MKTwain - CMGTCB-582 - Competency 2 Reflection

docx

School

University of Phoenix *

*We aren’t endorsed by this school

Course

582

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by PrivateOtterPerson4789

Report
Mark Twain January 21, 2024 CMGTCB/582 – Competency 2 Reflection Security Ethics, Policies and Laws As a culture, it appears the digital age has brought about the necessity to remind society that although Ethics and Compliance may not be the same, ethics should be considered. Compliance, policies and laws are loosely based on ethical principles as well as morals; however, compliance, policies and laws are primarily based on what is legal and not legal. Just because something is within the law or in compliance, doesn’t mean it’s always ethical, and organizations sometimes base their bottom line on compliance, rather than ethics. Digital Rights Management The concept of Digital Rights Management was created to leverage technology in the management, control and access of copyrighted materials, such as digital content and intellectual property. This would allow the individual creators and organizational owners of this intellectual property to have protection and rights to their content so that others may not use this content for their own gains without legal repercussions. In the unlikely event that a pharmaceutical company illegally acquires a decade’s worth of research from a competitor into developing a cure for Alzheimer’s and then puts it out to market before the owner of the research can, the DRM protection would provide the owner of the research to seek legal action against the organization that took the research. Also, because the DRM leverages technology, it is possible to backtrack to how the competitor may have acquired the research if it was via network intrusion. If coding was implemented to prevent the acquisition to this material, than there may be a digital trail as to how this was bypassed and by who. There are various DRM application providers to choose from, however, some are exclusive to specific types of content. Amazon Web Services has several features to use DRM capabilities when also using their other services for content management, such as storage in their S3 and Secure Cloud services. If content management is more than audio and video files, such as documents, eBooks, training modules, materials, or other educational materials, then a DRM application such as Vitrium may be ideal as it is for various types of materials. DRM is without its drawbacks, ethically, some of the content that is created for the purpose of putting it out for the betterment of humanity or society can also be controlled via DRM in order for profit, or to keep some information from being available to all. An example would be a scientist that figured out how certain foods can be added to your diet that will help reverse or cure diabetes, so she publishes the research out online for everyone to have access to so that they may benefit from it. However, the research organization she was affiliated with at the time, even if she were working on different projects, may claim rights to that content and find legal means to apply DRM controls to the research in order to sell it to an organization that will turn it into a profitable treatment only exclusive to them, and anyone who attempts to copy or distribute it can be subject to legal ramifications. Advantages of DRM are that content is protected and secured for the most part, and if anyone attempts to use it or distribute it
without authorization, they may be subject to fines and may have to pay the owner of the content. DRM also helps to restrict who the audience of the content is, such as only paying customers, or in the case of content designated only for mature audiences. Disadvantages are that some customers or consumers may not want this type of content because it limits their use of it, such as when iTunes would not allow your iTunes purchases to be transferred to another apple device or CD easily, even if you paid for the video or song and wanted to put it on another form of playback media, you could not. Organizational Policies and Laws As an IT manager, I would implement guidelines that will direct the department in what organizational policies must always be followed, as well as laws, regulations, and how to do so with an ethical mindset. In developing the IT architecture of my organization, I’d make sure that my team receives training on ethics and compliance as it applies to our industry and organizations. Such as in the case of the banking industry, laws and regulations may recommend that you always secure your desk and workstation so that sensitive customer data is not let unattended, however organizational policies may require that you put all documents locked away in your desk and lock your workstation when leaving your desk. Ethically, you should secure all customer data, either paper or digital, so that you are not the cause of a customer’s information being stolen or compromised which may have a major financial impact on their life and that of their family. From the IT architecture side, making sure that MFA is required with all systems, that there is a timeout limit on a workstations or systems that locks it down automatically if it detects lack of interaction after a few minutes, as well as providing access to only those that need it for their duties will also be implemented. Privileged access will only be granted to those that need a specific level of access, for example, a computer support technician doesn’t need access to the firewall or Wi-Fi dashboard. This will be communicated to employees on a semi-annual basis with refresher training and annual compliance training on what expectations are in the industry with any new laws that take effect at the start of each year. Many new state and federal laws seem to take effect at the start of a new calendar year, therefore this is the perfect time to communicate this to all employees and the IT team and provide refresher training on expectations. Developing an organizational culture that adheres to following guidelines, policies, laws, regulations and maintains an ethical mindset is critical to safeguarding employee, customer and organizational integrity. By constantly having the organization participate in these types of trainings and providing examples of recent security events in the industry and their impact on those organizations, an organizational culture that takes these into consideration will develop.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Chapter 3 Lab - Retrieving Data From A Single Table.docx
ACC 4320 Assignment Week 5.docx
part2.docx
Project Two.docx
MKTwain - CMGTCB-555 - Competency 2 - Reflection.docx
MKTwain - CMGTCB-582 - Competency 1 Reflection.docx
MKTwain - CMGTCB-559 - Final Reflection 02.08.24.docx
MKTwain - CMGTCB-559 - Comp 1 Reflection.docx
MKTwain - CMGTCB-559 - Comp 2 Reflection.docx
MKTwain - CMGTCB-559 - Comp 3 Reflection.docx
Unit 6 Risk Management .docx
QSO 640 MODULE 4 PRE-TEST .docx