...A REPORT ON ICT ARCHITECTURE AND SECURITY Prepared for: Justin Debuse Submitted: 31. October 2008 Prepared by: André Nordal Sylte University of the Sunshine Coast Word count: 1665 Executive summary This report, authorised by Justin Debuse in Introduction to ICT, BUS108, looks at ICT architecture and security in an organisation. This report found that the major security threats within an organisation’s ICT are; Cracking into an organisation’s wireless intranet in search for vital corporate information; Former employees accessing wireless intranets and extranets without authorization; Information sent via an extranet could be intercepted in its transit; Viruses and Trojans accidentally downloaded by employees and been spread around the LAN. Solutions to these threats are; WiFi protected access (WPA) password and hide the network; ICTs should be protected with a login screen for the users; To secure an extranet, organisations should use a virtual private network (VPN); Any organisation should provide basic training in how to detect viruses and Trojans. This is a proactive way to prevent an infection in a whole organisation’s LAN. This report also found that the major legal and ethical issues within an organisation’s ICT are; Employee monitored by computer technology and in the building; Privacy on e-mail stored on an organisation’s computer; Illegal and offensive use of an organisation’s...
Words: 2419 - Pages: 10
...Ethical and Legal Responsibility of an Organization Chadwick Slaughter Walden University The issue of public policy has changed dramatically over the years and the privacy of consumers has received considerable attention. The evolution of the Internet has produced a number of diverse concerns regarding the issue of confronting consumer protection for both international and domestic consumer privacy. High profile organizations are exposed to many breaches of personal information and puts these particular organizations are at risk of reputational damage and understanding the scope of an organization’s responsibilities for information security professionals is an absolutely essential. IT security professionals play an important roles managing liability for privacy and security risks for an organization in today’s world where hefty reparations can be bestowed to plaintiffs who place lawsuits upon organizations. Damages can range from big to small and can sometimes be retaliatory. Minimizing liability and reduce risks for an organization from physical and electronic threats can be a daunting task for information security specialists. This specialist must thoroughly comprehend the current legal environment, regulations, laws, and stay current with emerging issues regarding the responsibility of securing not only the companies’ vital information, but also consumers and users alike. An organizations responsibility to educate all employees all obligations and the proper use of...
Words: 881 - Pages: 4
...Legal and Ethical Issues Relating to Business Information Introduction I this task I’m going to explain the legal and ethical issues in relation to the use of businesses information and also I’m going to explain operational issues as well in the last park of the task i going to analyse the legal ethical and operational issues using appropriate examples . Most people do not feel safe in putting or giving their personal details on different social networks like Facebook and Twitter and another organization who uses the personal detail from the people or customers , the reason being of many hackers invading other people's privacy this also can happen with many businesses as well such as Tesco ,Asda e.g. if they do not have a security system to keep them safe . Legal Issues These are various items of legislation to protect the use of business information. Data Protection Act 1998 is one of the legal issue business information. Many businesses store use information about people. The Data Protection Act protects information held about people from being misused. The information stored by businesses on databases must be: ✓ Obtained fairly and lawfully ✓ Used only for the purposes stated during collection ✓ Adequate, relevant and not excessive in relation to the intended use ✓ Accurate and up to date ✓ Not kept for longer than necessary ✓ Processed in line with your rights ✓ Subject to procedures to prevent unlawful processing, accidental loss, destruction...
Words: 2188 - Pages: 9
...|[pic] |Syllabus | | |College of Information Systems & Technology | | |CMGT/582 | | |Security & Ethics | Copyright © 2010, 2009 by University of Phoenix. All rights reserved. Course Description The ethical issues examined in the course include information privacy, accessibility, and ownership from an organizational perspective. Information laws, regulations, and compliance requirements are examined in this course as well as the considerations for creating a safe digital environment within the organization. Policies Faculty and students or learners will be held responsible for understanding and adhering to all policies contained within this syllabus and the following two additional documents: University policies: You must be logged into the student website to view this document. Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies...
