Meeting in _General_-20241203_135928-Meeting Recording
Exam Overview
Exam Date: Scheduled for this Thursday.
Format: 20 True/False questions and 20 Multiple Choice questions.
Topics Covered: Ethical and security issues in business and information systems.
Unit 8: Ethical Responsibility of Business Professionals
Definition: Business professionals must promote the ethical use of information systems.
Key Focus: Ethical guidelines for technology usage in organizations.
University Guidelines: All students should familiarize themselves with the appropriate use of IT resources, including email and network services.
General Categories of Ethical Business Issues:
Equity: Intellectual property rights.
Rights: Customer and employee privacy.
Honesty: Security of company information.
Exercise of Corporate Power: Ensuring workplace safety.
Principles of Technology Ethics
Proportionality: Benefits of technology must outweigh potential harm.
Informed Consent: Affected individuals must understand risks and accept them.
Fair Distribution of Burdens: Equitably distribute the burdens and risks associated with technology.
Minimized Risk: Avoid unnecessary risks even if other guidelines are followed.
Privacy Issues
Control Over Privacy: Individuals control their privacy through:
Choice: Deciding access levels from total privacy to full publicity.
Consent: Granting access to restricted information.
Correction: Updating and correcting personal information.
Surveillance Concerns: Monitoring employees raises ethical questions about privacy.
University Email Monitoring: University has access to emails created or sent through university accounts.
Web Browsing: Users are tracked via cookies, which customize future visits to websites.
Legal Implications of Privacy
Data Collection Practices: Governments and organizations can sell personal data legally.
Monitoring and Advertising: Consumers trade privacy for personalized services.
Social Media Caution: Information shared online can have long-term consequences, especially regarding job applications.
Health Information Protection: Laws like HIPAA protect sensitive health information:
HIPAA: Enforces strict regulations on the handling of health data.
Security Issues
Management Perspective: Security is a management issue, not just a technical one.
Security Protocols: 3 levels of security measures:
Preventive: Actions taken to prevent security incidents (authentication and authorization).
Detective: Systems to identify breaches (log analysis, intrusion detection systems).
Corrective: Measures to respond to and repair damage from security incidents (incident response teams, patch management).
Preventive Measures
Types of Authentication:
What You Have: Smart cards, ID badges, traditional keys.
What You Know: Passwords, PINs.
Who You Are: Biometric identification (fingerprints, facial recognition).
Authorization Controls: Restrict user access based on profiles; access control metrics guide permission levels.
Detective Measures
Log Analysis: Continuous monitoring to detect unauthorized access and assess compliance.
Intrusion Detection Systems: Automate monitoring to log network traffic and identify potential threats.
Corrective Measures
Emergency Response Systems: Designate teams to manage security issues effectively.
Patches: Regular updates to software to fix bugs and security vulnerabilities.
Encryption: Scrambles data to protect sensitive information from unauthorized access.
Computer Crime and Security Threats
Types of Computer Crime:
Hacking, cyber theft, software piracy, and unauthorized use of systems.
Malicious Software: Difference between viruses (affect single computers) and worms (spread through networks).
Denial of Service Attacks: Overload systems by using multiple compromised devices (zombie computers).
Green Computing
Energy Efficiency: The rising energy demands of IT require socially responsible consumption approaches.
Debate on Electric Vehicles: Concerns about fossil fuels still being the primary source of electricity that powers EVs.
Exam Preparations
Key Topics for Review:
Foundations of information systems.
Computer hardware and memory types.
Differences between system and application software.
Importance of database management and telecommunications.
Client-server models and network security.
Ethical, legal, and security issues in business.
Final Reminders
Stay aware of the exam structure and content.
Complete course evaluations if applicable; participate actively.