New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Chapter 4- Ethics

by: Aimee Castillon

Chapter 4- Ethics MBUS 302

Aimee Castillon
GPA 3.61

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Chapter 4 lecture
Managing information in a global environment
Class Notes
businessminor, information processing, chapternotes, Lecture Notes
25 ?




Popular in Managing information in a global environment

Popular in Minor In Business

This 7 page Class Notes was uploaded by Aimee Castillon on Monday October 17, 2016. The Class Notes belongs to MBUS 302 at George Mason University taught by Majumdar in Summer 2016. Since its upload, it has received 3 views. For similar materials see Managing information in a global environment in Minor In Business at George Mason University.


Reviews for Chapter 4- Ethics


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 10/17/16
GMU Aimee Castillon Information Systems MBUS 302 • Fall 2016 Heading: 10/4/16 Notes: Chapter 4- Ethics & Information Security Learning Outcome: Section 1­ Ethics ­ Information ethics ­ Ethics­ principles and standards that guide our  behavior toward other people Refer to examples in the book ­ Information ethics govern the ethical and moral  issues arising from the development and use of information  technologies, as well as the creation, collection, duplication,  Copywright distribution, and processing of information itself Pirated software ­ Business issues related to ethical issue ­ Intellectual property Counterfeit software ­ Copyright ­ Counterfeit software ­ Digital rights management ­ Privacy is a major ethical issue ­ Privacy­ the right to be left alone when  Quadrant I­ Amazon you want to be, to have control over your own personal  Quadrant II example­  possessions, and not to be observed without your consent Microsoft ­­ monopolizing  ­ Confidentiality­ the assurance that  users messages and information are available only to those who  Quadrant IIi­ Forever 21 are authorized to view them Quadrant !V­  ­ Individuals form the only ethical component of MIS ­ Individuals copy, use, and distribute  software ­ Search organizational databases for  sensitive and personal information ­ Individuals create and spread viruses ­ Individuals hack into computer systems to steal information ­ Employees destroy and steal  information ­ Acting ethically and illegally are not always the same ­ ­ Information does not have ethics, people do ­ Information does not care how it is  used, it will not stop itself from sending spam, viruses, or  highly­sensitive information ­ Tools to prevent information misuse ­ Information  More than 50% of companies  management ­ Information governance fire employees for violating  ­ Information compliance company email policy ­ Ediscovery ­ Developing information management policies ­ Organizations strive to build a corporate culture based on ethical principles that employees can understand and implement ­ Ethical computer use policy contains  general principles to guide computer user behavior At least 15 million people are  ­ The ethical computer  victims of identity theft every  user policy ensures all users are informed of the rules year! and, by agreeing to use the system on that basis,  consent to abide by the rules ­ Information privacy policy­ contains  general principles regarding information privacy ­ The use of unethical of  information typically occurs “unintenionally” when it is  used for new purposes ­ Acceptable use policy (AUP)­  requires a user to agree to follow it to be provided access to  corporate email, information systems, and the Internet ­ Nonrepudiation­ a  contractual stipulation to ensure that ebusiness  participants do not deny their online actions ­ Internet use policy­  URLs that have “https” in the  beginning are encrypted contains general principles to guide the proper use of  the Internet ­ Email privacy policy­ details the  extent to which email messages may be read by others ­ Organizations can  mitigate the risks of email and instant messaging  communication tools by implementing and adhering to  an email privacy policy ­ ­ Spam­ unsolicited email ­ Anti­spam policy  simply states that email users will not send unsolicited  emails (or spam) ­ Social media policy outlines the  corporate guidelines or principles governing employee online  communications ­ Workplace monitoring policy ­ Workplace monitoring is  a concern for many employees ­ Organizations can be  held financially responsible for their employees’  actions ­ The dilemma  surrounding employee monitoring in the workplace is  that an organization is placing itself at risk if it fails to  monitor its employees, however, some people feel that monitoring employees is unethical ­ Information  technology monitoring tracks people’s activities by  such measures as number of keystrokes, error rate,  and number of transactions processed ­ Employee monitoring  policy­ explicitly state how, when, and where the  