This document provides a summary and analysis of ethics issues arising in modern networked businesses. It discusses how the integration of corporate, social, and community networks blurs traditional information boundaries and policies. Key points addressed include:
- New stakeholders and dynamic engagement models require updated communications strategies.
- Ethics and governance issues become interwoven across functions as lines are blurred.
- Network security vulnerabilities increase with virtual networks, requiring updated privacy and security policies.
- There must be a balancing of customer privacy, security needs, and transparency demands with business interests.
- A new "Virtual Enterprise Ethics Engagement Model" is proposed to define and manage ethics in integrated virtual networks.
Identity REvolution multi disciplinary perspectivesKarlos Svoboda
The identity [r]evolution is happening. Who are
you, who am I in the information society ?
In recent years, the convergence of several factors – technological, political, economic –
has accelerated a fundamental change in our networked world. On a technological level, information
becomes easier to gather, to store, to exchange
and to process. The belief that more information
brings more security has been a strong political
driver to promote information gathering since September 11. Profiling intends to transform information into knowledge in order to anticipate one’s behaviour, or needs, or preferences. It can lead to
categorizations according to some specific risk criteria, for example, or to direct and personalized
marketing. As a consequence, new forms of identities appear. They are not necessarily related to our
names anymore. They are based on information,
on traces that we leave when we act or interact,
when we go somewhere or just stay in one place,
or even sometimes when we make a choice. They
are related to the SIM cards of our mobile phones,
to our credit card numbers, to the pseudonyms
that we use on the Internet, to our email addresses,
to the IP addresses of our computers, to our profiles… Like traditional identities, these new forms of
identities can allow us to distinguish an individual
within a group of people, or describe this person as
belonging to a community or a category.
Slides accompany the course titled "Intellectual Property in Institutional Context," offered at Tel Aviv University Buchmann Faculty of Law, May 2018, by Professor Michael Madison. Course website and syllabus here: <a href="http://madisonian.net/home/?page_id=3109">http://madisonian.net/home/?page_id=3109</a>
Identity REvolution multi disciplinary perspectivesKarlos Svoboda
The identity [r]evolution is happening. Who are
you, who am I in the information society ?
In recent years, the convergence of several factors – technological, political, economic –
has accelerated a fundamental change in our networked world. On a technological level, information
becomes easier to gather, to store, to exchange
and to process. The belief that more information
brings more security has been a strong political
driver to promote information gathering since September 11. Profiling intends to transform information into knowledge in order to anticipate one’s behaviour, or needs, or preferences. It can lead to
categorizations according to some specific risk criteria, for example, or to direct and personalized
marketing. As a consequence, new forms of identities appear. They are not necessarily related to our
names anymore. They are based on information,
on traces that we leave when we act or interact,
when we go somewhere or just stay in one place,
or even sometimes when we make a choice. They
are related to the SIM cards of our mobile phones,
to our credit card numbers, to the pseudonyms
that we use on the Internet, to our email addresses,
to the IP addresses of our computers, to our profiles… Like traditional identities, these new forms of
identities can allow us to distinguish an individual
within a group of people, or describe this person as
belonging to a community or a category.
Slides accompany the course titled "Intellectual Property in Institutional Context," offered at Tel Aviv University Buchmann Faculty of Law, May 2018, by Professor Michael Madison. Course website and syllabus here: <a href="http://madisonian.net/home/?page_id=3109">http://madisonian.net/home/?page_id=3109</a>
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
As a result of the increased dependency on obtaining information and connecting each computer together for ease of access/communication, organizations risk being attacked and losing private information through breaches or insecure business activities. To help protect organizations and their assets, companies need to develop a strong understanding of the risks imposed on their company and the security solutions designed to prevent/minimize vulnerabilities. To reduce the impact threats have on a network, organizations need to: design a defense layer system that provides multiple instances of protection to prevent unauthorized access to core information, implement a strong network hardware/intrusion prevention system, and create all-inclusive network/security policies that detail user rules and company rights. In order to enhance the overall security of a basic infrastructure, this paper will provide a detailed look into gathering the organizational requirements, designing and implementing a secure physical network layout, and selecting the standards needed to prevent unauthorized access.
A practical book with 88 case studies on Data Breaches that is readable for those new to Data Protection and wanting a real world, 'in the trenches', stories and tips on operational compliance that they can use as Data Protection Officers or Managers.