Words: 2637 - Pages: 11
...Administrative Ethics When it comes down to ethical issues involving administration, some aspects always seem to be overlooked. On May 17, 2011, Ricardo Alonzo-Zaldivar wrote an article for azcentral.com relating to the vulnerability of electronic medical records and its effects on patient privacy. In this document I will be discussing the issue on patient privacy and confidentiality. I will be touching base on the population it affects, arguments used within this article that support electronic medical records, ethical and legal issues involved. Along with the issues I will be discussing the managerial responsibilities and proposed solutions that may help in maintaining patient privacy under regulation that are being proposed within this article. The issue on patient privacy is nothing new and out of the ordinary within the health care field. According to the American Medical Association’s (AMA) Council on Ethical and Judicial Affairs the main purpose of a healthcare professional’s ethical duty is to maintain patient confidentiality and to allow the patient to be able to make a truthful disclosure of their personal information to the physician placing their trust that the physician will protect the confidential nature of the information disclosed. Unfortunately, physicians cannot entirely control the access to electronic medical records. If patients distrust and have the anxiety that their medical records will not be private, they might tend to tell their doctors less, or...
Words: 1061 - Pages: 5
...Security Organizations: Goals and Objectives Security companies and organizations develop and establish goals to aid and help them build a profitable and successful long-term business. The security market has a wide variety of activities from physical to information security. Even with the wide variety range, all of the objectives and goals are basically the same from company to company. An important way that a security operation or company establishes goals and objectives is through the relationship that it builds with its' customers. It also meets its goals and standards by the product it puts out to the people who have hired their services. The organizations must also focus on the type of tactics it uses for recruitment, as well as retentions practices to maintain quality employees. A vital element of security operations is confidentiality. Confidentiality is the backbone of security, without it then the operations are not secure. This is crucial for all employees and employers in the field of security due to the nature of the business. There are many legal aspects and issues that deal with organizational security. One of the major legal issues is the fragile information system used within the organizational companies. This could deal with personnel files, company policies, and even financial records dealing with the company or client. There must be preventative measure in place to guarantee the privacy of this information. In regards to this, there must be...
Words: 827 - Pages: 4
... There are a plethora of issues concerning patient privacy, confidentiality, and HIPAA. Unfortunately, these are issues that have arisen more recently; patient privacy and confidentiality wasn’t a largely disputed issue before the introduction and increase of health information technology implementation and usage. According to the Center for Democracy and Technology, “Health information technology has tremendous potential to improve health care quality and reduce costs while empowering patients to play a greater role in the management of their own care. At the same time, however, electronic storage and exchange of personal health information poses risks to privacy. Unaddressed, privacy concerns can stand in the way of realizing the benefits of health IT, for neither patients nor providers will make full use of a system they do not trust.” One has no choice but to take the two into consideration: do the speed, accuracy, and reduced cost of health information technology outweigh the potential privacy concerns? As stated in a brief article published by the National Center for Biotechnology Information, “The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable.” While these may not be considered issues that pose a serious, heavy threat or...
Words: 1190 - Pages: 5
...Interviews and Interrogations Policy Paper Name SEC/360 Date Instructor In the security and law enforcement industry, interviews and interrogations are a way that officers can gathers facts and information about a situation, incident, or case. For security and law enforcement officers interviews and interrogations play a key role in building and solving cases. This paper will discuss the comparison and contrast between security interviews and security interrogations, the legal issues associated with security interviews and interrogations, and finally a security organization policy on conducting security interviews and interrogations. Interviewing and interrogating suspects are two important but separate vital aspects of collecting information about criminal activity. The difference between an interview and an interrogation is that security professionals conduct interviews, and law enforcement officers can conduct both. When a security officer conducts an interview, the main purpose is to collect information from individuals who may have witnessed a crime. At first, the facts are not known and the individual is not accused of a crime, and the setting is meant to be comfortable and have an open dialogue. With interrogations the goal is to obtain reliable information to provide to the prosecutor and to the judge or jury so they have an accurate account of the crime. The setting of an interrogation is formal and in a controlled environment conducted, only...
