue is the inappropriate sharing of corporate information. IT workers have access to corporate databases of private and confidential information about employees, customers, suppliers, new product plan, promotions, budget and so on.
IT WORKERS AND IT USERS
IT USER distinguish as the person who uses a hardware and software product from the it worker who develop install, service and support the product.
IT user needs to deliver organization benefits to increase productivity.
PROFESSIONAL CODE OF ETHICS
States the principles and core values are essential to the work of a particular occupational group.
PRINCIPLE IN PROFESSIONAL CODE OF ETHICS
Ethical Decision Making
High Standard of Practice and Ethical Behavior
Trust and Respect from the general public
Evaluation Benchmark
POFESSIONAL ORGANIZATION
ACM - Association for computing machinery
AITP – Association of Information Technology Professional
IEEE-CS Institute of Electrical and Electronics Engineers Computer Society
PMI – Project Management Institute
SNA - SysAdmin, Audit, Network Security
CERTIFICATION
Indicates that a professional posses a particular set of skills, knowledge or abilities, in the opinion of certifying organization.
VENDOR CERTIFICATION
Many IT vendors – such as CISCO, IBM, MICROSOFT, Sun, Sap and Oracle – offer certification program for their products.
Workers who successfully complete a program can represent themselves as certified users of manufacturers product.
THE CASE FOR LICENSING IT WORKERS
The days of simple, stand-alone information systems are over. Modern systems are highly complex, interconnected and critically dependent on one another.
IT PROFESSIONAL MALPRACTICE
NEGLIGENCE has been defined as not doing something that a reasonable person would do, or doing something that a reasonable person would not do.
DUTY OF CARE refers to the obligation to protect people against unreasonable harm or risk.
COMMON ETHICAL ISSUES FOR IT USERS
SOFTWARE PIRACY
INAPPROPRIATE USE OF COMPUTING RESOURCE
INAPPROPRIATE SHARING OF INFORMATION
SUPPORTING THE ETHICAL PRACTICES OF IT USERS
Establishing guidelines of use of company software
Defining and Limiting the appropriate use of IT resources
Structuring Information Systems to protect data information
Installing and Maintaining Corporate firewall
SELF DISCUSSION ANAYLSYS
1. Your old room mare from college was recently let go from his firm during a wave of employee termination to reduce costs.you have kept in touch over the six years since schoolsand he has asked you to get a position in the IT organization where you work for. Your offered to review his resume make sure that it gets to the right person, and even put in a good work for him.However as you read the resume ,it is obvious that your friends has greatly exaggerated his accomplishment at his former place of work and even added some IT related certifications that you are sure he never earned. What would you do?
SELF DISCUSSION ANAYLSYS
2.You are in charge of awarding all PC service contracts for your employer. In recent emails with the company PC service contractor, you casually exchanged ideas about home landscaping ,your favorite past time. You also mentioned that you would like to have a few bradford pear trees in your yard, along with a thank you note in your mail box from a PC service contractor. You really want the tree, but you didn’t mean for the contractor to buy them for you. You suspect that the contractor interpreted your email comment as a hint that you wanted him to buy a trees. You also worry that the contractor still has the email. If your contractor sent your boss a copy, it might look as if you were trying to solicit a bribe. Can be trees considered be a bribe? What would you do?
COMPUTER AND INTERNET CRIME
COMPUTER SECURITY RISKS
What is a computer security risk? Action that causes loss of or damage to computer
system.
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What are viruses, worms, and Trojan horses?
Virus is a potentially damaging computer program
Worm copies itself repeatedly,
using up resources
and possibly shutting down computer or
network
Trojan horse hides within
or looks like legitimate
program until triggered
Payload (destructive event) that is
delivered when you open file, run infected program, or boot computer with infected disk
in disk driveCan spread and
damage files
Does not replicate itself on
other computers
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
How can a virus spread through an e-mail message?Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.
Step 2. They use the Internet to send the e-mail message to thousands of users around the world.
Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.
Step 3a. Some users open the attachment and their computers become infected with the virus.
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
How can you protect your system from a macro virus?
Set macro security level in applications that allow you to write macros.
At medium security level, warning displays that document contains macro Macros are instructions saved in
an application, such as word processing or spreadsheet program
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is an antivirus program?
Identifies and removes computer viruses
Most also protect against worms and Trojan horses
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is a virus signature?
Specific pattern of virus code Also called virus
definition. Antivirus programs look
for virus signatures
Keeps file in separate area of hard disk
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
How does an antivirus program inoculate a program file?
Records information
about program such
as file size and creation
dateAttempts to remove
any detected virus
Uses information to detect if
virus tampers
with fileQuarantines
infected files that it
cannot remove
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What are some tips for preventing virus, worm, and Trojan horse infections?
