Ethics and Security

19 May No Comments

Ethics and Security

BIS/221

Ethics and Security

Businesses must be vigilant when it comes to security issues that may occur and how they are going to prevent them. With technology advancing so much over the years, there have been significantly more people trying to gain access to information stored within businesses. This has caused businesses to need more resources to better protect the company’s data and information. Information systems hold all of the employee information, client information, and the information of the business as a whole, such as financials and even potential secrets. If there are not programs in place to protect the security of the company, there are chances of security breaches taking place, which can completely hinder a business. Businesses have the right to ensure all of their employees are following their rules, regulations, and policies regarding ethics and security. Today, we will go into detail about the risks and threats that businesses face when it comes to keeping their data secure and we will also discuss some policies and procedures that should be put into place to ensure the business’ data is protected and secure from any potential threats.

With the growth of technology, there has also been a growth in the number of people trying to gain access to people’s information, especially through gaining access into businesses systems. Some things that IT administrators need to look out for today are targeted cyber-attacks, data breaches, mobile devices and social networking. Cyber-attacks are when someone is attacking a network to obtain information. These attacks used to be people trying to gain as much information as possible, but now most of these attacks are established to extract data over a longer period of time. Data breaches are one of the most common threats amongst businesses today. Most data breaches are intentionally done by either an internal associate or from someone gaining access to a laptop that could have been misplaced or stolen. With the growth in data breaches over the years, company’s need to be more cautious about who has access to information, especially when working outside of the network firewall. When it comes to mobile devices, smartphones are found everywhere within the workplace today. These devices can be seen as a threat because IT has little control over their security. Lastly, social networks can be seen as a threat in the way of employees going on there and leaking insider information. More often than not, social network sites are blocked from the company network so that the employees are unable to access these sites while they are at work. This does not protect the company from what the employee may post on these sites when they are not at the office, but most companies will have IT people check on their employee’s social media sites to ensure that sensitive material is not being posted for the world to see through these sites. With these types of threats out there, IT administrators within businesses must work essentially around the clock to ensure that all of the information is secure from all types of threats.

Every business should have policies and procedures set in place to ensure data is being handled properly with appropriate security measures in place to ensure that potential threats are not going to harm the business. Any employee within a business, new or existing, should fully know and understand that the company is expecting of them when it comes to their ethical standards and codes of conduct. Everyone employee needs to know that the privacy of the customer data is priority and understand the business procedures to ensure that all data is being stores securely. IT has an important job of developing a secure firewall, secure password information, and developing an anti-virus that will be able to protect the staff and the customers. The IT department within a business also has the responsibility of coming up with a continuity plan. Creating a continuity plan helps to ensure that if a threat does occur, critical business systems and programs are restored first to keep the business running. One type of procedure that would come from the IT department would be if a spam email is sent to your work email, delete it right away without opening any attachments, as this can be a way for a hacker to gain access to your systems. Another procedure set in place by IT would be the time frame for when passwords expire and when they need to be updated to maintain the security of organization information. For companies that require a number of passwords being used, it is important for the staff to not keep passwords out in the open for others or cleaning crews to gain access to. Passwords should be locked away safely and not saved on a computer desktop in the case that someone was to gain access to the computer, they are unable to login to any of the secure sites. When dealing with customer information, nothing about that customer should be saved anywhere that someone could gain access to it and make changes. Policies set in place by the company and the IT department should be reviewed annually to ensure that all employees are aware of any changes and updates and be a refresher to all employees to confirm that all policies are being followed.

The human resources teams within an organization must meet the ethical standard to ensure that all employee information is being handled securely, as they deal with driver’s license information, social security information, and any other private information of the employees. I would much rather work for a company that requires its employees to agree to certain regulations and rules to ensure the safety and security of the company, staff, and customers than work for someone who does not have these requirements, as they are less likely to care about their employees and customers. Employees that know they work for an organization that cares so much for the security of their employees makes them feel secure and safe within the organization. This in turn will also make the employees want to meet these ethical standards of the organization that they are working for.

As you can see, business security is a priority and businesses must be alert to ensure the privacy of all employees and customers are being handled in an ethical manner. As technology continues to grow at a rapid rate, there will continue to be threats through data breaches and cyber-attacks, but with the proper tools and procedures in place these threats should not be an issue to companies that are prepared for these attacks. Knowing what the threats are and how to prevent them from occurring or minimizing their affects are key to having a successfully secure business. Having the appropriate plans in place developed by an internal IT department are the most important aspect to guarantee that all employees are meeting procedure guidelines.




Click following link to download this document

BIS 221 Ethics and Security.docx