Words: 1710 - Pages: 7
...protecting the privacy of patient information is a primary concern, and many organizations have taken additional security measure to protect their patients. With the advancement of technology follows the growing concern of ethical and legal dilemmas. There are several important issues, which are involved when it comes to an individual’s personal information and you add technology. With the Affordable Care Act just around the corner and millions of Americans scrabble to meet the deadlines to gain healthcare, raises the question are Americans information protect on the HealthCare.gov website. Americans are concerned with privacy issues and the government possible using their information. We will review an article related to privacy concerns over personal information submitted on the Obama Care website, determine what issues and the impact on population it affect most. We will explore the arguments and the facts that are used in the article to support the proposed solution. We will examine the ethical and legal issues reported, and explain the managerial responsible related to administrative issue. In addition, we will identify any proposed solutions to the allocations. As the world of technology grows with everything we need at our fingertips, from our tables, smart-phones, and laptops this leave us open to the arising challenges of legal and ethical issues. Technology has eased its way as becoming a part of American Society, and information technology has rapidly advanced...
Words: 1139 - Pages: 5
...NORTHCENTRAL UNIVERSITY ASSIGNMENT COVER SHEET Learner: Terry L Green THIS FORM MUST BE COMPLETELY FILLED IN Please Follow These Procedures: If requested by your mentor, use an assignment cover sheet as the first page of the word processor file. The assignment header should include the Learner’s last name, first initial, course code, dash, and assignment number (DoeJXXX0000-1) justified to the left and the page number justified to the right. Keep a Photocopy or Electronic Copy of Your Assignments: You may need to re-submit assignments if your mentor has indicated that you may or must do so. Academic Integrity: All work submitted in each course must be the Learner’s own. This includes all assignments, exams, term papers, and other projects required by the faculty mentor. The known submission of another person’s work represented as that of the Learner’s without properly citing the source of the work will be considered plagiarism and will result in an unsatisfactory grade for the work submitted or for the entire course, and may result in academic dismissal. | | BTM8102-8 | Kris Iyer, PhD | | | Business Research Methodology | GreenTBTM8102-2 | | | <Add Learner comments here> ------------------------------------------------- ------------------------------------------------- ------------------------------------------------- Faculty Use Only ------------------------------------------------- <Faculty comments here> ...
Words: 2699 - Pages: 11
...Kudler Fine Foods’ Information Needs Kudler Fine Foods’ have a significant starting platform for their key business and information needs. With three stores and the profitability to increase their numbers in the future, it is necessary to evaluate Kudler Fine Foods in order to facilitate any technology changes needed to decrease the chances of growing pains in the foreseeable future. Keeping Kudler Fine Foods in a competitive position through technological growth will allow the company to expand and persevere in hard economic times. Kudler Fine Foods has three stores that are all connected through a T3 dedicated line. This allows all stores to remain in proper communication with the other stores and helps each store assist the others when needed. Strengths Kudler Fine Foods has many strengths in their information systems. The Retail Enterprise Management System (REMS) that Kudler Fine Foods received from Smith Systems Consulting laid the groundwork for an effective information system however; there are areas of needed improvement. The REM system came with a General Ledger module, Accounts Payable module, Point of Sale module, Bank Reconciliation module, and installed backup generators to assist in times of power failure. Kudler Fine Foods also has a dedicated T3 line that connects all 3 of their stores together. This line allows to effortless communication between administration and their stores so that information is ready quickly and easily when needed. Weaknesses...
Words: 1049 - Pages: 5
...IS3350 Security Issues in Legal Context QUIZ 1 IS3350 Assessment Answer Key Revision Table Change Date Implementation Date Updated Section Change Description Change Rationale 07/11/2011 All New Curriculum New Curriculum September 2011 December 2011 12/02/2011 Q12 and Q32 1) Final Exam Q12: Answer Key modified 2) Final Exam Q32: Both question and Answer Key modified Corrections -1- Change Date: 12/02/2011 IS3350 Security Issues in Legal Context QUIZ 1 Quiz 1 Answer Key Question Number Correct Answer Course Objective Tested 2.1, 2.5 2.3 2.3 1.3 2.5 Reference in Course Source Page (s) Ch 2, p. 37 Ch 2, p. 38 An Introduction to Law and Information Security Issues Ch 2, p. 38 Ch 2, p. 41 Ch 2, p. 56 1. 2. 3. 4. 5. b a b a c -2- Change Date: 12/02/2011 IS3350 Security Issues in Legal Context QUIZ 1 Quiz 2 Answer Key Question Number Correct Answer Course Objective Tested 4.1-4.2 4.2 4.2 4.3 4.4 Reference in Course Source Page (s) Ch 4, p. 94 Ch 4, p. 95 An Introduction to Law and Information Security Issues Ch 4, p. 93 Ch 6, p. 147 Ch 6, p. 161 1. 2. 3. 4. 5. c b c b b -3- Change Date: 12/02/2011 IS3350 Security Issues in Legal Context QUIZ 1 Quiz 3 Answer Key Question Number Correct Answer Course Objective Tested 5.2 5.4 5.1 6.3 6.4 Reference in Course Source Page (s) Ch 5, p. 135 Ch 7, p. 187 1. 2. 3. 4. 5. a c c b d An Introduction...
