Initial draft Report on Security and Ethical issues in Development of Business Systems

Introduction
Within legal boundaries, what you say and do in the privacy of your own home is your business. Particularly when it comes to digital information, that privacy and moral flexibility does not extend to the workplace. Common sense dictates that your actions in a public place are no longer private. People by nature consider their surroundings before saying or doing something that would embarrass them or offend others. When it comes to the workplace, the burden of maintaining a politically and morally correct environment falls on the employer as well as the employee. Apart from that, we are also discussing the threats in against and in defense needed for the performance and security of the business information systems, as well as their societal impacts and ethical implications of information technology, which also includes the slight change into the job description of business managers and business professionals, where they not only have to manage the business related matters but also be able to utilize the successful uses of the information technologies in a global environment and scenario(s).

Why technology for business managers?

By using the term successful use of the informational technologies and certain other gadgets, we mean how they apply themselves to comply with newer technologies, with respect to their managerial activities and how theyll be reducing the cost and increasing the efficiency level of both employers, and business organization, because in this era only those organizations are getting successful and become a bluefish, which opt for latest technology at the right place at right time, because it let them reducing the cost of production/services by efficiently utilizing their available resources.

Technology, should it or should it not?

Theres no question that the appliance of latest technology has brought many easiness in business matters and has had beneficial results as well, but as well as the detrimental effects on the society which gives rise to the security and ethical issues regarding invasion of privacy and certain other issues in significant ways, thats why in this report, were mostly concerned with several ethical issues regarding the use and application of information & technologies while affecting the employment, individuality, working environment and conditions, privacy factor and invasion of privacy, areas of crime and criminal activities such as cyber crimes etc, health and several other issues with their solutions to societal problem(s). In the digital age, the record of an the discussion can be important. If an employee views a website that another employee finds offensive, the record of that site visit can become hard evidence in a court of law. It's an attorney's dream to build a case with such evidence. Because the employee was not only at the workplace when the offence took place, but using the employer's equipment to commit the offense both will be held liable for the action. Only unambiguous evidence of the fact that the employee clearly understood stated rules against such conduct will limit the employer's liability. Employers can also seek to limit the content that is

Page 1

Initial draft Report on Security and Ethical issues in Development of Business Systems

available to the employees, but this can be an even heavier burden. Determining which content to block and how to effectively block may represent an overwhelming task. The censorship of information will pose a difficult ethical situation for an employer. In addition, blocking unwanted content while still maintaining open access to the Internet can be virtually impossible. The appropriate use of digital communications such as email and text messaging is another area that must be clearly understood by the employee and it is the employer's responsibility to set the guidelines. Many employees need to be taught that text based communications can be more often misinterpreted than spoken communications because other verbal and body language cues are not present. An offhand remark while both parties are laughing can have a markedly different connotation when viewed as an email message on a bad day. It is also necessary for the employee to understand that once the email is sent, there is little control over who else sees it. And again, there is a digital record of this communication that lasts far longer than the spoken word. In this digital age, it is the responsibility employers to guide their employees on the proper use of information systems. Without such guidance, the workplace can become an offensive atmosphere with significant ethical and legal consequences for the employer. Apart from that were also concerned with several types of security management precedence, and strategies with their defense theories, which explains how these can be used in order to ensure the security concerns of business related applications related to information technologies. Although in this report, we are not only concerned with putting light onto the problems, business organizations face with regards to information systems and information technologies regarding security and ethical grounds, we also tried our level best to put give some proposed suggestions, which we feel can reduced the effect of the security and ethical concerns for business requirements and environments, which is the main criteria of compilation of this report, because we feel that with every problem, there should be some solutions to them so that challenges faced by the business organizations can be reduced and/or minimized to a certain extend.

Our responsibilities as business professionals

Risk and business are said to have a side-by-side relationship, therefore as business professionals, we should always remember that theres risk in every step we take which we always have to have at the back of our minds, apart from that responsibility also falls onto our shoulders to promote ethical usage of information technology whether at the work place, which includes proper performance of our roles as the vital human resource in the business systems, which could help us enabling and developing your skills in the organization, as being a manager of business professional itd be our responsibility to make decisions about business activities and the use of information technologies/gadgets which can pose a direct or an indirect security cum ethical threat.

Several security and ethical instances

For instance; you tend to record all business activities of your organization but on the same time, youre creating privacy and ethical problems for your workforce, in compiling records of their

Page 2

Initial draft Report on Security and Ethical issues in Development of Business Systems

private made phone-calls or emails, which could be made either to the supplier or a manufacturer who could be a close friend of yours, so in that case, you wont be talking with him in serious and formal tone, but because theres record keeping procedure going on, the employee might get into some sense of uncomfortable mode. The only way such situations can be handled is can be having mutual understand and communication between higher and lower personnel and on the same time, a simultaneous horizontal and vertical communication between the masses so that a mutual understanding can be made between both ends.

