Week 4: Ethics, Security, and Risk Management in IT
It used to be expensive to make things public and cheap to make them private. Now it’s expensive to make things private and cheap to make them public.
Consider the following scenarios:
Imagine you are working as a senior IT manager in a software research and development firm. Your team is developing a cutting-edge software product. If the development is successful, your company plans to patent the software and earn millions of dollars from its sales. However, there is always the risk that an employee who has access to the software’s code could steal it and use it for personal gain. How will you ensure that the software’s code stays secured?
Imagine you are a network administrator in a company. You can read the e-mails of all the network users of your company, including the CEO. However, should you be reading them just because you can? Do you have the right to read a senior executive’s e-mail to ensure that sensitive company information is not compromised?
The first scenario involves your responsibility as an employee to keep vital company information secured. The second deals with your ethical responsibility to maintain confidentiality about fellow employees’ information. How prepared are you to handle such responsibilities as an employee of an organization? For another perspective on IT security, refer to the following statement from XYZ Corporation’s CEO, Isabella Torres:Accessible player –Downloads–Download Video w/CCDownload AudioDownload Transcript
This week, you investigate ethical issues in IT faced by employees. You also examine potential security threats and strategies for managing risks associated with them. In the Discussion, you will analyze a current article or news story describing an unethical practice that is IT-related. In the Assignment, will address ethical issues related to information technology and information systems.
- Analyze the impact of ethical issues in information technology on organizations
- Describe ethical issues related to information technology
- Illustrate how addressing ethical issues in information technology can lead to positive social change
- Explain potential security threats in information technology
- Analyze the impact of information system security issues on organizations
- Identify components of risk management in information technology
Due This Week
|Discussion: Ethical Issues in IT and Their Impact||Post your initial posting by Day 3.|
Respond to your colleagues by Day 5. Note: As you complete this first Discussion, be sure to reference the Week 4 Discussion Rubric.
|Assignment: Ethics and Information Security||Submit your Assignment by Day 7. Note: As you complete this first Assignment, be sure to reference the Week 4 Assignment Rubric.|
Ethical Issues in IT
Everyone faces decisions that require them to reflect on their personal ethics and morals. Sometimes, this can be a daily occurrence. These resources will help you to become familiar with ethical considerations related to the use and implementation of information technology.Berzai, L. (2017, June 29). Ethical decision making and the IT professional [Blog post]. Retrieved from https://www.aitp.org/blog/aitp-blog/2017/06/29/ethical-decision-making-and-the-it-professional/Time Estimate: 7 minutesBerzai, L. (2017, July 4). Ethical problems in computing [Blog post]. Retrieved from https://www.aitp.org/blog/aitp-blog/2017/07/04/ethical-problems-in-computing/Time Estimate: 9 minutesBerzai, L. (2017, June 27). How ethical theories apply to IT professionals [Blog post]. Retrieved from https://www.aitp.org/blog/aitp-blog/2017/06/27/how-ethical-theories-apply-to-it-professionals/Time Estimate: 6 minutesIEEE.org. (2018). 7.8 IEEE code of ethics. Retrieved from https://www.ieee.org/about/corporate/governance/p7-8.htmlTime Estimate: 2 minutesWoo, M. (2017). Ethics and the IT professional. Retrieved from https://er.educause.edu/articles/2017/3/ethics-and-the-it-professionalTime Estimate: 6 minutes
Leading Positive Social Change and the Impact of Ethical Issues in IT
The implications of ethical decision making often extend further than the individuals involved. One decision can affect a small group, a company, or an entire population. Using these resources, you will examine how decision making on the use and implementation of information technology (IT) can have an impact on society at large.Bourgeois, D. T. (2014). The ethical and legal implications of information systems. In Information systems for business and beyond. Retrieved from https://bus206.pressbooks.com/chapter/chapter-12-the-ethical-and-legal-implications-of-information-systems/Time Estimate: 33 minutesOlumoye, M. Y. (2013). Ethics and social impact of information systems in our society: Analysis and recommendations. International Journal of Science and Research, 2(11), 154–158. Retrieved from https://www.ijsr.net/archive/v2i11/MDIwMTM0MDQ=.pdfTime Estimate: 10 minutesPayne, S. (2017, April 10). You can’t ignore business ethics and social responsibility in 2017 [Blog post]. Retrieved from https://resources.globoforce.com/globoforce-blog/you-can-t-ignore-business-ethics-social-responsibility-in-2017Time Estimate: 8 minutes
