Ethics and Information Security: Presented by

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 15

Ethics and Information Security

Presented By:
Maham Iqbal
Farwa Iqbal
Fatima Mohisn
Contents
• Ethics & Information Ethics
• Ethical Issues
Ethics & Information Ethics
• Ethics: the principles and standards
that guide our behavior towards
people.
• Governs the ethical and moral issues
of information technology
Ethical Issues
• Copyright: legal protection afforded an
expression of idea, song and book etc.
• Intellectual property: includes copyright,
trademarks and patents.
• Pirated software: is the unauthorized
use, duplication, distribution of
copyrighted software.
• Counterfeit software: manufactured to
look like a real thing
Ethical Issues
Major Ethical Issue
• Privacy: it is the right to be left alone
when you want to be, to have control
over your own personal possessions and
not to be observed without your
consent.
• Confidentiality: the assurance that
messages and information remain
available to authorized users.
Individuals: An Ethical component
of IT
• Individuals copy, use and distribute
software
• Search organizational databases for
personal information
• Create and spread viruses in IT systems
• Hack into computers systems to steal
information
• Destroy proprietary information such as
customer lists and reports.
Information Does Not Have Ethics,
People Do
• It does not know how it is used.
• It will not stop itself from spreading
viruses or revealing details.
• Acting ethically and legally are not
always same
Developing Information
Management Policies
Ethical Computer Use Policy
• Examples of unethical computer use
 Cyber bullying
 Click-fraud
Ethical Computer Use Policy
• It contains general principles to guide
computer user behavior.
• Example: it might refrain the user to
play games in working hours.
• The users should be informed of the
rules, by agreeing to use the system
on the basis, consent to abide by
them.
Ethical Computer Use Policy
• BYOD policy: allows employees to use their own
personal devices to access enterprise data and
applications.
• Provides
 Unlimited access for personal devices
 Access only to non sensitive systems and data
 Access, but with IT control over personal
devices
 Access, but preventing local storage of data on
personal devices
Information Privacy Policy
• It contains general principles of
information privacy
• Example:
Acceptable Use Policy
• It requires a user to agree to follow
to be provided access to email, IS and
internet.
• Nonrepudiation

You might also like