company monitors its employees ­ Common monitoring  technologies include ­ Key  logger or key trapper software ­ Hardware key logger ­ Cookie ­ Adware ­ Spyware ­ Web log ­ clickstrea m Section 2­ Information Security ­ Protecting intellectual assets ­ Organizational information is intellectual capital­ it  must be protected ­ Information security­ the protection of information  from accidental or intentional misuse by persons inside or outside an  organization ­ Downtime refers to a period of time when a system is  unavailable ­ ­ ­ How much will downtime cost your  business? ­ Security threats caused by hackers and viruses ­ Hacker­ experts in technology who use their knowledge to break into computers and computer  networks, either for profit or just motivated by the challenge ­ Black­hat hacker ­ Cracker ­ Cyberterrorist ­ Hacktivist ­ Script kiddies or script  bunnies ­ White­hat hacker ­ Virus­ software written with malicious  intent to cause annoyance or damage ­ Backdoor program ­ Denial­of service attack  (DoS) ­ Polymorphic virus ­ Trojan­horse virus ­ Worm ­ ­ Security threats to ebusiness include ­ Elevation of privilege ­ Hoaxes ­ Malicious code ­ Packet tampering ­ Sniffer ­ Spoofing ­ Splogs ­ spyware ­ The first line of defense ­­ people ­ Organizations must enable employees, customers,  and partners to access information electronically ­ The biggest issue surrounding information security is  not a technical issue, but a people issue ­ Insiders ­ Social engineering ­ Dumpster diving   ­ The first line of defense an organization should follow  to help combat insider issues is to develop information security  policies and an information security plan ­ Information security policies ­ Information security plan ­ The second line of defense ­­ technology ­ There are three primary information technology  security areas ­ ­ Authentication and authorization ­ Identity theft­ forging of  someone’s identity for the purpose of fraud ­ Phishing­ a technique  to gain personal information for the purpose of identity  theft, usually by means of fraudulent email ­ Pharming­ reroutes  requests for legitimate websites to false websites ­ Authentication­ a  method for confirming users’ identities ­ Authorization­ process  of giving someone permission to do or have  something ­ Somethin g the user knows such as a user ID and  password ­ T his is the most common way to identify  individual users and typically contains a user ID and a password ­ A lso the most ineffective form of  authentication ­ O ver 50% of help­desk calls are  password related ­ Somethin g the user has ­ S mart cards and tokens are more  effective than a user ID and a password ­ T okens­ small electronic devices  that change user passwords  automatically ­ S mart card­ device that’s around the same size as a credit card,  containing embedded  technologies that can store  information and small amounts  of software to perform some  limited processing ­ Somethin g that’s part of the user  ­ T his is by far the best and most effective  way to manage authentication ­ B iometrics­ the identification of a user based on a physical  characteristic, such as a  fingerprint, iris, face, voice, or  handwriting ­ T his method can be costly and intrusive ­ Prevention and resistance ­ Downtime can cost an  organization anywhere from $100 to $1 million per  hour ­ Technologies available  to help prevent and build resistance to attacks include ­ Content  filtering prevents emails containing sensitive  information from transmitting and stops spam  and viruses from spreading ­ Encrypti on ­ I f there’s an information security breach  and the information was encrypted the  person stealing the information wouldn’t be able to read it ­ P ublic key encryption (PKE) ­ ­ C ertificate authority ­ D igital certificate ­ Firewalls ­ hardware and/or software that guards a  private network by analyzing the information  leaving and entering the network ­ O ne of the most common defenses for  preventing a security breach  ­ ­ Detection and response  ­ If prevention and  resistance strategies fail and there’s a security breach, an organization can use detection and response  technologies to mitigate the damage ­ Intrusion detection  software­ features full­time monitoring tools that  search for patterns in network traffic to identify  intruders TED Talk on privacy - Privacy is better than democracy; opinions can happen - You don’t know when you’re being watched so you don’t care what you do - 2 main points - it’s “dangerous” because you’re mind is set in the present; you lose democracy when you know you’re being watched - No matter what your intentions are, you’re still being watched


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Janice Dongeun University of Washington

"I used the money I made selling my notes & study guides to pay for spring break in Olympia, Washington...which was Sweet!"

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.