Situation in Pakistan
Even in Pakistan, we experience such cases where branded computer systems which are imported to Pakistan, at times do come with software with legal and valid license keys, which includes operating systems that includes such information like the persons name and other information on the barcodes, because of which a user in Pakistan is privileged to use a legal software on the name of other person who lives thousands of miles away from him.

Situation for a home user

Similar is the case when it comes to networking with portable devices where most of the data is transferred through wireless medium like WIFI and Bluetooth, which can be easily extracted in-between (by in-between we mean between sender and the receiver), therefore a person with a technical mind would not suggest sharing vulnerable, precious, or confidential data or information on a fragile medium. There have been such instances, that a person was able to decode a WIFI device password in neighbor and started using internet using that account, thats also ethical and moral issue which should be addressed on large scale.

Public Places
This was on micro level, when it comes to macro level, when in an organization like banks, airports, railway stations, coffee shops etc which are referred to as public arenas, and therefore sharing your valuable and/or confidential data like your passwords or credit card numbers, on that scale is not recommended because it can easily be extracted and can be used in terrorists or spamming purpose. Thats why in places like mentioned above are not recommended places to share personal data.

Ethical problems in organizations

On the other hand, organizations do emphasize with their employees not to store their passwords, credit card numbers, and software license keys (when it comes to system administrators) on organizations network, and if theyve account of some sort i.e. email

Page 3

Initial draft Report on Security and Ethical issues in Development of Business Systems

addresses, bank account etc, their passwords should be different from the ones they use in the in organization when they access organizations network like intranet etc. Similar is the case when organizations outsource just to cut-out their cost, but it also overheads private and confidential data of their organization which can include the data of their consumer base, to the third party, which is the risk organizations take when they outsource, although theres a legal obligation in contracting the terms but still theres not certainty of any kind that the information cant be forwarded ahead.

Ethical Dilemma on micro level like students in educational institutions

Even in school, colleges and universities where websites like Facebook, MySpace, Orkut, and Google+ are prohibited to be used by the students within institution jurisdiction, but still there have been many cases that pupil bypass such proxies by different software and gadgets (gadgets like USB stick, or portable wireless modem and connecting through the internet on that medium) to view them, which also creates an ethical dilemma, by violating the internet usage policy of the institution.

In a nutshell
In a nutshell, we can say that Information is a source of power and, increasingly, the key to prosperity among those with access to it. Consequently, developments in information systems also involve social and political relationships-- and so make ethical considerations in how information is used all the more important. Electronic systems now reach into all levels of government, into the workplace, and into private lives to such an extent that even people without access to these systems are affected in significant ways by them. New ethical and legal decisions are necessary to balance the needs and rights of everyone. with the advancement of technology, apart from some pros, there have been cons along with, and therefore being a business manager, its our responsibility to tackle with such issues, as they can create problems or some sort for the organization in near future, as we are concerned with business management, managers do need themselves to equipped with latest technological knowledge so as to they can have a look into business activities and can efficiently manage their operations in-office and out-of-the-office activities, which also enables them to reduce cost and on the other hand allows them to keep note of the activities in-the-office but on the other hand posed issues like security when you outsource and ethical problems when you take note of the employees or employers in-office-activities whether theyre breaching the companys terms and conditions or not, which can pose such doubts in ones mind like invasion of privacy, sharing of personal data when outsourcing (which can be sold to third party or can be used in spamming), or decrypting a limited usage network into full by means of using proxys, hacking, cracking, creating fake serial numbers etc are only some of the widely experienced social and ethical issues, which were going to be discussing more briefly in the report. Further, Ethics include moral choices made by individuals in relation to the rest of the community, standards of acceptable behavior, and rules governing members of a profession. The broad

Page 4

Initial draft Report on Security and Ethical issues in Development of Business Systems

issues relating to electronic information systems include control of and access to information, privacy and misuse of data, and international considerations. All of these extend to electronic networks, electronic databases, and, more specifically, to geographic information systems. Specific problems within each of the three areas, however, require slightly different kinds of ethical decisions. In continuation we also discussed legal decisions in technical developments. Ethics filling the gap as people negotiate how use of electronic information should proceed. The following notes define the broad ethical issues now being negotiated. Since laws deciding some aspects of these issues have been made, these notes should be read in conjunction with Legal Issues in Electronic Information Systems. Further, well also discuss why Electronic networks ARE established as a reliable means of communication and as a means for exchanging information efficiently! Large networks represent new sources of power. In order to create reliability and efficiency in communication, networks were structured so that the movement of information would not depend on --and could not be controlled by--another person or computer. As a result, the larger networks have become anarchic. Ordinary people with relatively few resources can communicate ideas and information, however uncommon, unpopular, or politically sensitive those ideas or information may be, to millions of other people around the world. No government, no hierarchical system exerting either repressive or benign influence, not even the simple constraints of time and money, will have quite the same control they once had over the flow of information as long as the networks operate as they now do. For some people, the networks therefore contain exciting possibilities; for others they have become a threatening, even subversive, new presence.

Page 5