IT Security Management Assignment: UK University Staff And Student Data Leakage

Question

Task: Proceed according to the following instructions.

Identify a recent (within the last six (6) months) ethical dilemma or ethically questionable situation relating to ICT that you are familiar with. This situation can be either in the media (for example one you have sourced from a newspaper, or online through social media) or through your workplace.

If using a workplace example, to maintain confidentiality, do not use real names.
If you use a media article you must include the link to the media article in the references list of your assignment.

Identify the key ethical issues contained in your chosen case and use the three distinct perspectives of applied ethics including professional, philosophical, sociological/descriptive ethics to analyse the ethical issues involved in the case. The word limit should be between 1400-1500 words. Note: Headings, citations, references and any appendices do not count towards your word limit, but quotations do. At the start of the assignment indicates in brackets the word count of your assignment excluding those items mentioned above.

Include a Reference list at the end of your work, in the correct APA referencing style, corresponding to in-text citations. You must include at least THREE (3) quality academic references (one for each ethical perspective) from different sources. Please note that these references are in addition to those provided to you through this subject (for example, you still must reference, Tavani textbook, the Interact subject lecture notes etc BUT these references cannot be used as one of your three quality academic references from different sources). Only include references that have been cited in the body of your assignment and ones that support what you have presented in your assignment.

This assessment task will assess the following learning outcomes

Be able to identify ethical issues related to ICT.
Be able to assess the implications of ethical problems.
Be able to critically evaluate solutions to ethical problems.
Be able to argue consistently and rationally about the moral issues raised by the adoption and use of ICT.

Answer

1. Introduction
This IT Security Management Assignment focuses explores the data breach experienced at a UK university where student and staff data was lost due to poor IT security infrastructure. Information and Communication Technology or commonly known as ICT is the infrastructure and mechanism that facilitates modern computing. It connotes to all the expertise that manages telecommunications, televise medium, intellectual edifice management systems, audio-visual processing and broadcast systems and net supported control and monitoring utilities. It comprises of both the internet-enabled specialty as well as the wireless networks. It further includes obsolete technologies such as landline telephones, radio and television broadcast. Its function extends towards digitizing, that connotes communication via Augmented Reality, Virtual Reality and Digital Platforms (Rouse,2017). The editorial published in the month of April 2018 confers on the subject of the carelessness and negligence of an employee because of whom, sensitive data of over 90,000 staff and students at the U.K. University of Surrey and Surrey Sports Park were leaked and thereby compromised. The particular editorial is a paradigm of three critical perceptions of ethics, i.e. professional ethics, philosophical ethics and sociological ethics. This U.K. based University has experienced a data security incident due to the irresponsible behaviour of their workforce. An employee has potentially compromised the confidential and financial facts about the students and the staff to one of its suppliers who published a password that permitted access to such critical and vital data of the University (Matthew. 2018). This IT Security Management Assignment focuses on the data leakage of a U.K. University staff and student and three data safety ethics is discussed in the said essay which communicates about the error committed by the employee.

2. Professional Ethics Perspectives
Professional ethics are primarily concerned with applied ethics as used in the workplace. Professionals are more likely to tackle with ethical issues while dealing with the Internet and the World Wide Web. It plays a pivotal role in ICT as it not only supports the confidentiality of the public but also deals with immoral exploitation of technology. It holds on to the enhancement of value of life, aptitude and reliability. It also offers an up to date security enrichment, giving administrators assurance that employees are protected from cyber security risks. An error by a software supplier at the University of Surrey Sports Park is gradually being elevated, demands attention and an attempt towards its resolution. Due to this crisis, the private information about the members, staff and students of the University were at a risk of exposure, after the password was published online. The information comprises of names, birth dates, bank details, contact particulars and sort code details of the members who make payments via direct debit. This incident also includes health information which was later revealed by the associates at the occasion of registration (Jay,2018). This was the most alarming state for them and thus a precautionary approach was taken to ensure the problem was taken care of. The information contravention was highlighted to the Information Commissioner’s Office (ICO) and it was considered to be low since it was unknown that the information was illegally accessed or not. However, IT Security Management Assignment advocates that the data has not been stolen. Yet, it is another typical exemplar of a simple human mistake made by a software supplier that can lead to devastating tribulations (Flick et.al. 2017). Further to this, there is no proof of such data being accessed or misused by unconstitutional and illicit third parties. Thereby it ensures that even if an principled problem has come to limelight inadvertently, even then there is not right empowered to the professionals to discourage adherence to their professional values devotedly and dutifully (Mather,2007). Hence, it is obvious and understandable that ICT experts therefore execute their responsibilities and obligations by enduring to the enumerated laws morally.

3. Philosophical Ethics Perspectives
Philosophical ethics basically means the personal search for truth in any field by rational and coherent means. It involves regulating, shielding and recommending the notion of acceptable and unacceptable behaviour. It refers to the project of assimilating meta ethics and normative ethics in an efficient way, trying to gain insight into what is precious and mandatory by understanding what actually they are. Ethical assurances are related to a wide arena of philosophical values, which points to what the individuals conclude to be correct or incorrect or that they would openly squabble to be right or wrong. The reality is that, attitude with respect to technology, accounts different concerns about private ethics. ICT, comparable to other expertise has its own advantages and limitations to put forward. Because of an additional movement towards ICT, possible regulation for truth-seeking ethics is becoming a necessity. The above mentioned unpleasant incident at the University lack philosophical ethics (Nicholas & Mugeni 2014). Though, it was a simple fault by an employee but the same would have been evaded easily. However, it is not of a case when confidentiality of the students, staff and the members was being exposed and leaked. The IT Security Management Assignment explores mistakes conducted by human beings comprises for a huge fraction of data contravention examples, and as is viewed in this case, the work of unintentionally printing a passcode online can easily provide admittance to hackers to perform some fraudulent acts which would be irreparable by nature.