Install a personalfirewall program
If the antivirus program flags an e-mail attachment as infected, delete
the attachment immediately
Set the macro security in programs so you
can enable or disable macros
Never open an e-mail attachment
unless you are expecting it and
it is from a trusted source
Install an antivirus program on all of your computers
Check all downloaded programs for
viruses, worms, or Trojan horses
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is a denial of service attack and back door?
A denial of service attack is an assault whichdisrupts computer access to an Internet service
such as the Web or e-mail
A back door is a program or set of instructionsin a program that allow users to bypass
security controls when accessing a computerresource
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is spoofing?Makes a network
or Internet Transmission appear legitimate
IP spoofing occurs when an intrudercomputer fools a network into believingits IP address is from a trusted source
Perpetrators of IP spoofing trick theirvictims into interacting
with a phony Web site
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is a firewall? Security system consisting of hardware and/or software
that prevents unauthorized intrusion
COMPUTER VIRUSES, WORMS, AND TROJAN HORSES
What is a personal firewall utility? Program that protects personal computer and its data from
unauthorized intrusions Monitors transmissions to and from computer Informs you of attempted intrusion
UNAUTHORIZED ACCESS AND USE
How can companies protect against hackers?
p. 564 - 565 Next
Intrusion detection softwareanalyzes network traffic, assesses
system vulnerabilities, and identifies intrusions and
suspicious behavior
Access control defines who can access computer & what actions
they can take
Audit trail records access attempts
UNAUTHORIZED ACCESS AND USE
What are other ways to protect your personal computer?
Disable file and printer sharing on Internet connection
File and printer sharing
turned off
UNAUTHORIZED ACCESS AND USE
What is a user name?
Unique combination of characters that identifies user
Password is private combination of characters associated with the user name that allows access to computer resources
UNAUTHORIZED ACCESS AND USE
How can you make your password more secure? Longer passwords provide greater security
UNAUTHORIZED ACCESS AND USE
What is a possessed object?
Item that you must carry to gain access to computer or facility
Often used with numeric password called personal identification number (PIN)
UNAUTHORIZED ACCESS AND USE
What is a biometric device?
Authenticates person’s identity using personal characteristic Fingerprint, hand
geometry, voice, signature, and iris
HARDWARE THEFT AND VANDALISM
What are hardware theft and hardware vandalism? Hardware theft is act of stealing
computer equipment Cables sometimes used to lock
equipment Some notebook computers use
passwords, possessed objects, and biometrics as security methods
For PDAs, you can password-protect the device
Hardware vandalism is act of defacing or destroying computer equipment
SOFTWARE THEFT
What is software theft?
Act of stealing or illegally copying
software or intentionally
erasing programs
Software piracy is illegal duplication of copyrighted software
SOFTWARE THEFT
What is a license agreement? Right to use software Single-user license
agreement allows user to install software on one computer, make backup copy, and sell software after removing from computer
SOFTWARE THEFT
What are some other safeguards against software theft?
Product activation allows user to input product identification number online or by phone and receive unique installation identification
number
Business Software Alliance (BSA) promotes better understanding of software piracy
problems
INFORMATION THEFT
What is encryption? Safeguards against information theft Process of converting plaintext (readable data) into ciphertext (unreadable characters) Encryption key (formula) often uses more than one method To read the data, the recipient must decrypt, or decipher, the data
INFORMATION THEFT
How can I encrypt the contents of files and folders in WindowsXP?
Secure site is Web site that uses
encryption to secure data
INTERNET SECURITY RISKS
How do Web browsers provide secure data transmission?
Digital certificate is notice that guarantees Web site is legitimate
Many Web browsers use encryption
INTERNET SECURITY RISKS
What is a certificate authority (CA)?
Authorized person or company that issues and verifies digital certificates
Users apply for digital certificate from CA
INTERNET SECURITY RISKS
What is Secure Sockets Layer (SSL)? Provides encryption of all data that passes between
client and Internet server
Web addresses beginning with “https” indicate secure connections
Undervoltage—drop in electrical supply
SYSTEM FAILURE
What is a system failure?
p. 574 Next
Overvoltage or power surge—
significant increase in electrical power
Noise—unwanted electrical signal
Caused by aging hardware, natural disasters, or electrical
power disturbances
Can cause loss of hardware, software, or data
Prolonged malfunction of computer
SYSTEM FAILURE
What is a surge protector? Protects computer and equipment
from electrical power disturbances
Uninterruptible power supply (UPS) is surge protector that provides power during power loss
BACKING UP — THE ULTIMATE SAFEGUARD
What is a backup?
Duplicate of file, program, or disk
Full backupall files in computer
Full backupall files in computer
Selective backupselect which files
to back up
Selective backupselect which files
to back up
Three-generation backup
preserves three copies of important files
Three-generation backup
preserves three copies of important files
In case of system failure or corrupted files, restore files by copying to original location
WIRELESS SECURITYHow can I ensure my wireless communication is secure? Secure your wireless access point (WAP) WAP should not broadcast your network name Enable Wired Equivalent Privacy or Wi-Fi Protected
Access (WPA)
ETHICS AND SOCIETY
What are computer ethics?
