1. Explain the ethical issues surrounding information technology.
The ethical issues surrounding copyright infringement and intellectual property rights are consuming the e business world. Advances in technology make it easier for people to copy everything from music to picture.
• Intellectual property – the collect of rights that protects creative and intellectual effort.
• Copyright – the exclusive right to do, or certain acts with intangible property such as a song, video game and some types of proprietary documents.
• Fair use doctrine – in certain situations, it is legal to use copyright material.
• Pirated software – the unauthorised use, duplication, distribution, or sale of copyright software.
• Intellectual property – the collect of rights that protects creative and intellectual effort.
• Copyright – the exclusive right to do, or certain acts with intangible property such as a song, video game and some types of proprietary documents.
• Fair use doctrine – in certain situations, it is legal to use copyright material.
• Pirated software – the unauthorised use, duplication, distribution, or sale of copyright software.
2. Describe the relationship between an ‘email privacy policy’ and an ‘Internet use policy’.
Email privacy policy is so pervasive in organization that it requires its own specific policy. According to experts in the field such as David Thompson, Managing Director of AXS-One pty ltd, 80% of corporate communication is done electronically via email and instant messaging.
Internet use policy is similar to email, the internet has some unique aspects that make it a good candidate for its own policy. These include the large amounts of computing resources that Internet users can expend, thus making it essential that such use be legitimate. An internet use policy contains general principles to guide the proper use of the internet.
3. Summaries the five steps to creating an information security plan.
• Develop the information security policies – identify who is responsible and accountable for designing and implementing the organization’s information security policies.
• Communicate the information security policies – train all employees on the policies and establish clear expectations for the policies.
• Identify critical information assets and risks – require the use of passwords, and ID cards and antivirus software on all systems.
• Test and re-evaluate risks – continually problems security reviews, audits, background checks and security assessments.
• Obtain stakeholder support – gain the approval and support of the information security policies from the board of directors and all stakeholders.
4. What do the terms; authentication and authorization mean, how do they differ, provide some examples of each term.
Authentication is a method for configuring user’s identities. A password is an example of authentication. Using password helps to identify individual user.
Authorization is the process of giving someone permission to do something or access files or confidential documents.
5. What the Five main types of Security Risks, suggest one method to prevent the severity of risk?
• Human error
• Technical failure
• Natural Disaster
• Management failure
• Deliberate acts