Explain the ethical issues surrounding information technology.
Information ethics are concerned with the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution and processing of information itself. Ethical issues surrounding information technology include: Privacy- the interest of a person in protecting their life from unwanted intrusion and public scrutiny; and Confidentiality- the principle that certain information will remain outside the public domain.
Describe the relationship between an ‘email privacy policy’ and an ‘Internet use policy’.
An email privacy policy is where companies can mitigate many of the risks using by electronic messaging systems. Where an Internet use policy contains general principles to guide the proper use of the internet.
Summarise the five steps to creating an information security plan
The five steps of creating an internet security plan include:
1. Developing the information security policies- Identify who is responsible and accountable for designing and implementing the organisations information security policies
2. Communicating the information security policies- training all employees on the policies and establishing clear expectations for the following policies.
3. Identifying critical information assets and risks- requiring the use of user ID's passwords and antivirus software on all systems
4. Testing and re-evaluating risks- continually perform security reviews, audits, background checks and security assessments
5. Obtaining stakeholder support- gain the approval and support of the information security policies from the board of directors and all stakeholders
What do the terms; authentication and authorization mean, how do they differ, provide some examples of each term.
Authentication: a method for confirming user identities.
Authorisation: the process of giving someone permission to do or have something.
Authentication and authorisation differ as Authentication is for confirming an identity and Authorisation is giving permission to use details. Examples of these terms are use of names, credit card details, birth dates and addresses.
What are the Five main types of Security Risks, suggest one method to prevent the severity of risk?
The five main types of security risks are:
1. Identity Theft- the forging of someones identity for the purpose of fraud
2. Phishing- a technique used to gain personal information for the purpose of identity theft, usully by means of fraudulent email.
3. Tokens- small electronic devices that change user passwords automatically
4. Smart Card- a device that is around the same size as a credit card, contains embedded technologies that can store information and small amounts of software to perform some limited processing/
5. Biometrics- the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice or handwriting.
To help prevent risk change passwords regularly and keep anti virus software up to date.
All answers came from Business Driven Information Systems (Baltzan, Phillips, Lynch, Blakey)
No comments:
Post a Comment