Orojects to incorporate into your class, try any of the following after read Project Focus Personal Budget Project Skill Set Introductory Formulas Page Number AYK 3 Cash Flow Introductory Formulas AYK 3 Ethics and Information Security: Hardware and Software Introductory Formulas AYK 3 MIS Business Concerns 4 Employee Relationships Introductory Formulas AYK.3 Global Commerce Introductory Formulas AYK.4 CHAPTER Total Cost of Ownership Introductory Formulas AYK.4 Project Management Introductory Gantt Charts AYK.5 Strategic Analysis Intermediate Formulas or Solver AYK.5 SECTION 4.1 Filtering Data Intermediate Conditional AYK.6 Ethics SECTION 4.2 Information Security Formatting, Autofilter, Subtotal Data Analysis Intermediate Conditional AYK.6 Formatting, PivotTable ■ Information Ethics Strategic Analysis Intermediate AYK.7 Profit Maximization Intermediate AYK.7 ■ Developing Information Management Policies Break-Even Analysis Intermediate AYK.7 Electronic Personal Marketing Introductory Structural Tags AYK 14 ■ Protecting Intellectual Assets ■ The First Line of Defense-People ■The Second Line of Defense-Technology Data Collection Intermediate Organization of Information AYK.15 What's in IT for me? This chapter concerns itself with protecting information from potential misuse. Organizations must ensure that they collect, capture, store, and use information in an ethical manner. This means any type of information they collect and use, including about customers, partners, and employees. Companies must ensure that personal information collected about someone remains private. This is not just a nice thing to do. The law requires it. Perhaps more important, information must be kept physically secure to prevent it from being accessed and disseminated, and possibly used by unauthorized sources. You, the business student, must understand ethics and security because they are the top concerns that customers voice today. The way they are handled directly influences a customer's likelihood of embracing electronic technologies and conducting business over the web-and thus the company's bottom line. You can find evidence in recent news reports about TUINE opening case study 138 Chapter 4 chrisdorney/Shutterstock flP Tanuha2001/Shutterstock Catwalker/Shutterst Clicking "I Agree"-The Death of Privacy in the Information Age Have you ever received an ad for something just after having a private conversation over at phone with a friend? Have you ever received a text message requesting a contribution to political campaign or charity after listening to a certain podcast? Have you ever received coupon for a product that you recently searched? How did these companies access your p sonal information? Perhaps it was from a data breach or an unethical cookie tracking applicatio One of the biggest issues facing the information age is the protection of privacy. Priva allows you, the user, to set a boundary allowing only specific people to see the what, whe and where of your personal data. Privacy is an inside job, allowing you to determine w views your web browsing, shopping habits, movie and music preferences, and book se tions. It should be your decision to determine when you are okay with someone using y personal data to gain financially. One of the largest data hacks occurred at Facebook where the cell numbers, em addresses, names, and birthdates of 533 million global Facebook users in over 100 co tries were hacked. Facebook stated the data was scraped from people's profiles by b actors using its contact importer tool, a feature that utilizes people's contact lists to h them find friends on Facebook. Facebook has experienced numerous data breaches o the years (most famously, the Cambridge Analytica scandal-see Closing Case Two). Information security is part of corporate responsibility, and new laws and governance being created to ensure personal data is protected when it is outside its users' control. I mation security is really about how personally identifiable data is protected when it is out of the user's control. It includes technical hardware such as firewalls and passwords, policies and procedures, to ensure that your personal data is not subject to unauthori access. Unfortunately, not all companies take information security seriously, and most c panies experience data breaches of some kind. That means, ultimately, the protection one's personal data is in the hands of a third party and not in the user's control. With all of the amazing technological advances associated with the information there are also pitfalls. The information age is still evolving, and the question remains as to individuals will maintain, lose, or gain control over their personal data. Are governme and corporations doing enough to keep personal data safe? It is critical that anyone pla personal information on the Internet understands what types of data are being gathe saved, and shared, so they can make informed decisions about how they post and s data. Unfortunately, most companies bury how they are using your data by having you ingly share it in their terms and services agreements. The real question is have you actually read the terms and services agreement before clicking "I agree”?¹ Ethics and Information Security: MIS Business Concerns section 4.1 Ethics LEARNING OUTCOMES 4.1 Explain the ethical issues in the use of information technology. 4.2 Identify the six epolicies organizations should implement to protect themselves. INFORMATION ETHICS Ethics and security are two fundamental building blocks for all organizations. In recent years, enormous business scandals along with 9/11 have shed new light on the meaning of ethics and security. When the behavior of a few individuals can destroy billion-dollar organizations, the value of ethics and security should be evident. Technology poses new challenges for our ethics. ■ Ethics: The principles and standards that guide our behavior toward other people. Ethical dilemmas in this area usually arise not as simple, clear-cut situations but as clashes among competing goals, responsibilities, and loyalties. Inevitably, there will be more than one socially acceptable or correct decision. The protection of customers' privacy is one of the larg- est and murkiest ethical issues facing organizations today (see Figure 4.1). Trust among companies, customers, partners, and suppliers is the support structure of ebusiness. Privacy is one of its main ingredients. Consumers' concerns that their privacy will be violated because of their interactions on the web continue to be one of the primary barriers to the growth of ebusiness. Each time employees make a decision about a privacy issue, the outcome could sink the company. As it becomes easier for people to copy everything from words and data to music and video, the ethical issues surrounding copyright infringement and the violation of intellectual property rights are