Urgenthomework logo
UrgentHomeWork
Live chat

Loading..

MN501 Network Management and Organisations Management

  29 Download     📄   2 Pages / 310 Words

Questions:

Debra Shinder writes, “IT security personnel often have access to confidential data and knowledge about individuals' and companies' networks and systems that give them a great deal of power. That power can be abused, either deliberately or inadvertently.”

1) Should you read the private e-mails of your network users just because you can? Is it OK to read employees' e-mail as a security measure to ensure that sensitive company information isn't being disclosed? Is it OK to read employees' e-mail to ensure that company rules (for instance, against personal use of the e-mail system) aren't being violated? If you do read employees' e-mail, should you disclose that policy to them? Before or after the fact?

2) Is it OK to monitor the Web sites visited by your network users? Should you routinely keep logs of visited sites? Is it negligent to not monitor such Internet usage, to prevent the possibility of pornography in the workplace that could create a hostile work environment?


3) Is it OK to place key loggers on machines on the network to capture everything the user types? What about screen capture programs so you can see everything that's displayed? Should users be informed that they're being watched in this way?

4) Is it OK to read the documents and look at the graphics files that are stored on users' computers or in their directories on the file server?

5) What if a client asks you to save money by cutting out some of the security measures that you recommended, yet your analysis of the client's security needs shows that sensitive information will be at risk if you do so? You try to explain this to the client, but he/she is adamant. Should you go ahead and configure the network in a less secure manner?

Answers:

Question one

In their daily activities, IT security personnel interact with many technological systems that house other people’s confidential information. This interaction is enhanced when dealing with user’s more so, in a workplace environment [1].

Two issues will always arise when dealing with e-mail and access management; one, data ownership and two employee’s desires/expectations.

Private companies that own their own IT systems can monitor and manage communication facilities such as e-mails. However, these management procedures should be notified to the users (employees) to enhance their awareness. Moreover, the IT experts should invoke their ethical standards when dealing with these systems to protect the user’s privacy and security rights [2]. Nevertheless, companies should never access user’s private accounts, in fact, they should implement conditions that prevent users from using private e-mails in workplace environments.

Companies should never access employee’s private accounts, moreover, these users should be notified of the management system to avoid using their private accounts in the workplace environment.

Question two

To protect and maintain the integrity of an organisation, IT security experts are mandated with the task of monitoring employees browsing history and activities. However, in doing so, these experts infringe on the privacy rights of the employees.

Now, two problems with these monitoring procedures; one, you infringe on privacy rights of the users and two, employee’s start to doubt and lose trust with the organisation.

When employees are aware of the extreme management system such as those that monitor their browsing activities they become aloof and withhold information. This outcome lowers their engagement which in turn lowers their performance. On the other hand, a failure to enforce them can lead to serious consequences related to cyber security. Therefore, a compromise should be offered when management is done while involving the needs of the employees [4].

In conclusion, IT experts can enforce these management initiatives on all levels of an organisation to normalise the process and to provide equal treatment to all employees.

Question three

Key loggers offer strong security measures to organisations system by providing a detailed account of all the activities conducted by the users. However, as seen before this exposes an organisation to privacy and security issues

The issues at hand; privacy and security.

An employee who accesses his/her bank accounts is likely to expose his data to the IT expert including passwords and funds owned. Therefore, it's important to inform the employees of the strict measures used to safeguard their own personal data. However, this strict security measure is necessary for certain environments such as financial institutions where data handled is highly sensitive and confidential [5].

In a highly sensitive environment, key loggers are a necessary security measure that protects companies and user’s information. However, the employees should also be informed of their existence to avoid the issues highlighted above.

Question four

Resource accountability is a crucial aspect of businesses that pushes organisations to implement management systems on in-house facilities such as file servers and directories. Nevertheless, one wonders on the regulations that are used to monitor the data used by the end users.

In this scenario, two key issue arise; resource ownership and integrity of the user systems.

 Consider an employee who uses his own device (BYOD) to perform his duties (workplace). In such a scenario, who owns the data contained in the PC, the user or the organisation as the device uses the company’s network? Ethically speaking, the IT expert should not access the privately owned machine unless the data used is affiliated with the organisation. Therefore, the privacy of the user should supersede that of the organisation.

At hand is an ethical dilemma that faces the IT expert who may have the legal jurisdiction to access a user’s fileservers and documents. However, his access should be governed by a personal appeal to safeguard the right of the individual as well as that of the organisation.

Question five

As an expert, it’s your duty to protect the client and his systems using adequate security measures. The client may have his own personal agendas to lower the implementation cost however, it’s up to the expert to convince the user of the importance of the adequate security measures.

Issues associated with this scenario; personal integrity and security violations.

Personally, the expert stands to lose if the implemented system fails due to inadequate security measures. Moreover, the client will also lose his data and resource in case his information is lost. Therefore, by implementing a weak security system an IT expert exposes both the customer and himself to security liabilities that can house extended consequences [6].

As an IT expert, it better to look at the bigger picture and emphasise the importance of a strong security measure rather than to satisfy the customer on a short term basis and later fail him as well as his expectation.

References

[1] D. Shinder. (2005). Ethical Issues for IT Security Professionals. [Online]. Available FTP: https://techgenix.com/ethical-issues-it-security-professionals/

[2] S. Nasiri. (2012). Can company read personal e-mail sent at work? IT manager daily. [Online]. Available FTP: https://www.itmanagerdaily.com/can-company-read-personal-e-mail-sent-from-work/

[3] C. Laine. (2016). Computer Security Ethics. [Online]. Available FTP: https://chrislaineblog.wordpress.com/2016/03/25/computer-security-ethics/

[4] D. Shinder. (2005). Ethical issues for IT security professionals. Computer World IDG. Available FTP: https://www.computerworld.com/article/2557944/security0/ethical-issues-for-it-security-professionals.html

[5] G. Reynolds. (2014). Ethics professionals. Ethics for IT Professionals and IT Users. [Online]. Available FTP: https://mykacabalse.blogspot.co.ke/2014/01/ethics-in-information.html

[6] S. Ehigie. (2015). Ethical issues that IT professionals face. Loughborough University. Available FTP: https://www.linkedin.com/pulse/ethical-issues-professionals-face-smiles-ehigie

Copyright © 2009-2023 UrgentHomework.com, All right reserved.