Friday, September 27, 2019

Security, Privacy and Ethical Issues in Information Systems Essay

Security, Privacy and Ethical Issues in Information Systems - Essay Example Whenever a user travels the cyberspace, (s)he leaves his/her identity at almost every step of the way (Privacy Rights Clearing House, 2006). Whether one is signing up for internet service with Internet Service Provider (ISP), sending emails, browsing internet sites, or using a search engine to locate required information, the identity of the machine is being shared, and it can be misused by someone masquerading as someone else (Webliminal.com, 2007). There is a growing concern about the security of personal and private information over the internet and web-based applications; spy-ware, viruses, worms, trojans and information leakage through social engineering are all evils generated one way or the other by the internet. In addition, many businesses gather and store personal information of the potentially new and existing customers in their systems which give rise to privacy and information security issues. When anyone attempts to make a payment online using credit cards and other ins truments, the security and confidentiality of the transaction is perhaps, the biggest concern. As a result, the consumers' trust in the web-based applications has declined. ... Several techniques have been developed to ensure the security of private information over the internet and to mitigate the risk of personal information misuse. A formal security policy governs the management's ideology, direction and operating procedures towards ensuring security and privacy of information. Many organizations now employ encryption mechanism like Secure Socket Layer (SSL) for transmission security and Digital Certificates to ensure non-repudiation and third-party assurance in the form of digital certificate (Newmann, 2003). Several privacy laws and regulations have been developed to regain customers' trust in e-commerce systems and online information sharing. The most accepted standard for ensuring information security and privacy is the British Standard Institute (BSI) guidelines called ISO27001 Information Security Management Systems. This standard deals with the applying adequate controls to ensure confidentiality, availability, and integrity of information; and pr otection of legal, privacy and security rights of the customers. Other regulations include copyright infringement laws and related policies that address the issues of information theft. 1.4 Computer Ethics In addition to security and privacy laws and regulations, companies also adopt information ethical standards to strengthen their systems of internal controls. An ethical problem can be defined as the argument with regard to one's values, in selecting one of the two paths based on the pressure and demands of a situation (Charlesworth Sewry, 2002, p.163).  

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.