978-0073402987 Chapter 4 Section 4.1 Ethics

Type

Solution Manual

Book Title

Business Driven Information Systems 5th Edition

ISBN 13

978-0073402987

April 4, 2019

ETHICS AND INFORMATION

SECURITY

Ethics (from the Ancient Greek "ethikos" meaning "Theory of living")

attempts to understand the nature of morality; to distinguish that which is

right from that which is wrong. Ethics in plain words means studying and

analyzing right from wrong; good from bad. Information security deals with

several different "trust" aspects of information. Information security is not

con$ned to computer systems, nor to information in an electronic or

machine-readable form. It applies to all aspects of safeguarding or protecting

information or data, in whatever form.

SECTION 4.1 - ETHICS

Information Ethics

Developing Information Management Policies

SECTION 4.2 - INFORMATION SECURITY

Protecting Intellectual Assets

The First Line of Defense—People

The Second Line of Defense—Technology

CHAPTER

SECTION 4.1

ethics

Advances in technology make it easier for people to copy everything from

music to pictures. Technology poses new challenges for our ethics — the

principles and standards that guide our behavior toward other people.

LEARNING OUTCOMES

Learning Outcome 4.1: Explain the ethical issues in the use of

information technology.

Information ethics govern the ethical and moral issues arising from the

development and use of information technologies, as well as the creation,

collection, duplication, distribution, and processing of information itself (with

or without the aid of computer technologies). Ethical dilemmas in this area

usually arise not as simple, clear-cut situations but as clashes between

competing goals, responsibilities, and loyalties. Inevitably, there will be more

than one socially acceptable or “correct” decision. For this reason, acting

ethically and legally are not always the same.

Learning Outcome 4.2: Identify the six epolicies organizations

should implement to protect themselves.

An ethical computer use policy contains general principles to guide

computer user behavior. For example, it might explicitly state that

users should refrain from playing computer games during working

hours.

An information privacy policy contains general principles regarding

information privacy.

An acceptable use policy (AUP) is a policy that a user must agree to

follow in order to be provided access to corporate email, information

systems, and to the Internet.

An email privacy policy details the extent to which email messages

may be read by others.

A social media policy outlines the corporate guidelines or principles

governing employee online communications.

An employee monitoring policy states explicitly how, when, and where

the company monitors its employees.

CLASSROOM OPENER

NOT-SO-GREAT BUSINESS DECISIONS – Scrushy Faces 30

Years in Prison

Richard Scrushy, former chief executive of HealthSouth, was convicted of

bribing Don Siegelman, former governor of Alabama, for a seat on the state's

hospital regulatory board, which oversaw some of his company's facilities.

The verdict came a year and a day after Mr. Scrushy was found not guilty of

involvement in a $2.7 billion accounting fraud at HealthSouth, which he built

from scratch into America's largest provider of rehabilitative healthcare. Mr.

Siegelman, a Democrat who was governor from 1999 to 2003, was also

convicted of bribery and mail fraud, following a seven-week trial and 11 days

of jury deliberations. Prosecutors accused Mr. Siegelman of operating a "pay

to play" scheme in which companies and contractors gave political donations

in return for contracts and favors. The pair could each face up to 30 years in

jail for the crimes.

UBS, the Swiss investment bank, was embroiled in the case through its role

as former banker to HealthSouth. A former UBS banker testi$ed that the

bank had helped engineer Mr. Scrushy's payment to the lottery campaign by

forgiving $250,000 in fees it was owed by a healthcare company through

which the donation was funneled.

Mike Martin, HealthSouth's former chief financial [email protected], told the jury he had

put pressure on UBS, at Mr. Scrushy's behest, to help finance the donation.

Mr. Scrushy denied the donation was a bribe, arguing he wanted to foster

good relations with the governor and support his push to improve public

education through a lottery.

HealthSouth was among the raft of US companies where large scale frauds

were discovered in the wake of the accounting scandals at Enron and

WorldCom.

CLASSROOM EXERCISE

What Right Do I Have?

Bring a USB drive into class

At the beginning of class state that you found the USB drive and does it

belong to anyone?

How can you determine whose USB drive it is?

Should you plug it into your computer and read the information?

Is that ethical?

What if the drive has all of the salaries of everyone at college or all of the

grades for every student?

What if the drive contains a virus that wipes out your computer?

What should you do?

CLASSROOM EXERCISE

Analyzing an Ethical Computer Use Policy

Break your students into groups and ask them to develop and de$ne several

ethical computer use policies that would be appropriate for your school or for

a business of your choice. Have your students present their policies to the

entire class.

Examples: Users will not send spam

Users will not send harmful viruses

Users will not use o#ensive language or send o#ensive material

Additional exercise: Have your students research the Internet for current

lawsuits based on o#ensive email. Could the lawsuit have been prevented

through the implementation of an ethical computer use policy?

CLASSROOM EXERCISE

Great Video on Lack of Privacy on Facebook

Many students believe that what they put on the Internet is their property and they have

automatic privacy. This is a great video to open their eyes to what is put on the Internet stays on

the Internet.

http://www.forbes.com/sites/jacobmorgan/2014/08/19/privacy-is-completely-and-utterly-dea

d-and-we-killed-it/

CLASSROOM EXERCISE

Bogus Computer Expert Goes From Witness to Federal

Prison

Interesting article. I discussed the article in my class and asked my students

what could happen to a business if it followed the advice of a "fake" expert.