Words: 868 - Pages: 4
...development of a system that tracks customer purchases through a Frequent Shopper Program that will reward points for the loyalty of Kulder’s customers, which can then be redeemed for gift items. In doing so, there are many legal, ethical, and security aspects for Kulder Fine Foods to consider in developing such a program for its loyal customers. Kulder Fine Foods will need to employ a secure E-commerce website that will allow customers to buy items online and track reward points through a member portal using a customer identification number. Customer identification numbers or member numbers can be acquired either online through the stores E-commerce website or at a physical Kulders store location. The Security aspect of the E-commerce system that Kulder will be using, will need to be secured by a system to protect the sensitive data, such as customer names, addresses, credit card numbers, and other important data. Implementing a secure transaction platform is also a very important requirement for any E-commerce program. This will provide customers with a secured portal for their purchases and will limit financial and legal risks to both the customer, and Kulder Fine Foods from compromised transactions. There should be different levels of access security for all of the IT components making up the server system that will be storing sensitive data on mainframes and the networks controlling the E-commerce transactions over various Internet Service Providers (ISPs) as malicious...
Words: 703 - Pages: 3
...and trends will be on legal and regulatory, economic, competitive analysis, structures, innovations, technologies, and leadership. To critique how well the organization adapts to change. Analyze the supply chain operations of Sprong Security Financial Services. Identify issues and/or opportunities of the company major issues, to generate a hypothesis for each issue, research questions to use for conducting analysis. Identify the circumstances surrounding each issue, classify the issue, attribute the importance of each classification, and test the accuracy of each classification. Legal is appointed, established, or authorized by law; deriving authority from law (Definitions- Legal, 2011). Regulatory is restricting according to rules or principles (Definitions - Regulatory, 2011). The laws and regulations for an accounting service and the insurance are the HIPAA Law, to have a lawyer on retainer for legal business, and keeping updates on the new tax laws for federal, state, and local. The federal trade commission is very big in any business because they regulate how an advertisement is being published to the public. The advertisement has to be honest, positive, and to be able to back up what the advertisement have to say. The HIPAA Law consists of the privacy of each client, for their information does not be leak out to anybody without their permission to do so. Economic is the study of how people choose to use resources. Sprong Security Financial Services economic...
Words: 1567 - Pages: 7
...member, and foster a stable platform for efficiency in operations. In this paper I will discuss the potential legal, ethical, and specific costs related to the issues of developing a frequent shopper program. Finally, I will discuss how this information system has an effect on the organizational structure. The loyalty rewards program has many benefits to both the customer and the company; however, there are legal concerns that must be addressed. Membership will begin on a sign-up basis. Customers who want a membership will provide personal information and be subjected to legal terms, privacy agreements, and security policies. Sensitive data is collected at different times in conjunction with loyalty programs. The first instance is created during the loyalty card application. The second instance develops when purchases are recorded, and finally when the spending histories are recorded; creating a consumer profile. Kudler has illustrated what information it will collect in the Database Diagram – PNG under customer table. This information includes Full Name, address, phone number, anniversary, e-mail address, and date of birth. Class action lawsuits can develop if a customer believes his or her privacy has been compromised. Cost for legal representation, governance fines, and legal awards can reach millions of dollars in penalties. Ethical concerns can be an issue, but asking customers to provide...
Words: 732 - Pages: 3
