Chapter 4: Ethics + information Security Flashcards
Information ethics
Govern the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself
Privacy
The right to be left alone when you want to be, not to have control over your own personal possessions, and not to be observed without your consent
Confidentiality
The assurance that messages and information are available only to those who are authorized to view them
Business issues related to information ethics
Intellectual property
Copyright
Pirated software
Counterfeit software
Tools to prevent information misuse
Information management
Information governance
Information compliance
eDiscovery
Ethical computer use policy
Contains general principles to guide computer user behavior
- ensures all users are informed of the rules and by agreeing to use the system on that basis, consent to abide by the rules
Email privacy policy
Details the extent to which email messages may be read by others
Anti-spam policy
Simply states that email users will not send unsolicited emails or spam
Social media policy
Outlines the corporate guidelines or principles governing employee online communications
Workplace monitoring policy
Information technology monitoring
Employee monitoring policy
Information technology monitoring
Tracks peoples activities by such measures as number of keystrokes, error rate, and number of transactions processed
Employee monitoring policy
Explicitly state how, when, and where the company monitors it’s employees
Organizational information is
Intellectual capital
Information security
The protection of information from accidental or intentional misuse by persons inside or outside an organization
Downtime
Refers to a period of time when a system is unavailable
Hacker
Experts in technology who use their knowledge to break into computers and networks, either for profit or motivated by the challenge
- black hat hacker
- cracker
- cyberterrorist
- hactivist
- script kiddies or script bunnies
- white hat hacker
Virus
Software written with malicious intent to cause annoyance or damage
Biggest issue surrounding information security is
Not technical but people issue.
- insiders
- social engineers
- dumpster diving
First line of defense
People
Second line of defense
Technology
Identity theft
The forging of someone’s identity for the purpose of fraud
Phishing
A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent email
Pharming
Re routes requests for legitimate websites to false websites
Authentication
A method for confirming users identities
Authorization
The process of giving someone permission to do or have something
Content filtering
Prevents emails containing sensitive information from transmitting and stops spam and viruses from spreading
Encryption
Scrambles information into an alternative form that requires a key or password to decrypt
Firewall
Hardware and or software that guards a private network by analyzing the information leaving and entering the network
Data prevention and resistance
Content filtering
Encryption
Firewall
Intrusion detection software
Features full time monitoring tools that search for patterns in network traffic to identify intruders
Ethics
The principle and standards that guide our behavior towards other people