consuming the ebusiness world (see Figure 4.2). Legal vs. Ethical Data scraping, also known as web scraping, is the process of extracting large amounts of data from a website and saving it to a spreadsheet or computer. It is one of the Confidentiality The assurance that messages and information remain available only to those authorized to view them. LO 4.1: Explain the ethical issues in the use of information technology. FIGURE 4.1 Information Ethics Overview in the Information Age Information Ethics •Govern the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself or without the aid of computer technologies. Privacy The right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent. Business Driven MIS Module 1 139 FIGURE 4.2 Ethical Issues in the Information Age Copyright .The legal protection afforded an expression of an idea, such as a song, book, or video game. Counterfeit Software •Software that is manufactured to look like the real thing and sold as such. Digital Rights Management A technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution. Intellectual Property Intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents. Patent • An exclusive right to make, use, and self an invention and is granted by a government to the inventor. Pirated Software • The unauthorized use, duplication, distribution, or sale of copyrighted software. FIGURE 4.3 Ethically Questionable or Unacceptable Information Technology Use 140 most efficient ways to get data from the web and, in some cases, to channel that data to anothe website. The debate around data scraping revolves around the issue of taking data from a webs such as Facebook without the individual user knowing that the data is being copied. D scraping is not illegal, as long as you follow all the rules associated with the website. Le problems arise, however, when it comes to how people choose to use the data they have scrape This is the problem for many technologies: analyzing the intersection of legal vs. ethical. Figure contains examples of ethically questionable or unacceptable uses of information technology Individuals copy, use, and distribute software. Employees search organizational databases for sensitive corporate and personal information. Organizations collect, buy, and use information without checking the validity or accuracy of the information Individuals create and spread viruses that cause trouble for those using and maintaining IT systems. Individuals hack into computer systems to steal proprietary information. Employees destroy or steal proprietary organization information such as schematics, sketches, customer and reports. Chapter 4 Ethics and Information Security: MIS Business Concerns APPLY YOUR KNOWLEDGE BUSINESS DRIVEN DISCUSSION A high school principal decided it was a good idea to hold a confidential conversa- tion about teachers, salaries, and student test scores on his cellular phone in a local Starbucks. Not realizing that one of the students' parents was sitting next to him, the principal accidentally divulged sensitive information about his employees and stu- dents. The irate parent soon notified the school board about the principal's inappro- priate behavior, and a committee was formed to decide how to handle the situation.4 With the new wave of collaboration tools, electronic business, and the Internet, employees are finding themselves working outside the office and beyond traditional office hours. Advantages associated with remote workers include increased pro- ductivity, decreased expenses, and boosts in morale as employees are given greater flexibility to choose their work location and hours. Unfortunately, disadvantages associated with workers working remotely include new forms of ethical challenges and information security risks. In a group, discuss the following statement: Information does not have any ethics. If you were elected to the committee to investigate the principal's inappropriate Starbucks phone conversation, what types of questions would you want answered? What type of punishment. if any, would you enforce on the principal? What types of policies would you implement across the school district to ensure that this scenario is never repeated? Be sure to highlight how workers working remotely affect business along with any potential ethical challenges and information security issues. Information- Does It Have Ethics? Other bsite Data Legal aped e 4.3 y.² Rule 41 is the part of the United States Federal Rules of Criminal Procedure that covers the search and seizure of physical and digital evidence. Rule 41 originally granted a federal judge magistrate the authority to issue a warrant to search and seize a person or property located within that judge's district if the person or property is part of a criminal investiga- tion or trial. In April 2016, the Judicial Conference of the United States proposed an amendment to Rule 41 that allows a federal judge magistrate to issue a warrant that allows an investigator to gain remote access to a digital device suspected in a crime, even if the device is located outside of the geographic jurisdiction of the judge issuing the warrant. An important goal of the amendment to Rule 41 is to prevent criminals from hiding the loca- tion of a computing device with anonymization technology in order to make detection and prosecution more difficult.³ Privacy advocates are concerned that the amendment will expand the government's author- ity to legally hack individuals and organizations and monitor any computer suspected of being part of a botnet. In addition to giving the government the authority to seize or copy the infor- mation on a digital device no matter where that device is located, the amendment also allows investigators who are investigating a crime that spans five or more judicial districts to go to one judge for warrants instead of having to request warrants from judges in each jurisdiction. Unfortunately, few hard and fast rules exist for always determining what is ethical. Many people can either justify or condemn the actions in Figure 4.3. Knowing the law is important, but that knowledge will not always help because what is legal might not always be ethical and what might be ethical is not always legal. Figure 4.4 shows the four quadrants in which ethical and legal behaviors intersect. The goal for most businesses is to make decisions within quadrant I that are both legal and ethical. There are times when a business will find itself in the position of making a decision in quadrant III, such as hiring child labor in foreign countries, or in quadrant II, such as when a business might pay a foreigner who is getting her immigration status approved because the company is in the process of hiring the person. A business should never find itself operating in quadrant IV. Ethics are critical to operating a successful business today. Business Driven MIS Module 1 141/n