School of Information Systems

ETHICAL AND INFORMATION SECURITY

Ethics refers to the value of right and wrong decision individuals made that leads to their behavior, a lot of schemes that can help us decide ethical decisions. For example, utilitarian, rights, fairness, common good, and deontology approach. The general framework for ethics are that we have to recognize an ethical issue, find exact information about the facts, evaluate actions, dare to take risks by making a decision and test it, and reflect the outcome from it. A code of ethics is a principles to guide decision making by organization members. The fundamental tenets of ethics are responsibility , which means by using information security we have to accept the consequences by our decision making, the next is accountability which determines of people who is In charge and responsible for the decisions taken. At last we have liability , which means individuals have the rights to recover the damages done to them , organization , or even sytems.

Information security refers to the process designed to protect the organization’s information system from unauthorized access , hackers , destruction. Information security may come into a threat where the information from the system may be exposed by any unauthorized person. Security helps today interconnected, interdependent , wireless-networked in business environment . Information security is smaller, faster , cheaper , computer and storage devices. It helps the system to be protected from hackers. The information security controls the physical protection of computer facilities and resources , it also controls the access, the restriction of unauthorized user access to computer resources , and also communication network , to protect the data movement of networks include security controls authentication.

Information security controls , uses firewall to protect the system . The firewall is implemented in the computer. It also use digital certificate , which is an electronic document certifying that the file was from the organization and has not been modified from the original one. The other one is VPN and tunneling , it encrypts each data that is sent from one place to another place , for example , with VPN , our desktop server entered other country’s private server. Information security controls also consist of employee monitoring system , with the intention of monitoring as an administrator and ask to do what we wanted them to.

Information systems auditing is an independent or unbiased observers task to ensure that information systems work properly. It is processed by checking specific inputs , outputs , processing . It is the combination of client data , author software, and client and auditor hardware. The internal is performed by internal auditors , while the external is the review of input , output , and the processing systems.

Ethical issues can involve IT applications, which is privacy issues, accuracy issues, property issues and accessibility issues. It involves collecting, storing individuals information. It identify and define answers to questions about the moral basis of individual responsibilities and actions, as well as the moral support for the public. Information security ethics has been defined to be focused in between the creation , organization , dissemination , and use of information at the ethical standards on moral codes governing human conduct in society.