BUS508_ assignment 4
BUS508_ assignment 4
Popular in Course
verified elite notetaker
Popular in Department
This 8 page Study Guide was uploaded by kimwood Notetaker on Friday November 6, 2015. The Study Guide belongs to a course at a university taught by a professor in Fall. Since its upload, it has received 17 views.
Reviews for BUS508_ assignment 4
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 11/06/15
ETHICS IN BUINESS Production and Operations Management Jessica J. Clifton The Business Enterprise Dr. Cynthia Davies June 6, 2011 1 Abstract Business Ethics is the applied ethics discipline that addresses the moral features of commercial activity. Programs of legal compliance, empirical studies all made into the moral beliefs and attitudes that business people follow. Although selfconscious, academic business ethics is relatively new and has its intellectual roots in the corporate social responsibility (CSR) and businessandsociety writings that originated in law and in business in the early and middle 20th century. With recent moral and financial failures still fresh in the hearts and wallets of many Americans it seems evident more now than ever the corporate focus has returned to how it was in early in the academics of business ethics. Originally the concerns were centrally with questions about the corporation's proper role in and relationship to the social order. Now again questions that surround the “moral status of a corporation, have taken center stage, followed by two other key CSR questions, “Is the corporation a moral agent, distinct from the persons who compose it?” and morally, “how or in whose interests ought the corporation to be managed?” ("Business ethics," May) Determine if hacking into a Web site is ever justifiable, applying your theory to a real world case in which someone hacked into a system, including the name of the company and details. It is reported that The Goatse Security Firm has hacked the website of AT&T, The hacking group, which calls itself ‘Goatse Security’ says it specializes in exposing security vulnerabilities. They claim to of hacked AT&T to gain access to the Apple iPad; in the process they harvested an estimated 114,000 Apple iPad 3G owner email addresses and also the identification number that those iPads use when they communicate over AT&T’s network known as an ICCID. Goatse has defended their actions as "ethical" and right. AT&T has since disabled the feature the story was first reported the story, Goatse waited until AT&T had closed the hole before revealing its findings. They defended the release as "responsible disclosure" the term given to security revelations made public only after a vendor has patched a bug or otherwise prevented vulnerability. The group said the disclosure needed to be made and claimed that iPad 3G users had the right to know that their email addresses were potentially public knowledge so they could take steps to mitigate the issue like changing their email address. (Bilton June) When it come to internet security and personal information it is indeed very important to have like a watch dog type agency, however the responsibility is to high to be left up to renegades or some vigilante type agencies. In the interest of public safety and internet security firms like Goatse must themselves be screened policed and regulated. For example on June 3, 2011 Yahoo news reported that according to a UK news Journal The Telegraph a team of hackers working for M16 recently successfully switched an AlQaeda bomb making guide for a far less incendiary cupcake recipe. The operation rendered a 67page guide on how to “Make a bomb in the Kitchen of your Mom” posted on AlQaeda’s Englishlanguage online magazine Inspire into a page of garbled gibberish. That gibberish, as it turns out, was actually an encrypted form of “How to Make the Best Cupcakes in America” published by Ellen DeGeneres’ talk show. This was a controlled highly regulated assignment that was deemed a success due to the disruption of access to life threading information. Had this same operation taken place in the private sector the implications could have been disastrous because if the implications of the British tampering with alQaeda resulted in retaliation by some Jihadist the military would not have been properly prepared to protect us. (Duncan, June) The incident with Goatse is so disturbing due to the number of people that we potential exposed, and while it is in the public interest to have firms whose business is to expose these vulnerabilities in our systems. So while I agree their stated objective I disagree with their methods. You can’t fix the laws by circumventing it, and their actions are a violation even if the goal is for good. Since this incident involved data that was gathered from a public web server with no password, it was accessible by anyone on the Internet. The list of email addresses included military personnel, staff members in the Senate and the House, and people at the Justice Department, NASA and the Department of Homeland Security. Privatesector addresses that were exposed include those of executives at The New York Times, Dow Jones, Viacom, Time Warner, the News Corporation and HBO. With the identities of the members of this organization are all a secret so who is to say none of its members are not themselves terrorist. . (Bilton June) Create a corporate ethics statement for a computer security firm that would allow or even encourage activities like hacking. I n the computer world the term ethical hacker describes what many have coined as white hat hackers, like a white lie a white hat hacker works to protect a system from harm or malice. In addition, security implications and designing security procedures into networks and corporate perimeters are integral in this process. An ethical hackers is usually directed at companies that undertake to develop polices/procedures or indeed audit the protection of an organization’s information/data assets. The majority of specialized ethical hacking professionals seek employment