Perhaps knowing something about IT could help them in the future if they

encounter a fake expert. I also asked them if this could happen in other

areas not just IT, such as Accounting Field, Finance Field, Management Field,

etc.

The courtroom star witness pleaded guilty to faking his credentials, possibly

putting several cases in question.

http://www.informationweek.com/news/showArticle.jhtml?

articleID=199500244

CLASSROOM EXERCISE

Device Cheating Debate

Banning baseball caps during tests was obvious -- students were writing the

answers under the brim. Then, schools started banning cell phones, realizing

students could text message the answers to each other. Now, schools across

the country are targeting digital media players and cell phones as a potential

cheating device. Devices can be hidden under clothing, with just an ear bud

and a wire snaking behind an ear and into a shirt collar to give them away,

school [email protected] say.

Ask your students to debate For and Against a ban on electronic devices in

your schools.

Students downloading formulas onto digital media players

Some students say bans ine#ective as cheaters will $nd another way

CLASSROOM EXERCISE

Who is Reading Your Email?

Ask your students...Do they know who is reading their email? Their text

messages? Their phone calls?

Did you know that more than one-quarter of U.S. companies have $red an

employee in the last year for violating email policies?

I Was Fired For Hitting Reply All

http://www.thegrindstone.com/2012/01/27/career-management/i-was-fired-because-of-reply-all-t

errifying-true-story-545/

CLASSROOM EXERCISE

HOT MIS SKILLS - SECURITY

The IT security job market is booming -- but that doesn't mean everyone is

automatically getting a job, or the right job. And just like the threat

landscape is rapidly evolving, so are the quali$cations and qualities needed

for positions in the security profession.

There's a conundrum between supply and demand: Employers are looking for

security candidates who can $ll a specific need, such as incident response or

risk management, while security pros on the job hunt want to build on their

existing skills and advance their careers. "But employers don't want to hire

someone to get experience on their dime," says Lee Kushner, president of LJ

Kushner and Associates, an IT security recruitment $rm.

Ask your students to read the article and answer the following:

• Why is IT security critical for a company? Do you think this is an area that

is going to grow or shrink over the next decade?

• List the six hot skills and rank them in order of importance for an online

business. Be sure to include the justification for your ranking.

• Of the six hot skills which one interests you the most? What can you do to

ensure you have the skills to get the job you want?

http://www.darkreading.com/vulnerability_management/security/governm

ent/showArticle.jhtml?

articleID=224701863&cid=nl_DR_DAILY_2010-05-14_h

CLASSROOM EXERCISE

PEOPLE IN PRISON ARE BETTER THAN THOSE FOUND IN

CORPORATE AMERICA

Former Qwest chief executive [email protected] Joe Nacchio sported a shaved head,

goatee, black-framed glasses and a khaki prison jumpsuit for a hearing in

Denver in which he was granted a waiver from attending his resentencing in

June. Nacchio, who is serving a six-year prison term in Pennsylvania for

criminal insider trading, received a federal escort to U.S. District Court in

Denver to attend the hearing. In spring 2007, Nacchio was convicted on 19

counts of illegal insider trading connected to his sale of $52 million in Qwest

stock in early 2001. A year into his prison term, and appearing slimmer

than he did during his trial, Nacchio told Krieger on Tuesday that he has met

"plenty of $ne people" behind bars. "As a matter of fact, I'd go so far to say

I've met better people in prison than people I used to work with," said

Nacchio, who once referred to U S West workers as "clowns."

Ask your students to read the article and discuss the following:

• Are white collar criminals, such as Joe Nacchio, Ken Lay from Enron,

and Bernie Mado# the Ponzi scam king, worse than common criminals?

• What are the corporate social responsibilities associated with corporate

executives?

• Who are the people primarily hurt when CEOs act unethically and

illegally?

• Do you agree that the government should have the right to monitor

public corporations? What about private corporations?

http://www.denverpost.com/statistics/ci_15018083?source=pkg

CLASSROOM EXERCISE

HACKER SENTENCED TO 20 YEARS WHILE WORKING AS AN

UNDERCOVER INFORMANT

Convicted TJX hacker Albert Gonzalez was sentenced to 20 years and a day,

and $ned $25,000 on Friday for his role in breaches into Heartland Payment

Systems, 7-Eleven and other companies. The sentence will run concurrently

with a 20-year sentence he received on Thursday in two other cases

involving hacks into TJX, [email protected] Max, Dave & Busters restaurants and others,

so it adds only one day to his total prison term. Restitution will be decided at

a future hearing. “I understand the road to redemption will be long,” said

Gonzalez, 28, before the sentence was pronounced.

http://www.wired.com/threatlevel/2010/03/heartland-sentencing/?

utm_source=feedburner&utm_medium=feed&utm_campaign=Feed

%3A+wired%2Findex+%28Wired%3A+Index+3+

%28Top+Stories+2%29%29

Ask your students to read the article and discuss the following:

• Do you agree with Albert Gonzalez’s sentence ?

• Considering Albert Gonzalez didn’t profit from the data theft is his

sentence appropriate?

• Gonzalez’s crimes were committed mostly between 2005 and 2008

while he was drawing a $75,000 salary working for the U.S. Secret Service

as a paid undercover informant. How do you think being a paid

undercover informant contributed to Gonzalez’s crime?

CORE MATERIAL

The core chapter material is covered in detail in the PowerPoint slides. Each

slide contains detailed teaching notes including exercises, class activities,

questions, and examples. Please review the PowerPoint slides for detailed

notes on how to teach and enhance the core chapter material.

Subscribe Now

View Document

Solution manual