Presented at the Enterprises as Systems conference in the Chicago area in August. This focuses on business architecture primarily from the perspective of enterprises as human social systems
IT Structure & Firm Interdependency - Relational RentsPaul Di Gangi
Di Gangi, P. M. and Bush, A. (2008) The impact of IT structure and firm interdependency on relational rents in innovation collaboration networks. Proceedings of the 14th Americas Conference on Information Systems.
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
Web3 And The Next Internet - New Directions And Opportunities For STM PublishingMills Davis
The new ecosystem for scientific, technical, and medical (STM) publishing is digital, trans-semiotic, data and knowledge intensive, social, connected, collaborative, community-driven, mobile, multi-channel, immersive, and massively networked and computational.
In this era of open, co-evolving, networked techno-socio-economic processes, commercial publishing models based on exclusive literature collections are simply not enough.
By understanding changes coming with Web 3.0 and the next internet, STM publishers can identify new roles and profitable business opportunities.
Where Can Public Policy Play a Role A Comparative Case Study of Regional Inst...iBoP Asia
Where Can Public Policy Play a Role A Comparative Case Study of Regional Institutions and Their Impact on Firm’s Innovation Networks in China and Switzerland
Digital Transformation of the legal sector: #legaltech and more.
Case of theJurists Europe (deJuristen/lesJuristes/theJurists) of digital transformation and Artificial Intelligence.
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
As a result of the increased dependency on obtaining information and connecting each computer together for ease of access/communication, organizations risk being attacked and losing private information through breaches or insecure business activities. To help protect organizations and their assets, companies need to develop a strong understanding of the risks imposed on their company and the security solutions designed to prevent/minimize vulnerabilities. To reduce the impact threats have on a network, organizations need to: design a defense layer system that provides multiple instances of protection to prevent unauthorized access to core information, implement a strong network hardware/intrusion prevention system, and create all-inclusive network/security policies that detail user rules and company rights. In order to enhance the overall security of a basic infrastructure, this paper will provide a detailed look into gathering the organizational requirements, designing and implementing a secure physical network layout, and selecting the standards needed to prevent unauthorized access.
A practical book with 88 case studies on Data Breaches that is readable for those new to Data Protection and wanting a real world, 'in the trenches', stories and tips on operational compliance that they can use as Data Protection Officers or Managers.
Presented at the Enterprises as Systems conference in the Chicago area in August. This focuses on business architecture primarily from the perspective of enterprises as human social systems
IT Structure & Firm Interdependency - Relational RentsPaul Di Gangi
Di Gangi, P. M. and Bush, A. (2008) The impact of IT structure and firm interdependency on relational rents in innovation collaboration networks. Proceedings of the 14th Americas Conference on Information Systems.
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
Web3 And The Next Internet - New Directions And Opportunities For STM PublishingMills Davis
The new ecosystem for scientific, technical, and medical (STM) publishing is digital, trans-semiotic, data and knowledge intensive, social, connected, collaborative, community-driven, mobile, multi-channel, immersive, and massively networked and computational.
In this era of open, co-evolving, networked techno-socio-economic processes, commercial publishing models based on exclusive literature collections are simply not enough.
By understanding changes coming with Web 3.0 and the next internet, STM publishers can identify new roles and profitable business opportunities.
Where Can Public Policy Play a Role A Comparative Case Study of Regional Inst...iBoP Asia
Where Can Public Policy Play a Role A Comparative Case Study of Regional Institutions and Their Impact on Firm’s Innovation Networks in China and Switzerland
Digital Transformation of the legal sector: #legaltech and more.
Case of theJurists Europe (deJuristen/lesJuristes/theJurists) of digital transformation and Artificial Intelligence.
A security feature can be effective only if the user can use it effectively and the configuration settings are unambiguous. A complicated UI leads to most of the configuration errors. Most of the computer security failures find its genesis in the configuration errors.
The advent of Internet and ease of communication has thrown up the many such challenges; one of them being the security concerns about the data stored and transmitted. With the advent of hand phones, the security concerns have moved one notch up because mobile phones and especially smart phones are not merely devices for communication, but virtual identity databases. Though there has been a steady progress on the technological front, the user-interfaces are yet to become up to the mark for the end-user. Most of the UIs are complicated and confusing which leads the user to commit errors and hence becomes a security nightmare. Our view is that the security and usability share an inverse relation. If the usability of the system is low, the security features are mostly ignored by the users as that seems the most convenient thing to do. However, in case of UI with high usability factor, the designers have to compromise over a lot of security features to make it usable.
According to us, the missing link seems to be the absence or adaptation of a common standard for UI across the platforms. This study compares three most popular OS platforms for smart devices Android by Google, iOS by Apple and Windows by Microsoft on the basis of their usability factors in context of security features provided by them. This summary should help develop a model for future UI developers.