at companies that need their particular skill sets or might be planning to start their own computer security companies. On the other side of it is a black hat hacker or simply a criminal hacker is the one who breaks into a computer system or network with malicious intent. The black hat hacker takes advantage of the breakin, perhaps destroying files or stealing data for some future purpose. He/she may also make the exploit known to other hackers and/or the public without notifying the victim. This gives others the opportunity to exploit the vulnerability before the organization is able to secure it. The term comes from old Western movies, where heroes often wore white hats and the bad guys wore black hats. . (Wilson March) If I were the founding partner of Big Brother Security dba, BBS LLC after carefully putting a team of talented hackers together then I would put the following statement of ethics in place. BBS is committed to principles of business ethics and lawful conduct. It is BBS’s policy to conduct itself ethically and lawfully in all matters and to maintain BBS’s high standards of business integrity. . (Wilson March) Employees must at all times comply with BBS’s business conduct and related guidelines. Violation of any BBS guideline is cause for discipline, including dismissal from the company. Employees should consult their management immediately if they have any question whether their actions or the actions of a team member could violate a BBS guideline. Furthermore, it is BBS’s practice to voluntarily and promptly disclose known violations of laws to appropriate officials of government. In the event that BBS benefited economically from such known violations, it is our practice to reimburse the government accordingly. BBS employees should immediately make known to appropriate levels of management, either directly or through an Open Door program, any and all allegations of violations in connection with any government agency.( Marcoux May) Discuss if it is important for organizations like Gawker Media to be socially responsible. Gawker Media describes themselves as the publisher of some of the best loved titles on the web including the eponymous Gawker and gadget sensation Gizmodo. Founded in 2002 by Nick Denton, the influential media group now produces eight original brands with a collective audience of 20 million US readers. Attracting fans and critics alike for their inimitable delivery of news, scandal, and entertainment, the Gawker Media properties are heralded as everything from 'deliciously wicked' to 'the biggest blog in the world.' Because journalists have the important job of gathering information and presenting it to the public, they have a particular responsibility to their readers and their sources. On one hand, they must remember that their readers deserve clear, unbiased reporting. On the other hand, journalists need to consider the wellbeing of the sources whose lives are affected by media attention. (Wilson March) Based on this incident, determine what factors CEOs should consider when responding to a security breach. Unfortunately in business when mistakes are made admitting fault to certain situations in not the way to go; AT&T sent out a letter to its Apple iPad customers and apologized for the security breach that allowed 114,000 email addresses to be stolen. The letter said that the only information that can be derived from the ICC IDS is the email address attached to that device. AT&T wrote that they take customer privacy very seriously and while have fixed this problem, they apologize to their customers who were impacted. AT&T also said that it would work with law enforcement and aims to "prosecute violators to the fullest extent of the law." I feel that based on the circumstances and scandal that surrounded the release of the information this was the best way that the CEO could of handled the response, they fixed the problem, apologized without admitting no real knowledge of failure on their end and asked for customers to take the necessary steps on their end to protect themselves while they work with law enforcement to pursue the parties involved. . (Bilton June) Create an email script to be sent to AT&T customers informing them of the security breach and a plan to resolve the issue. Explain your rationale. Dear Valued Customer, On June 9, 2010 , It was reported to us that a company calling themselves a public Security firm has hacked our network of secure data bases through a security breach of our AT&T website. The hacking claims it specializes in exposing security vulnerabilities. They claim to of hacked AT&T to gain access to the Apple iPad; however in the process they harvested an estimated 114,000 Apple iPad 3G owner email addresses and also the identification number that those iPads use when they communicate over AT&T’s network known as an ICCID. This organizations actions was an unlawful invasion of our company and you our valued customers’ privacy, for this reason we are providing you with all the information available to us at this time; so that you our customer may do as we have already done and protect yourself against further intrusion and if you deem necessary even change the compromised email account. . (Bilton June) References Bilton, N. (June, 3 2011). AT&T is said to have exposed iPad owners’ email addresses. Retrieved from http://bits.blogs.nytimes.com/2010/06/09/attexposesemailaddressesof 114000ipadowners/ Duncan, G. (June, 3 2011). Mi6 attacks alQaeda in 'operation cupcake'. Retrieved from http://www.telegraph.co.uk/news/uknews/terrorismintheuk/8553366/MI6attacksalQaedain OperationCupcake.html Marcoux, Alexei, "Business Ethics", The Stanford Encyclopedia of Philosophy (Fall 2008 Edition), Edward N. Zalta (ed.) Retrieved (May, 31 2011) from http://plato.stanford.edu/entries/ethicsbusiness/ Wilson, M. J. March 24, 2004 Computerworld. Is hacking ethical? Retrieved (May, 31 2011) from http://www.computerworld.com /s/ article/91549/Is_hacking_ethical_
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'