Information Security and Ethics



Contents

Introduction3

Discussion3

Measures/Policies that Should be Implemented5

Ban Inappropriate websites5

Control Email Risk5

Use of anti-virus software6

Efficient use of System6

Conclusion7

References8

Information Security and Ethics

Introduction

Whether an Organization is a mid-sized or a small business, an access to websites or Email can put the organization's reputation and security on risk. Misuse of emails or internet can cause serious harm to the organization and proper policies should be defined and implemented to avoid this. E-policies or security policies are the policies which are designed to protect the organizations from external threats such as hacking activities and threats to the computer hardware and software. Nowadays, organization's security is surrounded by lots of threats. Hacking is a very common Internet threat which can be implemented by many procedures. An unauthorized user can gain access to the computer network to steal the intellectual property which may contain important secrets such as the chemical formula, or personal data. Email is another source of Hacking. Phishing activities are very common nowadays. Hacker can generate an Email which containing a link of a fake website and ask the user to enter the personal or company's information. The result is online theft and loss of intellectual property. In order to protect an organization from these thefts, organization must make sure that the security policies are strictly followed by every employer.

Discussion

Information is a very vital resource for any organization. Security tools can minimize the problems associated with the theft of the information. Encrypting the data files and passwords can avoid the usage of the data if it is been stolen. Encryption requires algorithm to be applied on the data to make it a code. Even if it is stolen by a hacker, he would not be able to use it. Firewall is software and hardware based security tool which filters the incoming and outgoing data in the network (Devendra Kumar, 2011, Pg 4). It establishes the secure networks and removes any unwanted or unauthorized networks. This software and hardware based tool should be maintained and used in an organization to avoid the hacking activity.

Email is a very important tool of communication widely used nowadays. Through Email communication, user can send attachments, and it is also one of the fastest ways of communication. On the other hand, they can be a security risk for an Organization. Contents of the Email are not encrypted and transmitted in clear language. By any available tools, an unauthorized person can read the Email and hence can result in theft of data. It is also possible to send an Email with the name of another legal person or Organization. For example, a fake Email in the name of some legal person or organization can direct the user to a fake website and asks to enter personal information or company's information. These activities can result in online theft.

Virus and malware activities can also harm the organization's security. Virus is a self replication code which can harm both the software and hardware. They can damage important files and give access to unauthorized ...