A similar event had occurred in 2018 where the information regarding the students of 21000 U.K. schools was put at risk because of the software bug. The default occurred in the SIMS Software matching routine for new admissions that led to a major contravention of data safety and privacy. The said act was disgraceful and an outrageous one. The particular occurrence should have been considered as a lesson for all the ICT professionals, but unfortunately the result was not what was expected and there was a repition of data breach hits 90000 staff and students at the University of Surrey Sports Park which led to leakage of personal and financial information to anonymous and unidentified public. The same University endured yet another humiliation in November when one of its employees shared confidential health details of one of its staff members with nearly 300 postgraduate research students via an email, a severe fault that attracted the wrath of the University’s students union as well as cyber experts. Exposed personal and private data can be a huge vulnerability as it can be leveraged to breach more secure systems and put vital information at danger (Karlsson,2003). Thus, it is crucial to educate the employees and contractors on good cyber hygiene practices.

The above article portrays moral problems philosophically because the experts could succeed in securing the privacy of its members. Hence, it is correctly connoted from the philosophical ethics stand point, they were unable to regulate and introduce the theory of correct or incorrect within the users.

Sociological/Descriptive Ethics Perspectives: Sociology is not only more comprehensive than ethics; it is inherently intertwined with ethics. It is the methodical learning about the world, societal establishments and social associations. It studies about the social life in all its manifold forms of manifestation. Ethical principles and ethical endeavors are the key working factors in social growth and enlargement. The sociological side of the moral values looks into the understanding of the various communities and individual communications and how it has an implication over the government, educators and the planners. It performs within a demarked and set code of moral values that guarantees if the outcome will be of help to the public or not. The volatile growth and progress of ICT and the usage of its facilitating technologies has impacted the community majorly. Cyber offenses and violation of secrecy and associated rights are the crux and most important sociological concerns with respect to ICT. In addition to this, ICT in education has given more nuances to sociological principles, since it increases worth to ideas and knowledge, by augmenting the success and competence of learning procedure. It has a critical part to perform, to attend to the predicament of eminence content and the eminence of teachers. It helps to conduct research, itinerant learning, all-encompassing learning and erudite communiqué. The mistake which has been pinned in this editorial could have resulted in compromising the private and personal facts of the staff and students making them vigilant and cautious (Gale, 2005). Therefore, it’s important to use strong passwords and never give out sensitive and personal information over the phone. Given the earlier disclosure and leakage about the data breaches of this kind last year, the above event is breathtaking and it looks like hollow and void reassurances. Students, staff and members of the University are constantly questioning whether their personal details are secure and safe or not. The exposed delicate and private information may be a greater susceptibility of not only secrecy of information privacy, but also can lead to putting the safety systems and crucial facts in danger, thereby impacting the society in a negative manner. The extent of offense has entered at such a point, due to which it has become obscure to trust, since the community will not consider these kind of human faults happily. Sociological principles have a critical part to perform in this scenario and it is the right of every student and staff to be aware if their data are secured properly. The said act is not in favor of the sociological moral performances. It is the right of al individual who lives in a community, in this case the university, to be aware of if their data is safe and secure or not. The sociological conscientiousness is not being demeanor aptly, which is noticeable from the fact that such attacks are not one of a kind, but constant in nature. In this article, a set of ethical concerns have been acknowledged that are forecasted to convert into being pertinent during the further growth of newer ICT professionals. Appreciating the types of these concerns is a prerequisite of commissioning examination and modernization dutifully. The portrayal of principled problems, which are important and fundamental, cannot be considered to be inclusive or wide-ranging. The comparatively theoretical explanation of ethical matters does not give details in depth about how these issues would perform out in practice. This requires detailed examination of a technology and its expected situation of use (Johnstone,2007). This IT Security Management Assignment outlines the novice principles issues that nurture, either footed on new technical competences or on the basis of altering moral observations.

4. References
Gale,T. (2005).Sociological Ethics. Retrieved from https://www.encyclopedia.com/science/encyclopedias-almanacs-transcripts-and-maps/sociological-ethics

Matthew. (2018).A data breach at the University of Surrey Sports Park hits 90,000 staff and students. Retrieved from https://www.dataleaklawyers.co.uk/blog/university-surrey-data-breach-90k-staff-students-affected

Jay,J. (2018).Personal data of 90,000 Univ of Surrey staff & students leaked by erring employee. Retrieved from https://teiss.co.uk/information-security/personal-data-surrey-staff-students/

Johnstone,J. (2007). Technology as empowerment: a capability approach to computer ethics. Ethics and Informatio Technology. 9.73-87.

Flick,C., Stahl.B.C & Timmermans.J (2017). Ethics of Emerging Information and Communication Technologies: On the implementation of responsible research and innovation. Science and Public Policy.44(3).369-381. Retrieved from https://academic.oup.com/spp/article/44/3/369/2525576

Karlsson, I. (2003). Ethics and Information and Communication Technology. IFAC Proceedings Volume. 36 (22). 75-80

Nicholas,K.K. & Mugeni,G.B. (2014). Is it time for the Philosophy of ICT? International Journal of Information and Communication Technology Research. 4(8). 299-303. Retrieved from https://www.researchgate.net/publication/266078696_Is_it_time_for_the_Philosophy_of_ICT

Rouse,M. (2017). ICT (Information and communication technology, or technologies). Retrieved from https://searchcio.techtarget.com/definition/ICT-information-and-communications-technology-or-technologies

Tags: security management it management united kingdom

NEXT SAMPLE