?Task Also, I would also make sure that

?Task 1:Discuss in detail how you would implement information security on your mobile device.1. Avoiding free WiFi. It is very important to use secured connected WiFi because hackers are able to see what you are doing on the internet, what you are browsing and it is easy for them to know your password if not careful because they can intercept your connection and lead it to their own network. Use VPN while accessing internet to make you anonymous. Don’t select auto connect, Bluetooth, WiFi, make sure my phone does not auto connect to those devices, when they are not in use. I would make sure they are turned off because any open connection can be used to access my phone or even someone can launch an attack. 2. Create a pass code, it is important to make sure that my phone has a pass code or even a 4-digit pin. This will help me to hide data or sensitive documents that are not supposed to be seen by anyone. I would also make sure that there is a maximum number of times one inputs the code, for instance like three times if wrong the phone shuts down immediately or starts erasing data.3. Backup: I would make sure that I have backed up my information periodically like every midnight. Also, I would also make sure that I am using the back-up features available on my mobile device. Check the user manual or reputable third-party vendors. The system containing the backup needs to be kept secure as well, or else all the phone data could be stolen from the desktop. Many phones allow for making encrypted backups, so this should be used whenever possible. (NIST Special Publication 800-124 Revision 1, Guidelines for Managing The Security Of Mobile Devices In The Enterprise)4. Encrypt sensitive data, there are features available on most mobile devices that can help encrypt data and you may want to consider a third-party app from a reputable vendor. This helps to maintain security or even if my phone is stolen no one can access the data unless they have an encryption key from the vendor. Don’t jailbreak your phone, it is also a physical access vulnerability, in which mobile device users initiate to hack into the devices to unlock it, and exploit weaknesses in the operating system. (Jeff Benjamin 2016) Mobile device users take control of their own device by jail-breaking it, and customize the interface by installing applications, change system settings that are not allowed on the devices. Thus, allowing tweaking the mobile devices operating systems processes, run programs in the background, thus devices are being exposed to variety of malicious attack that can lead to compromise important private data. (An Expert Guide To Securing Sensitive Data January 15, 2018)?5. Beware of phishing and texting scams. Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Hackers are posing as banks, pharmacists, and sales people in order to steal one’s information, you should always check your credentials. Ensure that the email is correct and coming from the correct domain, look for obvious spelling and grammar mistakes, and call the posing company if the email seems strange or unwanted.6. Install software for security, I would also store security software for my phone like kaspersky, Norton and others which will safeguard my device. Smart phones and tablets get malware, too.  In fact, they are the top target for hackers including iPhones.7. Have a plan if your device is stolen. I would consider installing an app that allow you to find, lock, or wipe your phone remotely if lost or stolen, also I would label my device with minimal information. Put an email address or an office phone number on the device so if it is found it can be identified and returned to me. Immediately I would change all passwords for my accounts accessed on the smart device, especially e-mail accounts. If someone does gain access to the device, they will have continued access to all e-mail, Facebook, some web account until the passwords are changed. (Protecting the confidentiality of Personal Data Guidance Note, CMOD Department of Finance December 2008)8. Update your apps and operating system. I would also make sure I update my phone regularly so as to get latest updates and avoid getting malwares like ransomware which is a type of malware that locks users out of their mobile devices in a pay to unlock your device ploy, it has grown by leaps and bounds as a threat. Specific to mobile computing platforms, users are often less security-conscious, particularly as it pertains to scrutinizing applications and web links trusting the native protection capability of the mobile device operating system. Mobile ransomware poses a significant threat to businesses reliant on instant access and availability of their proprietary information and contacts. (Protecting the confidentiality of Personal Data Guidance Note, CMOD Department of Finance December 2008)?Task 2:Discuss ethical issues relating on computer security and cryptography.• Privacy. Computers can be used symbolically to intimidate, deceive or defraud victims. Attorneys, government agencies and businesses increasingly use mounds of computer generated data quite legally to confound their audiences. Criminals also find useful phony invoices, bills and checks generated by the computer. The computer lends an ideal cloak for carrying out criminal acts by imparting a clean quality to the crime. The computer has made the invasion of our privacy a great deal easier and potentially more dangerous than before the advent of the computer. (Computer Security and Ethics Virginia Horniak student at Department of Computer Science and Engineering, Mälardalen University) A wide range of data are collected and stored in computerized files related to individu¬als. These files hold banking information, credit information, organizational fund raising, and opinion polls, shop at home services, driver license data, arrest records and medical records. The potential threats to privacy include the improper commercial use of computerized data, breaches of confidentiality by releasing confidential data to third parties, and the release of records to governmental agencies for investigative purposes. (Ethical Issues in Cryptography and Information Security: Concerns for Digital Libraries Arifa. K). Senior Research Fellow Dept. of Library and Information Science University of Calicut Calicut – 673635)• Ownership. Many people are required to sign NDAs (nondisclosure agreements) and non-compete clauses in employment contracts, legal documents that restrict their ability to share information with other future employers even to the point of disallowing them to join certain companies or continue to participate in a particular industry. What about the rest of us, who have no such legal restrictions? In the course of our work for employer A, we are privy to trade secrets, internal documents, proprietary processes and technology, and other information creating competitive advantage. We carry that information with us. Is it ethical to use our special knowledge gained at one employer to the benefit of another? How do you realistically restrict yourself from doing so?