Running Head: MMT2 Task 3 – Security Policies
IT Strategic Solutions – MMT2 Task 3
Evaluating Security Policies
Western Governor’s University
1
MMT2 Task 3 – Security Policies
2
A. Evaluation of AEnergy’s Security Policies in Regard to Ethical Issues
Security policies constitute a single or group of documents that explicitly define the security safeguards, processes and procedures adopted by an organization to govern access to its premises and systems. Security policies also serve to govern the behavior and activities of internal and external users to whom access to the organization’s network, data or other sensitive information might be granted. In order for security policies to be effective, they must be
comprehensive,
…show more content…
Although it is within the company’s rights to track its equipment, this policy may inadvertently become a way to track employee whereabouts and location at all times in violation of their privacy.
Just because an employee has a company laptop in their personal car does not give the company implicit license to track and monitor their private movements especially when they are not on company business.
•
Acknowledgement of security policies by employees and external users
With the exception of AEnergy’s data security policy, none of the other policies require employees to sign them acknowledging their reception of the policy as well as their intent to adhere to it. This is a potential ethical issue since the company is requiring employees to adhere to rules without making explicitly certain that they understand the rules and intend to obey them.
The above-mentioned areas of focus could lead to ethical violations if they are not properly reviewed and addressed.
A1. Two Potential unethical uses of company technology and/or data by internal users
1. Use of on premise security cameras to spy on the activities of fellow employees
AEnergy employs security cameras on its premises for the primary purpose of monitoring the company’s perimeter for intrusion and protecting the company’s physical and digital assets.
It would be unethical for an employee or another internal user with the appropriate access to
MMT2 Task 3 –
Company employees must be careful that their conduct cannot rationally be construed as a bribe or other inappropriate enticement to perform a business act or improperly influence the recipient.
Did you know that 58% of employers have fired workers for Internet and email misuse? And 48% justify employee video monitoring as an effort to “counter theft and violence?” According to the “2007 Electronic Monitoring & Surveillance Survey” of which 304 U.S. companies participated in, computer-monitoring results have led to the highest cause of employee termination. These companies used several tactics to eavesdrop on employees while claiming to be managing productivity or for security purposes. Some argue that surveillance is absolutely necessary to help protect and grow a business; others argue that employee and customer rights come first. However, companies that use such tactics often violate the privacy of individuals, exploit their private information and even punish those that do not conform to their standards.
Improper ethical decisions may be the cause of the failure, and as relate to my three behaviors for personal "code of ethics".
Sadly, there is no way to alleviate the numerous amounts of threats that haunt networks and computers worldwide. The foundation and framework for choosing and implementing countermeasures against them are very important. A written policy is vital in helping to insure that everyone within the organization understands and behaves in an appropriate manner with regards to the fact that sensitive data and the security of software should be kept safe.
Allowing employees to have camera phones on a production floor, comes across as unprofessional and unsecure.
4. Please be advised that failure to follow this policy can result in possible criminal, and civil sanctions against the company, and it management and employees, and possible disciplinary action against the responsible individuals, and including termination of
The fact that Mr. Yourprop has not signed the employee handbook does not mean he is immune to the Company's policies. Though it is considered a best practice, law does not require employers to attain a form of acknowledgement of Company policies signed by the employee. The Society for Human Resource
This section of the employee handbook is provided as a guideline for employees to understand the company policy and procedures regarding privacy in the workplace. While this section cannot address every possible scenario that may occur, the general policy will serve as a basis of understanding the key workplace issues and employee privacy. This section addresses privacy issues related to personal background information, off-work activities, and the corporate policy on the use of electronic monitoring. These privacy policies are designed to both provide a clear guideline for employees on the difference between job related and personal privacy. The policies are designed to create a standard set of
Although it can be hard at times, it is very important to read and keep memos given to you by employers. Company’s update their policies from time to time and you have to abide by the changes. When I worked for the state of Texas we would receive multiple emails regarding policy changes and or updates. I had to abide by the changes.
Company must also develop a clear structure for granting employees access to sensitive information. Not all employees need such data in order to fulfill their everyday job responsibilities. For those who need admission to sensitive information, a strong authentication mechanism must be developed, which cannot be bypassed. This will ensure that only authorized users are accessing compromising data.
accessible by assigned staff, via their corporate login. The system is deemed to be secure but
Research is held to demonstrate that employers are becoming more and more apprehensive about their employees’ off-duty conduct as times progress. Businesses’ reputations are at stake as a result of the way workers handle themselves while outside of the work place. Due to the increase of reputable concerns companies are now attempting to control their staff’s lives away from the job site. This is being done by monitoring vehicles and cell phones with GPS systems and by tapping into phone calls, e-mails, and internet usage outside of the work environment. Policies are also being implemented to restrict weight gain, and other physical appearances of employees. The line between off-duty conduct federal and constitutional laws are put up against
The advancement in the technology is believed by the employees’ as actions to limit their privacy by the employers. Henceforth, workplace surveillance creates a legal issue in the work environment. The employees’ believe that their rights get violated when their employer keep a close watch on their activities.
Nowadays employees have a full accessibility to Internet and that lets them to check personal
In The Los Angeles Times (2013) an article titled, “Tracking workers’ every move can boost productivity,” stated how employers are using surveillance software to monitor employees every movement. Employees are criticizing the monitoring software since it has caused harsher work environment. Employees feel with the monitoring system, employers see them as human machines a way to drive costs down and increase production (Semuels, 2013). Employees are finding that monitoring technology have cost jobs