Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
First, they have an obligation to make certain that they can participate in the global economy to give their citizens the same chances for advancement as other nations. Secondly, they have a moral obligation to do everything possible to keep their citizens safe.
When one discusses the topic of security in Information and Communication Technology (ICT), much of the discussion focuses on the technology itself. Currently, the South African banking industry is attempting to establish standards that represent best practices in information security (Tshinu, Botha, and Herselman, 2008). These measures currently focus on the technological aspects of information security. However, the development of industry-wide best practices must take all sources of vulnerability into consideration, including the moral and ethical responsibility to keep information safe.
Therefore, the development of best practices cannot ignore the human factor in security and the division of responsibility between the banking institutions and the banking customers. This research will help it professionals in the banking industry to focus on all of the factors that affect information security, including human factor. The human factor cannot be ignored in the development of standards that pose a solution to the problems regarding information security in the South African banking system. One of the key issues is the shifting of responsibility in crime preventions. The citizens want to feel safe and as if they do not have to worry about their personal information. However, banks cannot do it without them. The citizens must take on a greater responsibility and help banks to fulfill their moral responsibility to keep their information safe. This research will argue that crime prevention is everyone's moral and ethical responsibility.
The scope of the problem is huge and affects all players in the banking industry. The size of the thefts that have occurred are overwhelming. In July of 2009, an SMS scandal involving Vodacom customers amounted in a multimillion-rand SMS authentication scam (the Star, 2009). This scam was one of the largest of its kind and demonstrates that even advanced SMS authentication processes are still vulnerable. They are a step above the username and password systems, but this crime demonstrates that even these systems are still vulnerable.
This scam was carried out using email and phishing to get the customer to divulge their username and password. The scammers masqueraded as a trustworthy source that fooled many customers. In this case, the customer was the one who took actions that caused the crime. If the banks are doing everything possible to prevent phishing sites, the question could be raised as to if they responsible when a customer voluntarily provides the phisher with information that leads to theft. The incidents of cyber crime that are occurring in South Africa are massive, both in the number of them that are occurring and in the amount of rands that are being compromised. This would be similar to a question of whether someone else is responsible if a person breaks into a house using a door that was left unlocked intentionally by the occupant. In these circumstances should the insurance pay. In many cases, they do not. So why should someone else pay for damage caused by information provided to a phisher? These are the moral and ethical questions that must be asked in order for South Africa to be ready for the leap into the global market. The scope of the problem makes it an important topic for study. The scope of the problem and the need to bring South Africa up to global standards is a key reason for the conduct of this study.
3. THEORETICAL FRAMEWORK
The theoretical framework is a group of unifying ideas that will govern the research process. The key guiding principle of the study will focus on the need to enhance the human factor in online banking security. It will focus on the need to balance the technological aspects of IS with the human factors. It will provide guidelines for the development of best practices that can be used by the South African banking industry to improve information security across the entire sector. It will address the questions of moral and ethical responsibility as outlined in the previous sections. The theoretical framework of the study is based on the guiding principle that increasing awareness regarding personal information, combined with the necessary technological advances will provide the best solution to improving information security in South Africa.
4. RESEARCH METHODOLOGY
Research into the field of information security...
It will focus on who should be responsible for cybercrime prevention and the moral and ethical issues of responsibility in cybercrime. IS security can be a difficult topic from a research perspective. One of the key reasons is that we only know about cyber crime when someone gets caught. It is difficult to determine if new policies, educational programs, or technology are actually having an effect on a reduction in cyber crime, or if criminals are simply getting better at avoiding detection. From a research perspective, this aspect of the phenomenon makes it a difficult topic to study.
In addition to this difficulty, it is difficult to attach causality to new programs, as there are many factors that could affect rises or falls in cyber crime that are not related to the element bring researched. The purpose of this research study is to explore the moral and ethical issues of information security in South Africa.
