Friday, December 6, 2019
The Contemporary Ethical Environment in the IT industry
Question: Describe about the contemporary ethical environment in the IT industry? Answer: Introduction: With the technological advancement and dynamic nature of the civilization make it possible to impose some code of ethics that are appropriate for the previous generation and no longer applicable for to apply in this decade. Hence some corrective measures are taken to change the technology and principle. Hence the security and ethics will be maintained properly. There are five main categories, which are in focus in terms of security in IT industry- Privacy, control, ownership, security and accuracy. Professional requirement for the ethical behavior: Many people in IT industry are mandatory to sign the NDA, which is nondisclosure agreements and some other clauses mentioned in contracts. Even there are legal documents which will restrict employees ability to disclose the information with new joiner even restriction go up to the level that make the employees unable to join other company (Rivard and Aubert, n.d.). As a particular individual a responsible person only is the accessible to the systems and the technologies. He is only one who will be responsible to aware other workers about a particular technology which is in use in the industry. The person has the access to the confidential internal data regarding strategic and procedural information. Some advanced technologies are meant to incorporate in order to make a new application or a new system as n new revolutionary system with respect to execution and design (Partida and Andina, 2010). Like many organizations, IT industries have started to have background and credit check of an employee at the time of hiring. By performing these kinds of checks, protection is given to the industry to avoid any kind of scandals (Oliva, 2004). Like every business organization IT industries love to be accurate. As an effective decisions are made only with accurate decision. Manually estimated calculation and establishing relationship among those data manually had lot of complications, being most critical function to perform. Technology has made it possible to interconnect complicated process to fetch desired data (Northcutt and Northcutt, 2004). With the technological advancement there are lots of security breaches in terms of network, stealing physical devices and also other social engineering attacks are there, which cause to break traditional safety measures. Organizations have some internal policies to deal with these kinds of security breaches. Conclusion: With dynamic growth in the population and trends in information technology has emphasized that challenges related to ethical behavior can be reduced by the integrity, competitiveness and survival uprightness. It is mostly needed by todays organizational culture to manage its all the operation with integrity and take care of proper maintenance of ethics. Organizations need to ensure that their employees should know how to deal ethical issues faced at the work font every day. Hence, ethical dilemma would not occur. Ensuring systematic System security in the contemporary IT environment: Introduction: Though the original purpose to use internet is to move file and multimedia information across the globe has added so many features to the present working environment to the every king of business organization, where IT has put a great impact. Ease of use and simplicity are two attribute of internet use, though with commitment of giving best effort service has snatched the security and integrity. On the other hand, with the rapid use of internet and new arrival of software and hardware equipment for information and communication technology advancement has led to a state users are not fully acknowledgeable. It sometime happens that the user is known to the actual implementation of the targeted software and hardware. The Social, operational, technical aspects of IT security: With the emerging trend of internet and its usage, lots of technologies have been introduce in order to have proper communication irrespective of place and type of the information. In an IT environment of a business organization, when data is moved or communication is held, there are chances or occurring social engineering in terms of ethical breaches. In this scenario the intruders who are setting behind the computer are physical far away, can cause data stealing and also can cause flooding (Managed security service enables outsourcing of security, 2000). The intruder can target an individual or can target an organization, or to steal data. So that he can take revenge or financially can be benefited. Generally in social engineering attackers can act as legitimate user to steal data of an individual or of an organization (Hawthorne, 2004). It sometime happens that the attackers are involved in eavesdropping, where the conversations are listened by the attacker by the physical present of by the trapping the communication channel form the middle. Some time attackers flood the IP pool of the server acting as legitimate client (Fumy and Sauerbrey, 2006). In this scenario clients stay busy to send only one request to the server but form the middle the attacker act as a legitimate client and send the server bulk of request one after another requesting IP (Erbschloe, 2005). In this scenario server sends all the IP to the illegal client and finishes its stock of IPs and the moment the legitimate client request for the IPs, there is no IPs available in the IP pool of server. This scenario is called flooding (Fumy and Sauerbrey, 2006). To overcome this entire scenario, a person who is working within his personal network and or working under the organizational network must have some methods to secure his system (Demetriades, 2003). He must have the safe internet browsing by installing firewall, installing some antivirus software or by restricting hardware (portable) storage devices (Pendrive, flash cards) form inserting in the computer or in the main operational devices. These were the basic it risk mitigation technology I have introduced (Datta, 2010). With basic technologies, user, who are involved in organizational work or the people who are engaged basically to surf the internet