Security Threats in IT
Information technology is a product that is created by people. As a result, its imperfections can result in malicious exploitation by those who choose to do harm. These resources will help you gain a more in-depth understanding of the types of security threats that result from the use and implementation of IT solutions.The AME Group. (2018). 8 threats an IT security professional can help prevent. Retrieved from https://www.theamegroup.com/8-threats-security-professional-can-help-prevent/Time Estimate: 6 minutes Baker, S. (2017). 5 types of IT security threats facing businesses. Retrieved from https://www.rutter-net.com/blog/5-types-of-it-security-threats-facing-businesses Time Estimate: 6 minutesBisson, D. (2015). 5 social engineering attacks to watch out for. Retrieved from https://www.tripwire.com/state-of-security/security-awareness/5-social-engineering-attacks-to-watch-out-for/Time Estimate: 7 minutesCybint News. (2018). 5 of the biggest cyber security risks for businesses. Retrieved from https://www.cybintsolutions.com/5-of-the-biggest-cyber-security-risks-for-businesses/Time Estimate: 6 minutes Guru99. (2018b). Ethical & security issues in information system. Retrieved from https://www.guru99.com/mis-ethical-social-issue.htmlTime Estimate: 8 minutesLaureate Education (Producer). (2019b). IT security risks [Interactive media]. Baltimore, MD: Author.Time Estimate: 3 minutes
Risk Management and the Impact of Security Threats
By being aware of possible security threats, you can better plan proactively against those threats. These resources will provide insight into the impact that security threats can have on an organization and help you understand how to manage the associated risks.
Help Net Security. (2016). Impact of security breaches on consumer trust. Retrieved from https://www.helpnetsecurity.com/2016/05/12/impact-security-breaches-consumer-trust-brands/Time Estimate: 4 minutesInvest Northern Ireland. (n.d.). Computer networking: Network security issues. Retrieved November 12, 2018, from https://www.nibusinessinfo.co.uk/content/network-security-issuesTime Estimate: 2 minutes Rapid 1. (n.d.). Information security risk management: Identify and achieve an acceptable level of risk. Retrieved November 12, 2018, from https://www.rapid7.com/fundamentals/information-security-risk-management/Time Estimate: 8 minutesWhat You Need to Know. (2013, December 16). Information security (by what you need to know) [Video file]. Retrieved from https://www.youtube.com/watch?v=eUxUUarTRW4Note: The approximate length of this media piece is 5 minutes.
Important Documents for This Week
Discussion: Ethical Issues in IT and Their Impact
Through this week’s Learning Resources, you examined both ethical issues and practices as they relate to the implementation of IT systems. While the hope is that all companies will do their best to maintain ethical business practices, unfortunately, not all of them make that an instrumental component of their operations.
Have you ever heard of an organization that participated in an IT-related unethical practice? Perhaps the company sold personal customer data to a third party without customer consent, or perhaps the organization obtained trade secrets or other proprietary information through the use of spyware. Consider the impact of unethical practices on those close to the organizations that commit them. Then, consider how that impact extends to the surrounding community and to society at large.
For this Discussion, you will identify an article or news story about an unethical practice that is IT-related and analyze its impact on organizations, as well as explain measures that could have been taken to prevent it from happening in the first place.
To prepare for this Discussion:
- Review this week’s Learning Resources.
- Locate an article or news story that describes an unethical practice that is IT-related.
- Review the Academic Writing Expectations for 2000/3000-Level Courses, provided in this week’s Learning Resources.
By Day 3
Post a 150- to 225-word (2- to 3-paragraph) analysis of the impact of ethical issues in information technology that includes the following:
- Provide a description and citation of the article you located.
- What could have been done to prevent the practice from happening?
- How does the unethical practice affect those within or close to the company as well as the community?
- To support your response, be sure to reference at least one properly cited scholarly source.
Refer to the Week 4 Discussion Rubric for specific grading elements and criteria. Your Instructor will use this grading rubric to assess your work.
Read some of your colleagues’ postings.