Information privacyInformation privacy
Intellectual property rights—rights to which creators are entitled for
their work
Intellectual property rights—rights to which creators are entitled for
their work
Software theftSoftware theft Information accuracyInformation accuracy
Codes of conductCodes of conduct
Unauthorized use of computers and
networks
Unauthorized use of computers and
networks
Moral guidelines that govern use of computers and information systemsMoral guidelines that govern use of computers and information systems
ETHICS AND SOCIETY
What is an IT code of conduct?
Written guideline that helps determine whether computer action is ethical
Employers can distribute to employees
INFORMATION PRIVACY
What is information privacy?
Legal for employers to use monitoring software programs
Difficult to maintain today because data is stored online
Employee monitoring is using computers to observe employee
computer use
Right of individuals and companies to deny or restrict collection and use of
information about them
INFORMATION PRIVACYWhat are some ways to safeguard personal
information?Fill in only necessary information
on rebate, warranty, and registration forms
Avoid shopping club and buyers cards
Install a cookie manager to filter cookies
Inform merchants that you do not want them to distribute
your personal information
Limit the amount of information you provide to Web sites; fill in only required information
Clear your history file when you are finished browsing
Set up a free e-mail account; use this e-mail address for
merchant forms
Turn off file and print sharing on your Internet connection
Install a personal firewall
Sign up for e-mail filtering through your
Internet service provider or use an antispam program,
such as Brightmail
Do not reply to spam for any reason
Surf the Web anonymously with a program such as Freedom Web Secure or through an anonymous
Web site such as Anonymizer.com
INFORMATION PRIVACY
What is an electronic profile? Data collected when
you fill out form on Web
Merchants sell your electronic profile
Often you can specify whether you want personal information distributed
INFORMATION PRIVACY
What is a cookie?
Set browser to accept cookies, prompt you to accept cookies,
or disable cookies
Some Web sites sell or trade information
stored in your cookies
Small file on your computer that contains
data about you
User preferences
Interests and
browsing habits
How regularly you visit Web sites
INFORMATION PRIVACY
How do cookies work?
INFORMATION PRIVACY
What are spyware, adware, and spam?
Spyware is program placed on computer without user’s knowledge
Adware is a programthat displays onlineadvertisements
Spam is unsolicited e-mail message sent to many recipients
INFORMATION PRIVACY
How can you control spam?
Collects spam incentral location
that you can view any time
Service that blocks e-mail
messages from designated
sources
E-mail filtering
Sometimes removes valid
e-mail messages
Attempts to remove spam
Anti-spam program
INFORMATION PRIVACY
What is phishing?
Scam in which a perpetratorsends an official looking
e-mail that attemptsto obtain your personal and
financial information
INFORMATION PRIVACY
What privacy laws have been enacted?
INFORMATION PRIVACY
What privacy laws have been enacted? (cont’d)
INFORMATION PRIVACY
What is content filtering?
p. 586 - 587 Fig. 11-31 Next
Process of restricting access to certain material
Internet Content Rating Association (ICRA) provides rating system of Web content
Web filtering software restricts access to specified sites
INFORMATION PRIVACY
What is computer forensics?
Also called digital forensics, network forensics, or cyber-forensics
Discovery, collection, and analysis of evidence found on computers and networks
Computer forensic analysts must have knowledge of the law, technical experience, communication skills, and willingness to learn
Computer vision syndrome (CVS)—eye and vision
problems
Computer vision syndrome (CVS)—eye and vision
problems
HEALTH CONCERNS OF COMPUTER USE
What are some health concerns of computer use?
Repetitive strain injury (RSI)Repetitive strain injury (RSI)
Computer addiction—when computer consumes entire
social life
Computer addiction—when computer consumes entire
social life
Tendonitis—inflammation of tendon due to repeated motionTendonitis—inflammation of
tendon due to repeated motion
Carpal tunnel syndrome (CTS)—inflammation of nerve that
connects forearm to palm
Carpal tunnel syndrome (CTS)—inflammation of nerve that
connects forearm to palm
HEALTH CONCERNS OF COMPUTER USE
What precautions can prevent tendonitis or carpal tunnel syndrome? Spread fingers apart for
several seconds while keeping wrists straight
Gently push back fingers and then thumb
Dangle arms loosely at sides and then shake arms and hands
HEALTH CONCERNS OF COMPUTER USE
How can you ease eyestrain when working at the computer?
HEALTH CONCERNS OF COMPUTER USE
What is ergonomics? Applied science devoted to comfort, efficiency, and safety
in workplacekeyboard height: 23” to 28”
feet flat on floor
adjustable height chair with 5 legs for stability
adjustable seat
adjustable backrest
elbows at 90° and arms and hands parallel to floor
HEALTH CONCERNS OF COMPUTER USE
What is green computing? Reducing electricity and environmental waste while
using computer
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS
SELF DISCUSSION ANAYLSYS