Sunday, April 4, 2010

Week 5 Questions - Ethics and Security

1. Explain the ethical issues surrounding information technology.
  • Intellectual property: The rights that protect the creative and intellectual work of individuals
  • Fair use doctrine: Is the material you are using able to be used under copyright laws
  • Copyright: The right to do, or use certain acts on intangible property not owned by you, such as a video or information from a website.
  • Pirated software: The unauthorised use, duplication, distribution or sale of copyrighted software, that is, using software that has been downloaded or duplicated and is not an original copy.
  • Counterfeit software: Software that is not real, but is manufactured to look that way.

2. Describe the relationship between an ‘email privacy policy’ and an ‘Internet use policy’.
  • Email privacy policy: A policy relating to the sending, receiving and storing of emails. Wirth emails being a common form of communication within a business, it has become necessary for business to introduce policies in relation to emails. It states how an email system within a business can be used and to what extent they have privacy over their emails.
    The email privacy policy an organisation has in place should include:
    - How employees are to use their email for private and non-employment purposes
    - State what activities are permitted and what are not (e.g. no spamming)
    - Detail what information from emails will be recorded and who has access to that information
  • Internet use policy: An internet use policy should be implemented in all business and details how employees are to use the internet, including what sites are allowed to be viewed and those of which are blocked, or banned (e.g. social networking sites such as Facebook).
    The internet use policy an organisation has in place should include:
    - The available internet services to employees and which of those sites are not to be visited
    - The position an organisation takes on the viewing of banned websites
    - Ethical use of the internet
    - The user’s responsibility for citing sources, properly handling offensive material and protecting the name of the organisation
    - The ramifications for breaches of the policy

3. Summarise the five steps to creating an information security plan.

1. Develop the information security policies: Who is responsible and accountable for designing and implementing the information security policies within the organisation. The chief security officer (CSO) is usually responsible for implementing these policies. Examples include having employees log off their systems and having them password protected.
2. Communicate the information security policies: Train all employees on the policies to ensure they are aware of their expectations.
3. Identify critical information assets and risks: Requires that all systems be installed with anti-virus software, as well as having user log-ins with passwords. All systems linked with external systems should have firewall installed for protection.
4. Test and re-evaluate risks: Continually perform security reviews, audits, background checks and security assessments.
5. Obtain stakeholder support: Gain approval and support on your information policies from the board of directors and all stakeholders.


4. What do the terms; authentication and authorization mean, how do they differ, provide some examples of each term.

  • Authentication: A method to confirm the identity of a user. It is the means by which you have the rights to access a system.
  • Authorisation: The process of giving someone permission to do or have access to something. This means that when you have accessed a system, what, within the system, you have access to.
    Authentication and authorisation broken down into three categories, which, when combined make the system secure:
    - Something the user knows, e.g. User ID and password
    - Something the user has, such as a smart card or token
    - Something that is part of the user, such as a thumb print or voice recognition

5. What the Five main types of Security Risks? Suggest one method to prevent the severity of risk.
  • Human error: Provide all employees with the necessary training and standards to abide by when using the computer systems.
  • Technical failure: Have a back-up system/ data recovery system in place where all data is stored and can be recovered
  • Natural disaster: Have an off-site back-up where copies of the data are kept in an off-site location
  • Deliberate act: This can be caused by viruses or by a disgruntled employee. Have anti-virus systems on all information and data systems
  • Management failure: Ensure managers receive training on how to correctly use information systems. An IT professional may be hired to manage these systems to keep data files in tact.
Posted by at No comments:

Week 4 Questions - E Business

1. What is an IP Address? What is its main function?

IP stands for internet protocol. An IP address is a unique number that is assigned to each computer in the world, which can be either public or private. The main function of an IP address is so that computers are able to communicate with each other.


2. What is Web 2.0, how does it differ from 1.0?

Web 2.0 is a set of economic, social and technology trends that together form the basis for the next generation for the internet. It is the current internet type that we are in now and is referred to as Live Web and is controlled by many people. It allows users to be more interactive; a 2-way service, through mashups, which allow users to use content from more than one source to create their own service. Social networking sites, such as Facebook and Myspace, blog sites, RSS (really simple sydnication) and Podcasts are common features of web 2.0.

Web 1.0 is a one-way web that is controlled by one person, where information was posted on a site and could only be read. It was a non-interactive/ passive web service.


3. What is Web 3.0?

Web 3.0 is about transforming the web into a database. Web 3.0 is based on metadata, which is the concept of tagging where all data is tagged to other data and is used to search for information. It is the process of using media to search for other media.


4. Describe the different methods an organisation can use to access information.

There are three tools that an organisation can use to access information. These three tools are;

  • Intranet – An intranet is a personalised and private section of the internet that is used for internal means, commonly used in businesses, universities and schools.
  • Extranet – An extranet is an intranet that is also available to strategic allies, such as customers, suppliers and partners, providing them with certain data about the company that is of benefit to them.
  • Portal – A portal is a website that offers a broad array of resources and services on the one page. It is personalised to the needs of the people it is targeted at. It features services including email, online discussion groups, search engines and online shopping.

5. What is e-Business, how does it differ from e-Commerce?

  • E- Business is the conducting of business on the internet, including buying and selling, serving customers and collaborating with business partners.
  • E- Commerce is the buying and selling of goods on the internet.



6. List and describe the various e-Business models? (Hint: B2B)

  • Business-to-Business (B2B) – Businesses buying and selling to each other over the internet. Online access to data is widely supported.
  • Business-to-Consumer (B2C) – This applies to any business that sells their products and services to consumers over the internet.
  • Consumer-to-Business (C2B) – Applies to consumers who sell their products and services to a business over the internet.
  • Consumer-to Consumer (C2C) – Applies to websites that assist consumers interacting with each other over the internet.

7. List 3 metrics would you use if you were hired to assess the effectiveness and the efficiency of an e-Business web site?


To assess the effectiveness and efficiency of an e-Business website, three metrics that could be used include;

  • How many people are visiting the website and the amount of revenue that is being generated by this
  • The length of time people spend on a website and the times they visit
  • The types of visitors on a website. Information on known visitors can be gained through their log-ins and registrations.


8. Outline 2 opportunities and 2 challenges faced by companies doing business online?


Opportunities

  • Available to access 24 hours a day, 7 days a week, 365 days a year to anyone all over the world.
  • Both small and large businesses are able to reach new markets at a lower cost than owning an actual business.

Challenges

  • Ensuring your customers details are protected at all times.
  • Opening an online business is a simple task and so there are many people online in the market from all over the world, which can make it difficult for you to market and sell your products.
Posted by at No comments:
Subscribe to: Posts (Atom)