for their minor usage or for the enjoyment purpose, are prompted by these security software or by the firewalls whenever a malicious link is clicked or visited. Hence the users become aware about not to click the link (Calder and Watkins, 2010). These basic security measures allow an individual to have a safe experience of internet enabl ed devices. Hence the data remain in antitheft environment and system softwares become protected enough to not to crash (Erbschloe, 2005). Conclusion: With the birth of the technologies in the IT sectors, intruders and hackers were also introduced. Hence with the basic risk mitigation technologies and also with advanced mechanism incorporated with some cryptography algorithm it become possible to restrict the security breaches. Even for an organization, network service providers can also incorporate safe way communication by introducing VPN (Virtual Private Network). Where communication takes place in a dedicated line. Hence there is no sharing which has eliminated the security breaches. Measuring and managing contemporary IT related risk: Introduction: Several technologies have been introduced, in order to measure and to mitigate the IT risks in the contemporary environment of the IT industry. For example a person working within his personal network and or working under the organizational network must have some methods to secure his system or must have the safe internet browsing by installing firewall, installing some antivirus software or by restricting portable storage devices form inserting in the computer or in the main operational devices. These were the basic it risk mitigation technology. Contemporary risk challenges to measure and manage risk: With the invention of modern technologies in information and communication technologies, it no doubt become easy for the world to gather the information form whenever and its about whatever (Bonhoeffer et al., 2005). With the incorporation of e-commerce technology, the IT industries and other business organizations have involved to commerce the business in form of business-to-business, business-to-customer, customer-to-customer and customer-to-business. In B-C commerce a company can give ad of their services or products on their official site and customer can choose and place order as per their preferences. In B-B commerce, a business organization offers their product to other organization, for example IT consultancy companies are engaged in deploying software products in the other companies or the partnership of eBay and paypal (Axelrod, 2004). In C-B commerce, customers upload their requirement to the official site of the company or in a public forum as per their requirement, the d esired company of the customer or the as per the customers requirement a particular company will take the order. In C-C commerce, customer uploads their requirement in the public forum using internet. Hence customers can buy/sell/give solution to other customers. In these kinds of business solutions, there are risks for the user/customer with less computing knowledge. As with advancement in technology many software tools have invented. These software tools are installed in a computing device to record the sequence of key strokes. Or it may happen those users/customer are provided link buy the intruders, who are sitting between the customer and companys official site. These kinds of mails contain malicious codes, where users are offered some expensive gift in exchange of their personal data. The moment user click on the link, the software or the code related to that link start fetching all the records. Or some time a user or an individual related to a particular user reveals personal data on the website, which can make the user vulnerable. Hence it is required to be updated with the advancement in the technology. Ebay faced an attack between late February and early march. In this scenario, login credentials of some employees of the Ebay are obtained by hackers. They accessed the database contained of user records and copied all of the records (Ackermann, 2013). Conclusion: With basic risk mitigation technologies, user, who are involved in organizational work or the people who are engaged basically to surf the internet for their minor usage or for the enjoyment purpose, are prompted by these security software or by the firewalls whenever a malicious link is visited. These basic security measures allow an individual to have a safe experience of internet enabled devices. Hence the data remain in antitheft environment and system software become protected enough to not to be vulnerable to crash. On the other hand an organization can ask for the VPN service for their network service provider or can use some cryptographic algorithm based software for encrypt the data before sending them via Internet. References Ackermann, T. (2013). IT security risk management. Wiesbaden: Springer Gabler. Axelrod, C. (2004). Outsourcing information security. Boston: Artech House. Bonhoeffer, D., Green, C., Krauss, R., West, C. and Stott, D. (2005). Ethics. Minneapolis: Fortress Press. Calder, A. and Watkins, S. (2010). Information security risk management for ISO27001/ISO27002. Cambridgeshire: IT Governance Pub. Datta, P. (2010). A preliminary study of ecommerce adoption in developing countries. Information Systems Journal, 21(1), pp.3-32. Demetriades, D. (2003). Information technology. Oxford: Oxford University Press. Erbschloe, M. (2005). Physical security for IT. Amsterdam: Elsevier Digital Press. Ethical challanges. (2003). The American Journal of Evaluation, 24(1), pp.81-82. Fumy, W. and Sauerbrey, J. (2006). Enterprise security. Erlangen: Publicis Corporate Publishing. Hajibayova, L. (2013). Blog, news, ecommerce: Does genre matter for taggers?. NASKO, 4(1). Hawthorne, J. (2004). Ethics. Malden, MA: Blackwell Pub. Managed security service enables outsourcing of security. (2000). Network Security, 2000(9), p.7. Northcutt, S. and Northcutt, S. (2004). IT ethics handbook. Rockland, MA.: Syngress Pub. Oliva, L. (2004). IT security. Hershey [Pa.]: CyberTech Pub. Partida, A. and Andina, D. (2010). IT security management. Dordrecht: Springer. Rivard, S. and Aubert, B. (n.d.). Information technology outsourcing.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.