MIS Security & Ethical Issues - Management Information systems

What are security and ethical issues?

Security of an Information System

Information system security relates to the way the system is protected against unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
There are two major aspects of information system security:
  • Security of the information technology used - securing the system from malicious cyber-attacks that tend to break into the system and can access critical private information or gain control of the internal systems.
  • Security of data – when critical issues are faced such as natural disasters, computer/server malfunction, physical theft etc, it is suggested to ensure the integrity of data. Generally an off-site backup of data is kept for such problems.

Guaranteeing effective information security has the following key aspects:

  • Need to Prevent the unauthorized individuals or systems from accessing the information.
  • Maintaining and assuring the accuracy and consistency of data over its entire life-cycle.
  • Ensuring that the computing systems, the security controls used to protect it and the communication channels used to access it, functioning correctly all the time, thus making information available in all situations.
  • Ensuring that the data, transactions, communications or documents are genuine.
  • Ensuring the integrity of a transaction by validating that both parties involved are genuine, by instilling authentication features such as "digital signatures".
  • To ensure that once a transaction takes place, no other party can deny it, either having received a transaction, or having sent a transaction. This is called 'non-repudiation'.and shared in network systems.

Information Systems and Ethics

  • Information systems bring about immense social changes, threatening the existing distributions of power, money, rights, and obligations. It also raises new kinds of crimes, like cyber-crimes.

Following organizations promote ethical issues:

  • The Association of Information Technology Professionals (AITP)
  • The Association of Computing Machinery (ACM)
  • The Institute of Electrical and Electronics Engineers (IEEE)
  • Computer Professionals for Social Responsibility (CPSR)

The ACM Code of Ethics and Professional Conduct

  • Strive to achieve the highest quality, effectiveness, and dignity in both the process and products of professional work.
  • Acquire and maintain professional competence.
  • Know and respect existing laws pertaining to professional work.
  • Accept and provide appropriate professional review.
  • Provide comprehensive and thorough evaluations of computer systems and their impacts, including analysis and possible risks.
  • Honour contracts, agreements, and assigned responsibilities.
  • Improve public understanding of computing and its consequences.
  • Access computing and communication resources only when authorized to do so.

The IEEE Code of Ethics and Professional Conduct

IEEE code of ethics demands that every professional vouch to commit themselves to the highest ethical and professional conduct and agree:
  • To accept responsibility in making decisions that are consistent with the safety, health and welfare of the public, and also to disclose the factors that might endanger the public or the environment;
  • To avoid real conflicts of interest whenever possible, and to disclose them to the affected parties when they do exist;
  • Based on available data, you need to be honest and realistic in stating claims or estimates.
  • Do not accept bribery in all its forms;
  • To improve the understanding of technology, its appropriate application, and potential consequences;
  • To maintain and improve our technical competence and to undertake technological tasks for others only if qualified by training or experience, or after full disclosure of pertinent limitations;
  • To seek, accept, and offer honest criticism of technical work, to acknowledge and correct errors, and to credit properly the contributions of others;
  • To treat fairly all persons regardless of such factors as race, religion, gender, disability, age, or national origin;
  • To avoid injuring others, their property, reputation, or employment by false or malicious action;
  • To assist or help colleagues and co-workers in their professional development and to support them in following this code of ethics.

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Management Information systems Topics