Discusses Major Compensation Issues regarding Executive Compensation. Provides Justification for Unreasonable Executive Compensation and Outlines measures for Executive Accountability
Is it possible to opt out of technological competence, or at least a reasonable understanding of social media, metadata, or similar? The Professional Code of Conduct raises the bar on what is now a core condition of competency.
Multi-Dimensional Privacy Protection for Digital Collaborations.CSCJournals
In order to sustain privacy in digital collaborative environments a comprehensive multidimensional privacy protecting framework is required. Such information privacy solutions for collaborations must incorporate environmental factors and influences in order to provide a holistic information privacy solution. Our Technical, Legal, and Community Privacy Protecting (TLC-PP) framework addresses the problems associated with the multi-facetted notion of privacy. The three key components of the TLC-PP framework are merged together to provide complete solutions for collaborative environment stakeholders and users alike. The application of the TLC-PP framework provides a significant contribution to the delivery of a Privacy Augmented Collaborative Environment (PACE).
Article started one year ago, obtains far more relevancy these days. Its meaning stays the same however: "Without laws and regulations would be chaos affecting our freedom and human nature."
Discussion Questions The difficulty in predicting the future is .docxduketjoy27252
Discussion Questions
: “The difficulty in predicting the future is that the outcomes are unreliable, due to the occurrence of wild-card events that distort the relatively well-understand trends for the near to mid-future.” Offer an example of such a “wild-card” event and some ways in which the security professional might address it in an effective manner. Regarding the need for the security industry as a whole to maintain the professionalism and competencies needed to address emerging threats and hazards, what do you feel are its primary areas of weakness and what proposals could you offer to address them?
The Future of the Security
When considering what awaits the security profession in the years to come and those that will operate within it, developments and forecasts related to security science will in large part be impacted by what has occurred in the past and in present day. What
might
occur, what is most
plausible
and
feasible
given current and expected occurrences, and what has proven to be effective (or not) will all need to be considered in determining those issues that will remain relevant or change. So predicting the future (not in the form of Nostradamus or similar prophets) as it relates to security is a technique that considers probable or desirable outcomes in the face of known or anticipated risks. So given this backdrop, where is security heading?
Physical Security
As long as there are structures that people operate within and house various assets, there will continue to be a need to offer needed protection related to them. All of the topics discussed in this course related to walls, fencing, sensors, alarm systems, guards, locks, and other such issues will be needed in some form or fashion. Whether through manual or technological means, these will remain a constant for the security administrator in providing appropriate defensive measures for the material, tangible assets they oversee. Concerning technology, the same trend will continue in serving as a needed aid in providing security moving forward. Mobile devices of various types, functions, capabilities, and their ability to access data, the ever-increasing use of robotics and the functions they can carry out, sensors that will be able to gain more intelligence regarding detection, and high frequency security cameras that will have the capability to verify the chemical compound of an object at a distance are just some of the many technical innovations on the horizon. Yet, just as technology has taken on a greater role in providing these efforts, so too does technology represent ever-increasing concerns to the security manager.
Cyber Security
As society becomes connected on an ever-increasing basis, attention must be directed towards what implications this environment has related to not only security, but related privacy concerns as well. In
Future Scenarios and Challenges for Security and Privacy
(2016, Williams, Axon, Nurse, & Creese), the researchers took a ver.
Big Data can generate, through inferences, new knowledge and perspectives. The paradigm that results from using Big Data creates new opportunities. Big Data has great influence at the governmental level, positively affecting society. These systems can be made more efficient by applying transparency and open governance policies, such as Open Data. After developing predictive models for target audience behavior, Big Data can be used to generate early warnings for various situations. There is thus a positive feedback between research and practice, with rapid discoveries taken from practice.
DOI: 10.13140/RG.2.2.14677.17120
Student enrollments are slowing and this is not sustainable. In 7 easy steps you'll gain disruptive turnaround insight about how to innovate, grow and re-brand your school.