We discussed that information security is a combination of technology and education. The human factor and the need to keep personal information private were found to be a key factors in the prevention of information theft. Therefore, this study will use a survey methodology to explore the knowledge level and daily practices regarding information security in the South African people. It will also explore their use of and knowledge of available technology to help prevent cyber crime from occurring. It will address their feelings about their part in the moral and ethical responsibility to do their part to prevent cybercrime. It will address how they feel their banks are fulfilling their moral and ethical obligations to do as much as they can to prevent cybercrime. It will also explore cultural aspects of South African that could affect the feeling of who is responsible for the prevention of cybercrime. One example of these cultural dimension is the feeling of individuality vs. As communal perspective on crime prevention.
The purpose of the research is not only to gain insight into the current state of the situation, but also to offer suggestions for improvement in the future. Therefore, the survey will explore the potential effectiveness of programs that may help to improve password security in the future. The research takes into account the multiple factors that were found to be a factor in curbing cyber crime in the banking industry in South Africa, particularly regarding online banking and the moral and ethical obligation to prevent cybercrime.
The study will address the moral issues involved in information security from the user end of security. The sharing of passwords and usernames, or at least the failure to take proper precautions to protect them is believed to be a key component in the ability to protect online bank accounts. The ease with which phishers can obtain usernames and passwords through spoof sites, or through offering some small token in exchange for usernames and passwords is disturbing (Cawley, 2010). The end user was found to be responsible for security breeches more than technology. Therefore, this research methodology will focus on improving information security from the perspective of the end user. It will focus on the need to instill a sense of responsibility for their own cyber safety from the perspective of the end user.
The development of policies and better technology to curb cyber crime is an important element in improving online security in the South African banking industry. However, they can only go so far when the end users are willingly sharing passwords and refusing to take on their moral share of the responsibility. The end user has little, if any, control over the types of security measures that are being used by banks to protect their accounts. That does not mean that end users do not need to have a basic knowledge of these systems. End users have a moral responsibility to have a basic knowledge of the technological measures and policies that will help to protect their account. This will allow them to choose their online banking institutions wisely. The survey methodology to be used in this research study will allow the researcher to explore end user knowledge regarding protecting their online accounts from a technological and personal level. It will also review the current legislative and policies of 20 major banking institutions in South Africa in regards to how they are addressing the moral and ethical issues surrounding information security. Therefore, it will directly address…
REFERENCES
Anderson, R. & Moore, T. 2006. "The Economics of Information Security." Science [Online] 314 (5799), pp.610-613, October 27, 2006. Available at:
http://www.cl.cam.ac.uk/~rja14/Papers/toulouse-summary.pdf (Accessed June 20, 2010).
Anderson, R. & Moore, T. 2007. "The Economics of Information Security: A Survey and Open Questions." Fourth Bi-annual Conference on the Economics of the Software and Internet Industries. January 19-20, 2007: Toulouse, France. [Online] Available at:
http://www.cl.cam.ac.uk/~rja14/Papers/toulouse-summary.pdf (Accessed June 20, 2010).
Barrett, M. 2008. A Practical Approach to Managing Phishing. April 10, 2008. [Online] ThePaypalBlog. Available at: https://www.thepaypalblog.com/2008/04/a-practical-app / (Accessed June 20, 2010).
Bignews Staff. 2010. Standard Bank provides free phishing software. Big News. [Online] May 21, 2010. Available at: http://www.bignews.co.za/bignews/content/en/full-article?oid=1934&sn=Detail&pid=1&Standard-Bank-provides-free-phishing-software (Accessed June 20, 2010).
Cawley, C. 2010. South Africa's Online Banking Security Challenge. June 13. 2010. [Online] Brighthub.com. Available at: http://www.brighthub.com/internet/security-privacy/articles/73991.aspx (Accessed June 20, 2010).