• Digital copyright. Laws that are presently used to protect the creators and vendors of digital information often predate the development of computer technology, and it is not clear which laws apply to digital information. Ways in which digital information differs from information in more traditional forms including; digital works are easily copied, with no loss of quality works can be easily transmitted to other users or be accessed by multiple users works that are treated differently under current copyright law are essentially equivalent: text, video, audio are all series of bits. Cryptography can provide new means of protecting intellectual property in the digital world. However, this raises other important ethical and sociological issues: should there be free copies of information available for lend in libraries? If so, what prevents all users from taking a free copy of the work? (`Trusted Computing’ Frequently Asked Questions (August 2003)• Control. For instance, in an organisation does the employee knows the degree to which behaviour is monitored. Organizations have the right to monitor what employees do (management is measurement) and how technology systems are used. It’s common practice to notify employees that when they use organizational assets such as networks or Internet access, they should have no expectation of privacy. Should an organization make it clear that in addition to monitoring how long employees are using the Internet, it’s also watching which Web sites they visit? If the organization merely says there’s no expectation of privacy when using the e-mail system, is it an ethical violation when employee’s later find out it was actually reading their e-mails?• Tracking. The first concern is that the right to track the location of specific content could be abused by authoritarian forces. It is certainly an invasion of privacy to seek and gain accurate and consistent information about what an individual is reading, viewing, hearing or feeling. One’s senses are his private property. Tracking can provide information about piracy, about attacks that damage the authenticity or integrity of the work and about infringement of moral rights. The creator wants to know this as much as the user wants guarantees of an integral authentic text. This dilemma is quite of concern, the solution to this would appear to lie in systems that only track the unauthorized uses.• Security. Organizations generally have internal policies for dealing with security breaches, but not many yet have specific policies to address this area. Managers who do not secure the systems for which they’re responsible, employees who cavalierly use information to which they should not have access, and system users who find shortcuts around established security procedures are dealt with in the same fashion as anyone who doesn’t meet the fundamental job requirements, anything from transfer or demotion to termination. Should compromised or ineffective security be held to a higher standard? (Cryptography and Network Security Chapter 23 Fifth Edition William Stallings)• Patents. With computer software, complete disclosure is required; the patent holder must disclose the complete details of a program to allow a skilled programmer to build the program. Copyright law provides a very significant legal tool for use in protecting computer software, both before a security breach and certainly after a security breach. This type of breach could deal with misappropriation of data, computer programs, documentation, or similar material. For this reason, the information security specialist will want to be fa­miliar with basic concepts of to copyright law.?Referencesa. John Perry Barlow. The Economy of Ideas, Wired 2.03.85, March 1994b. W. Bender, D. Gruhl, N. Morimo. Techniques for data hiding, Proceedings of the SPIE, 2420:40, San Jose CA, February 1995c. David Farber. Hearing on Communications and Computer Surveillance, Privaty and Security, May 1994d. Phillip Hallam-Baker. Secure Authorisation Issues on the Web, Tutorial Notes of Third International WWW Conference, April 1995e. Nicholas Negroponte. A Bill of Writes, Wired 3.05, May 1995f. Office of Technology Assessment (OTA). Information Security and Privacy in Network Environments, September 1994g. Pamela Samuelson. Copyright and Digital Libraries, Communications Of The ACM, April 1995, Vol. 38, No.4, pp. 15-21, p. 110h. Richard M. Stallman. The GNU Manifesto, GNU Emacs Manual, 1987, pp-175-184i. Jerome Thorel. EC plans encryption rules in bid to police information superhighway, Nature, vol. 377, no. 6547, September 1995, p. 275j. Protecting the confidentiality of Personal Data Guidance Note, CMOD Department of Finance December 2008)k. National Institute of Standards and Technology Special Publication 800-124 Revision 1 Natl. Inst. Stand. Technol. Spec. Publ. 800-124 Rev. 1, 29 pages (June 2013)This version supersedes http://www.nist.gov/customcf/get_pdf.cfm?pub_id=890048l. Richard A. Spinello, Herman T. Tavani. Readings in CyberEthics. Jones and Bartlett. ISBN 0-7637-1500-Xm. Herman T. Tavani, James H. Moor. Privacy Protection, Control of Information, and Privacy-Enhancing Technologies. Proceedings of the Conference on Computer Ethics-Philosophical Enquiry (CEPE 2000)


I'm Harold!

Would you like to get a custom essay? How about receiving a customized one?

Check it out