1. ETHICS CASE STUDY REVIEW 1
Ethics Case Study Review
John Kostak
Georgetown University – School of Continuing Studies
Masters of Professional Studies in Technology Management
Capstone Course (MPTM-900-01)
January 21, 2017
Professor Mikah Sellers
2. ETHICS CASE STUDY REVIEW 2
Table of Contents
Abstract...........................................................................................................................................3
New Stakeholders...........................................................................................................................4
Interwoven Ethics and Governance .............................................................................................5
Network Security ...........................................................................................................................6
Mitigation and Balance .................................................................................................................8
Works Cited..................................................................................................................................11
3. ETHICS CASE STUDY REVIEW 3
Abstract
Since the beginning of modern business, there has never been a greater need and opportunity for
the application of Professional Ethics, than today. Given the volatile times we live in, companies
have to aggressively compete to meet their strategic business plan and achieve their mission, all-
the-while being responsible corporate stewards of their information-use policies and enterprise
network security. This case study review takes a look at the challenges facing a modern day
networked business and how to balance the interests of the organization with customer’s privacy
rights, need for security and public demand for greater transparency.
4. ETHICS CASE STUDY REVIEW 4
Ethics Case Study Review
At the core of the digital network age is a catalyst infrastructure of enterprise networks
and virtual networks, capable of providing unprecedented access to information. Never before
has it been so easy to acquire, store and transmit detailed information in a split second around the
world. (Vaccaro, September 4, 2012) CIOs have traditionally done well utilizing ethical analysis,
governance and best practices to set policy and security standards to protect against sensitive
information leaking and data breaches. However, a current trend, similar to that of enterprise
networks “extending” out into private and public clouds to deliver more services to customers
and partners (Hogue, 2010), has C-Suite executives scrambling to assess how the cataclysmic
growth of virtual networks and their communities will redefine their information and security
policies. It’s not enough now to just update the corporate communications, privacy and network
security policies. As big data becomes more valuable and marketers show no boundaries as to
how far they’ll reach out to engage their customer “community”, we’re witnessing firsthand the
integration of social and community networks with corporate networks. There are a few key
areas or business functions that senior executives in organizations will need to review regarding
resulting ethical issues and mitigation solutions for ultimately what should be the design and
implementation of new “virtual” information management, governance and security policies.
New Stakeholders
As the flow of information gets rerouted in response to the virtualization of networked
organizations, stakeholders will change. Those who were firewalled off so-to-speak for
transparency reasons by a third party, now may be a direct enabler and supporter of your
business model and vice versa. And the communications strategy to engage your key
stakeholders may change from being managed by corporate governance to a real-time dynamic
5. ETHICS CASE STUDY REVIEW 5
engagement model overseen by your social media plan. As referenced in the case study, Redfin
actually, through understanding their information flow structure, leveraged their virtual network
structure of social media and apps and reinvented their industry.
Interwoven Ethics and Governance
Ethical issues can become interwoven in the virtual network world. It’s not enough to
managed silos of functions, each managing their own ethical issues and providing governance,
like Corporate Communications, Investor Relations, Partner and Supply Chain, Social Media and
PR/Press. Many of these are becoming shades of gray, blurring the lines of where one policy
plan stops and another begins as a new discipline. It gets complicated and managers have to be
careful and provide sound and ethical judgment across the board. The privacy or information
security policy for one virtual area of your business may adversely affect another virtual area.
This impacts the best practice plans of corporate transparency and information reliability in
similar ways.
Our governance laws protecting information come from both the corporate world and
governments and both, more or less, focus on their own best interests and reducing risk. The
average corporate policy on information privacy considers mainly protecting intellectual
property within the private enterprise network and behind the physical, guns-guards-and-gates
security. (Harris, 2006) Few corporations have a modern privacy and information security policy
reflective of the new vulnerabilities and risks associated with managing business within the new
domains of virtual networks.
Government has made attempts over the years to introduce new legislature or modify
existing but is severely challenged to keep up with the tsunami of privacy issues related to virtual
and social network build out and integration. The Computer Fraud and Abuse Act can punish
6. ETHICS CASE STUDY REVIEW 6
anyone who’s attempted to commit an offense or conspiring to do so in regards to breaching a
computer and or the materials on it as a personal asset. (Congress, 1986) The Stored
Communications Act of 1986 has to do with the disclosure of ‘stored wire and electronic
communications and transactional records’ held by a third party ISP. It was also enacted in 1986
and helps to cover the gap left by the Fourth Amendment that protects our right against
unreasonable search and seizure but in this case, “protection” isn’t considering online or digital
assets. (Legislation) The Privacy and Security Responsibilities, Bureau of Consumer Protection
Business Center, Federal Trade Commission performs initial adjudicative fact-finding for the
Commission and resolves disputes made in discovery, explains the correct legality, applies the
law to the facts, and when necessary, issues an order on the remedy. The FTC is expected to be
a popular court to vet many of the up and coming issues related to information privacy.