Chen, Y., Chou, JS., & Huang, Chapter 2010. Comments on Five Smart Card-Based Password Authentication Protocols. International Journal of Computer Science and Information Security. [Online] 8 (2): 129-132. Available at: http://www.docstoc.com/docs/42932751/Comments-on-five-smart-card-based-password-authentication-protocols (Accessed June 20, 2010).
Chou, JS., Huang, CH, & Chen, Y. 2010. Cryptoanalysis on Two Multi-Server Password Based Authentication Protocols. International Journal of Computer Science and Information Security. [Online] 8 (2): 16-20. Available at: http://www.docstoc.com/docs/42922884/Cryptanalysis-on-two-multi-server-password-based-authentication-protocols (Accessed June 20, 2010).
Christensen, B. 2010. South African Revenue Service Tax Refund Phishing Scam. Hoax-Slayer. [Online] Available at: http://www.hoax-slayer.com/south-african-tax-refund-scam.shtml (Accessed June 20, 2010).
Wong, E. 2010. Why it Is Easy to Fall into Online Phishing Scams. Discover. [Online] Available at: http://www.alantanblog.com/scam/why-it-easy-to-fall-into-online-phishing-scams.html (Accessed June 20, 2010).
Elamb security. 2010. Facebook Imposter Scam. January 17, 2010. Revolution Magazine. [Online] Available at: http://elamb.org/category/phishing / (Accessed June 20, 2010).
Frauenstein, E. And von Solms, R. 2009. Phishing: How an Organization Can Protect Itself. Information Security for South Africa. Proceedings of the ISSA 2009 conference. [Online] Available at: http://icsa.cs.up.ac.za/issa/2009/Proceedings/ISSA2009Proceedings.pdf (Accessed June 20, 2010).
Goldstick, a., & Dagada, R. 2009. Help U.S.! We Want to be 'E-Secured': Digital Banking Customers' Security Needs in South Africa. Information Security for South Africa. Proceedings of the ISSA 2009 conference. [Online] Available at: http://icsa.cs.up.ac.za/issa/2009/Proceedings/ISSA2009Proceedings.pdf (Accessed June 20, 2010).
Haley, K. 2010. Password Survey Results. Symantec. March 26, 2010. [Online] Available at: http://www.symantec.com/connect/blogs/password-survey-results (Accessed June 20, 2010).
ISO/IEC 27002:2005. 2010. ISO/IEC 27002:2005 Information technology -- Security techniques -- Code of Practice for Information Security Management. IsecT Ltd. [Online] Available at: http://www.iso27001security.com/html/27002.html (Accessed June 20, 2010).
Knowler, W. 2010. Phishing Scams are Proliferating. South Africa. [Online] Available at: http://www.iol.co.za/index.php?art_id=vn20100602122803265C559150&page_number=2 (Accessed June 20, 2010).
http://www.cl.cam.ac.uk/~rja14/Papers/toulouse-summary.pdf (Accessed June 20, 2010).
http://people.seas.harvard.edu/~tmoore/enisa-security-econ.pdf (Accessed June 20, 2010).
Moore, T. And Clayton, R. 2007. "An Empirical Analysis of the Current State of Phishing Attack and Defence." Sixth Workshop on the Economics of Information Security. June 7-8, 2007: Pittsburgh, PA, USA. Pp. 1-20. [Online] Available at: http://people.seas.harvard.edu/~tmoore/weis07-phishing.pdf (Accessed June 20, 2010).
Moore, T. And Clayton, R. 2008. "The Impact of Incentives on Notice and Take-down." Seventh Workshop on the Economics of Information Security. June 26-28, 2008: Hanover, NH, USA. Pp. 1-24. [Online] Available at: http://weis2008.econinfosec.org/papers/MooreImpact.pdf (Accessed June 20, 2010).
Stander, a., Dunnet, a., & Rizzo, J. 2009. A Survey of Computer Crime and Security in South Africa. Information Security for South Africa. Proceedings of the ISSA 2009 conference. [Online] Available at: http://icsa.cs.up.ac.za/issa/2009/Proceedings/ISSA2009Proceedings.pdf (Accessed June 20, 2010).
