Information Security And Ethics
Information Security And Ethics
The development of computer technology has largely revolutionized world. It has been able to remove the restriction of geographical proximity in the business and communication. However, this invention has had some follies. The amount and kind of information that is being stored in the computers travelling of the networks has brought the need for security (Mattord, H & Whitman, M 2010). Information security can be referred to as protecting the information systems and information from unauthorized use, access, modification, disruption, inspection, perusal, and recording. Information security aims at protecting the integrity, confidentiality, and availability of the information (Gattiker, U 2004). The development of security for the computers brought the need for the legal system so that to prosecute the perpetrators. The limitation of the legal system brought the need to have ethics. Ethics can be referred to the standards and principles that guide the behavior of people.
An ethical behavior results from the ability to reasoning through the new problems as they continue to arise in the profession that one is in. it usually grows from the continued understanding of the principles and how they are applied in the different situations. These situations that are applied in cannot be imagined or predicted during the present time. With thoughtful and reasoned response to ethical problems, that is the only time for people to behave in an ethically manner (Grama, J 2011). Privacy of information is a major ethical issue that should be considered, and the right to privacy is the law. There are new changes that the technology poses for ethics. Privacy related to confidentiality, and it is one of the barriers that are affecting the growth of e business. People are extremely concerned with the privacy of their information being violated because of the web interaction.
Confidentiality
In information security, confidentiality is a term that is used in prevention of disclosure of information from systems and individuals who are unauthorized. An illustration of how confidentiality applies in information security is a credit card transaction. During the transaction, the internet normally requires the number of the credit card to be sent out from the buyer to the seller. This system enforces confidentiality during transmission by encrypting the number of the card and by restricting access to place it is stored (Grama, J 2011). Confidentiality is essential for maintaining the privacy of the information that is being help by the system for people.
Integrity
Integrity in information security means that data cannot be undetectably modified. The violation of integrity normally occurs when the message is actively modified while in transit (Grama, J 2011). The different information security systems usually provide message integrity and also the confidentiality of the data.
Availability
In order, for any information to be able to serve its purpose, it is a must for information to be available when it is needed. The availability of information means that the systems that are used to process and store the data, the security controls for protecting it and the communication channels should be functioning correctly (Grama, J 2011). The availability systems must be available at all times, preventing the disruption of services caused by power shortage, system upgrades, and hardware failures.
Information security and ethics
Most of the professional groups usually have rules that govern their ethical behaviors while they are in the work place. Lawyers and doctors who tend to violate the canons of the profession may be removed from practice. Information technology is different from the legal and the medical fields (Quigley, M 2008). In information security, there is no binding code of ethics. Instead of the code of ethics, professional associations like the information security system association and the association of computing machinery, work in the establishment of the profession’s ethical codes of conduct. These organizations prescribe the ethical code of conduct, but they have no authority to banish violators from their practice.
The information security professionals are usually afforded the trust and responsibility of protecting the availability, integrity, and confidentiality if the information of an organization. It is necessary to ensure that these professionals hold themselves and their discipline to the highest ethical standards and professional conduct. There are diverse responsibilities and scope that are provided by the information security professional (Quigley, M 2008). The services that are provided are critical to the success of the overall success of the organization and the security position of the information technology community. With this responsibility, the information security professional is supposed to uphold some standards of ethics that will guide them in the practice of information security. The information security profession plays a significant role in the approach of the organization in managing liability for security and privacy risks.Ethics in information security will involve ensuring the confidentiality of the customer’s business information and mechanisms that are protective of information are essential. It involves never sharing the information of a client with the software vendors. The information security professionals should ensure that information that need to be shared to be provided maximum protection (Gattiker, U 2004).
Ethical issues in information security
Ethics are objectives, which mean that they cannot be forced on an individual. Different people have different ethical beliefs. However, some social standards should be set regarding the use of computer resources (Mattord, H & Whitman, M 2010). It is likely for cultural differences to make it hard for one to determine what is ethical and not ethical when using computers. People who are from different nationalities have differing perspectives and difficulties may arise if the ethical behavior of a nationality violates the ethics of the other one. In the Asian culture, the way they use computer technology is software piracy. The ethical conflict arises from the Asian tradition of collective ownership that tends to clash with the protection of the intellectual property.
The attitude towards ethics of computer use are normally affected by very many factors not only the nationality. There are differences that can occur which are found with people in the same country, same company, and the same social class. In order to ensure ethics in information security, it is necessary for employees to receive training and be informed of the number of topics that are related with information security. This is extremely essential in information security because most employees do not have the formal, technical training that will enable them to know that some of their behaviors are unethical or illegal (Quigley, M 2008). Proper legal and ethical training is vital for creating well prepared, informed and low risk system users.
Despite the fact that ethics cannot be forced on people, they can be molded and then modified so that they can suit situations in a much easy manner. Therefore, it is the responsibility of organization and groups to make sure that they establish the code of ethical behaviors that individuals will strive to achieve and also live by so that to ensure security of information. It is the responsibility of the information security professionals to make sure that they act ethically according to the procedures and policies of their organizations, employees, and laws of society (Mattord, H & Whitman, M 2010). Ethical behavior fork information security will involve not providing private information to unauthorized people, not using another person’s computer with no authorization, not stealing another person computer, and not snooping around the information of other people.
Conclusion
The computer systems are normally targeted by different kinds of attacks. The information that is usually stored in the computers is supposed to be provided with enough security. The amount and kind of information that is being stored in the computers travelling of the networks has brought the need for security. This is to ensure that people who rely on computers to keep their private information safe receive enough security. Information security should make sure that it protects the information from unauthorized access. In most cases, in order for organizations to ensure that their information receives maximum security they should limit the people who have access to that particular data. Employees in the organization should behave ethically and make sure that they follow the code of ethics. Organizations should establish the code of ethics that the members are supposed to follow so that they can encourage ethical behaviors.
Reference
Gattiker, U (2004). The information security dictionary Springer publishers
Grama, J (2011). Legal issues in information security Jones & Bartlett publishers
Mattord, H & Whitman, M (2010). Management of information security Cengage Learning
Mattord, H & Whitman, M (2010). Roadmap to information security Cengage Learning
Quigley, M (2008). Encyclopedia of information ethics and security Idea Group Inc
Is this your assignment or some part of it?
We can do it for you! Click to Order!
