HOME STUDY - IT CERTIFICATE
A sound introduction to using computers
A broad foundation course for anyone seeking entry into a career with computers. It is also a good course for people looking to complement their existing careers with IT knowledge.
No previous IT experience is required to undertake this course.
Note that each module in the Certificate In Information Technology is a short course in its own right, and may be studied separately.
WHAT ARE LEGAL AND ETHICAL ISSUES FOR I.T. PROFESSIONALS
When we think about ethics, we think about having an understanding of what is right and wrong – that is a ‘society’ accepted proper course of action in a given situation. Ethics and ethical standards can be applied to any situation.
Ethics in business are specifically about developing business or company values. The ethics of any business are a guide to what is appropriate and what is not within the scope of that particular business. Ethics of IT professionals are extremely important for a number of factors, mostly because of the nature of data and information which can be accessed. The next part of this lesson is an outline of ethics which are relevant to IT professionals.
Ethical issues facing IT professionals
There are many ethical issues facing IT professionals nowadays, most of them involve data privacy and data security, but others are ownership, control and accuracy.
Some examples include:
- Given that network and system administrators in most organisations would generally have access to the e-mails of all the employees, is it okay for them to read some of those emails, just because they can? Would it be okay to read those emails as a security measure, to make sure that employees are not disclosing confidential and private company information to unauthorised people?
- If the system administrators read emails from the employees working in their company, should they disclose this policy to them or not? If they should, is it better to do it before or after they’ve read their private emails?
- Are system administrators allowed to monitor and keep a log of the websites visited by the employees?
- Some network and system administrators might decide to install key logger and screen capture software on all or selected computers on the network to capture and save all what the employees type and view. Is it ethical to do so? Should they notify the users that they are being watched?
- Is it okay for system administrators to access documents, files and personal photos of other employees when they are stored on their work computers or on the file servers?
Legal issues facing IT professionals
There are multiple threats to information systems. The most important ones are listed below:
- Collecting and using information in an illegal way,
- Developing and distributing software which can break information systems,
- Having information leaks in visual channels, electric channels, radio channels, and other technical channels,
- Damaging or stealing computer systems or other IT equipment,
- Intercepting data in computer networks and lines of communication,
- Accessing database information by unauthorised personnel,
- Distributing data in such a way as to cause an infringement of the legal restrictions set for information distribution.
The necessity to have adequate information legislation in place is crucial to the successful application of information technology in organisations and businesses. Although current laws are not able to cover all the problems related to information technology, successful information legislation should be developed in order to address and regulate the legal relationship of information collection, processing, saving and usage, therefore it is vital for governments and legal agencies to realise efficient measures which ensure information security maintenance.
There are many components involved in developing complete information security for information systems. The most important component in information security is the protection of information captured, stored and flowing in computer systems and computer networks. As a result, criminal laws and legislative laws should be able to endorse the protection of information on computer systems and networks, and these laws must be subject to constant reviews and improvements. Such reviews and improvements are required because of the ever-changing nature of information systems and information security and the emergence of more sophisticated types of attacks.
Information security is not only limited to taking measures to protect information; it also includes a wide range of actions (technical actions, organisational actions, etc.) such as:
- establishing and improving the information system,
- developing, using and improving the means for a better information security,
- efficiently monitoring information security and reporting any infringements,
- developing protected and secure telecommunication systems,
- standardising the means for information security and data protection.
With sufficient financing and adequate legislative actions and laws, it is possible to achieve higher information security. High level security can also be achieved by fulfilling complex actions deemed necessary by stakeholders.