By Day 5
Respond with at least 75 words (1 paragraph) eachto two or more of your colleagues’ postings by doing one of the following:
- Provide a suggestion for what else might have been done to prevent your colleague’s identified unethical practice from occurring.
- Describe one or more additional impacts of your colleague’s identified unethical practice on the company and/or on the community.
Return to this Discussion in a few days to read the responses to your initial posting. Note what you have learned or any insights you have gained as a result of the comments your colleagues made.
Submission and Grading Information
Post by Day 3 and Respond by Day 5
Assignment: Ethics and Information Security
Businesses cannot implement information systems without considering the privacy and confidentiality of the data these systems store, manipulate, and distribute. Those who have access to information should be highly mindful of ethical practices and standards. As highlighted in this week’s Learning Resources, there are numerous ethical issues to consider related to IT systems. Today’s businesses must be proactive in their approach to protecting data from misuse and unauthorized access.
In this Assignment, you will respond to a set of questions on ethical issues in IT, how addressing ethical issues in IT can lead to positive social change, security threats in IT, and risk management.
To prepare for this Assignment:
- Review this week’s Learning Resources.
- Refer to the Academic Writing Expectations for 2000/3000-Level Courses as you compose your Assignment.
By Day 7
Submit your responses to the following prompts.
- Describe two ethical issues related to IT systems. (150–225 words, or 2–3 paragraphs)
- Analyze the ethical issues you identified in the previous question in terms of their effects on IT systems and impact on an organization. (150–225 words, or 2–3 paragraphs)
- Illustrate how an organization’s approach to addressing an ethical issue from an IT perspective can lead to positive social change. Be sure to address both internal and external impacts. (150–225 words, or 2–3 paragraphs)
- Using the Internet and/or other sources, identify a company that has both faced and addressed one of the ethical issues you described in the first question. Describe the scenario and outcomes of that experience, including in your description the role that society and the drive for positive social change played. In your response, include an analysis of whether the organization handled the situation effectively. What improvements might you suggest that could promote further positive social change? (375–450 words, or 5–6 paragraphs)
- Explain two possible threats to information security. (150–225 words, or 2–3 paragraphs)
- Using the Internet and/or other sources, identify a company that has both faced and addressed an information security breach. Analyze the scenario and the impact of the information security breach on the company. Be sure to describe how the company handled the situation, as well as any outcomes of that experience. Include your appraisal of whether the company handled the situation effectively. (300–375 words, or 4–5 paragraphs)
- Using the company you selected for the previous question, identify how the lessons learned from the experience could be applied more generally to other organizations with regard to their risk management strategies. Be sure to include specific components of risk management in your response. (150–225 words, or 2–3 paragraphs)
Note: For each prompt, be sure to reference at least one scholarly source to support your answer. Use the Walden Undergraduate Paper Template, provided in this week’s Learning Resources, to complete this Assignment.
Refer to the Week 4 Assignment Rubric for specific grading elements and criteria. Your Instructor will use this grading rubric to assess your work.
Submission and Grading Information
To submit your completed Assignment for review and grading, do the following:
- Please save your Assignment using the naming convention “WK4Assgn+last name+first initial.(extension)” as the name.
- Click the Week 4 Assignment Rubric to review the Grading Criteria for the Assignment.
- Click the Week 4 Assignment link. You will also be able to “View Rubric” for grading criteria from this area.
- Next, from the Attach File area, click on the Browse My Computer button. Find the document you saved as “WK4Assgn+last name+first initial.(extension)” and click Open.
- If applicable: From the Plagiarism Tools area, click the checkbox for I agree to submit my paper(s) to the Global Reference Database.
- Click on the Submit button to complete your submission.
Check Your Assignment Draft for Authenticity
Submit Your Assignment by Day 7
Week in Review
This week, you delved into the topic of ethical issues in IT by describing some examples of them, analyzing their impact on organizations, and illustrating how addressing them can lead to positive social change. You also examined security threats in IT, including their impact on organizations and how organizations can incorporate risk management strategies to mitigate that impact.
Next week, you will be introduced to the concept of organizational competitiveness. You will explore what it means to be a competitive business and how businesses use IT to establish and maintain a competitive advantage over their competitors. You will also examine different types of competitive business strategies.