Network Security
Virtual breaches can be just as damaging if not worse than corporate enterprise breaches.
As recounted in the 2011 Data Breach Investigations Report (DBIR) (Verizon RISK Team with
cooperation from the Australian Federal Police, 2012), 2011 could go down as a year of civil and
cultural uprising. This unrest was not limited to the physical world, as the online world was
riveted with the clashing of ideals, taking the form of activism where the theft of corporate and
personal information was a core tactic. “Hacktivism” haunted organizations around the globe.
The following are snapshots of the summaries of the breach report findings:
8. ETHICS CASE STUDY REVIEW 8
The difficulty in preventing security breaches has dropped over the past few years as better
and easier to configure/deploy technology is available. The challenge comes in mitigating the
risks and balancing security with transparency as it relates to information production and
dissemination over the new “integrated virtual network”, in example:
• The corporate enterprise network – definition and boundaries
• Extended enterprise and VPNs – definition and boundaries
• Partner extranets – definition and boundaries
• Member login portals – definition and boundaries
• Private, public, community and hybrid clouds – definition and boundaries
• The public internet – definition and its boundaries
CIOs and their team must consider all of these types of networking topologies when defining
who corporate, privileged, partner, customer and public users will be, and set the security
policies and configurations accordingly.
Mitigation and Balance
It’s one of the most important balancing acts that a CIO or CTO will face in the new
virtual networked business community; how to balance your customer’s privacy rights, need for
security, and public demand for greater transparency with the interests of your organization. One
of the concluding points from the case study was to remember at the end of the day (or
beginning!) to have an “individual conscious”. The article continues to remind us that the new
business community of stakeholders “has no borders – no rules”.
I believe first and foremost that those who are ultimately responsible for the viability of
the organization (C-suite/board of directors/advisors) need to spear head a new model for Ethics
that spearheads a service-oriented approach to solving the ethical and security issues in the new
9. ETHICS CASE STUDY REVIEW 9
virtual networked organization. Even before defining the vision (where do we want to go?) and
the mission (how are we going to get there), moral thought needs to be front and center and an
ethics policy should be defined for the common good of the whole company. The ethics policy
could be a framed box of principles for what the company stands for and where the “line(s)”
where they will stop at during the process of achieving their vision.
I’d like to introduce an architecture as a possible model to follow. I call it the “Virtual
Enterprise Ethics Engagement Model” (ve3) for defining and managing Ethics, Transparency,
Compliance, Governance, Security and Risk.
Ethics and the subsequent guidelines focused on managing the flow of information
within the organization stakeholder community are critical methodologies and processes to
manage because when it comes to breaches, misinformation and information leaks, it’s not a
matter of “if”, but “when”. The ve3 model can help manage all of the key variables that will
impact the way information should flow and to whom. When defining governance guidelines,
10. ETHICS CASE STUDY REVIEW 10
inputs about the kind of information that will be required, processed, stored and shared can be
assigned priorities that will determine a suggested output policy to follow and it can assign a risk
score to feed into the risk analysis function.
The model will need to include an audit and measure process so that it can continue to
evolve as the virtual networked community evolves. And yes, we should have a real-time ve3
app for this! Our organization’s community (virtual
networks) will only grow and become more sophisticated
and complex. Senior executives need to embrace the
changes, but stay out in front of it and don’t let this
evolution and revolution control their business vision and
mission. What can save them hardship down the road, is
leading with an ethics policy and management model. If
they can put this stake in the ground early on, they may
find that the following traditional guidelines concerning
information for IR, communications and commerce will
be easier than ever to establish.
11. ETHICS CASE STUDY REVIEW 11
Works Cited
Congress, U. S. (1986). Computer Fraud and Abuse Act.
Harris, S. (2006, August). Information Security Governance Guide. Retrieved April 2012, from
Tech Target: http://searchsecurity.techtarget.com/tutorial/Information-Security-
Governance-Guide
Hogue, F. (2010, September 30). CIO Update. Retrieved October 8, 2012, from IT Business
Edge: http://www.cioupdate.com/trends/article.php/3906131/How-to-Govern-the-Ever-
Extending-Enterprise.htm
Legislation, U. S. (n.d.). Stored Communications Act of 1986.
Vaccaro, A. (September 4, 2012). Ethics Hold the Key to Network Contradictions. DEEPinsight,
7.
Verizon RISK Team with cooperation from the Australian Federal Police, D. N.-C. (2012). 2012
Data Breach Investigations Report. Retrieved October 8, 2012, from Verizon Business:
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-
2012_en_xg.pdf