Steyn, T., Kruger, H., and Drevin, L., 2007, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, H., Eloff, M. Labuschagne, L., Eloff, j., von Sohns, R., in IFIP International Federation for Information Processing, [Online] 232, (Boston: Springer), pp. 193 -- 203. Available at: http://docs.google.com/viewer?a=v&q=cache:CkaQEJ1ekaIJ:citeseerx.ist.psu.edu/viewdoc/download%3Fdoi%3D10.1.1.102.3462%26rep%3Drep1%26type%3Dpdf+New+Approaches+for+Security,+Privacy+and+Trust+in+Complex+Environments&hl=en&gl=us&pid=bl&srcid=ADGEESi9NbJ6wllXrkB98CZKtC1SZD3Rp0gdFoMHRnxNfnJ_1q18QcddjsJQNE-tGdSIOz_np5ZQ6OMFFfr3kwl85AbLoHeiG1nAIzNFR7e43NDOce7dJQ7o05gJNgczIMu0i58petvC&sig=AHIEtbSNq3c0VoS2cG5eXmpgW9Nc72baIg (Accessed June 20, 2010).
Tshinu, S., Botha, G. And Herselman, M. 2008. An Integrated ICT Management Framework for commercial Banking Organisations in South Africa. Interdisciplinary Journal of Information, Knowledge and Management. [Online] 3, pp. 39-53. Available at: http://ijikm.org/Volume3/IJIKMv3p039-053Tshinu364.pdf (Accessed June 20, 2010).
The Star. 2009. Millions Stolen in SMS banking scam. July 17, 2009. [Online] Available at: http://www.iol.co.za/index.php?click_id=13&set_id=1&art_id=vn20090717110409574C426108 (Accessed June 20, 2010).
US Department of State. 2010. South Africa Country Specific Information. Travel.State.Gov. [Online] Available at: http://travel.state.gov/travel/cis_pa_tw/cis/cis_1008.html (Accessed June 20, 2010).
Proceedings of the 4th international symposium on Information and communication technologies. Cape Town, South Africa. SESSION: Invited workshop on information technology and its applications: software development, disaster engineering, and security. Available at: http://en-us.www.mozilla.com/en-U.S./firefox/central / (Accessed June 20, 2010).
Ethical Issues in AIS Ethical Issues in Accounting Information Systems This essay examines ethical issues in accounting information systems as presented in the case of DHB Industries. Now known as Point Blank Solutions, the company, which supplied body armor to the U.S. military and law enforcement agencies, was charged by the SEC on March 1, 2011 for engaging in "massive accounting fraud" (SEC, 2011). The agency filed separate charges against three of
The company's consistent top line revenue growth also illustrates it has been successful in transforming its supplier network into one that operates more on knowledge, less on purely price or product decisions. As a result the company is capable of competing more at the process level and less at the purely price-driven one (Reese, 2007). In terms of the company's factors for success, the greater opportunities is to move into
Information Systems and Technology Involved With Solar Energy/Power Information Systems and Information Technology in Solar Power/Energy & Associated Challenges Solar energy is the contributor of approximately 94% of the world's energy although at first glance, much of that energy does not appear to be solar in nature. Solar cells, also known as photovoltaic cells, are our most identifiable effort to convert the sun's energy into electricity. They depend on a phenomenon known
Ethical Scenario Ethics is a term used to refer to the set of rules that help in determining right and wrong behavior during moral decision making. One of the major issues in Information Technology and Information Systems is computer ethics. This is primarily because the rapid technological advancements seem to enhance the likelihood of unethical use of computer devices and information systems. As these advancements continue to occur, it is expected
Ethical and Social Issues in Information Systems Page | WIPRO IT Business Solutions Green Initiatives by Wipro Green IT is defined as the study and practice of designing, manufacturing, using, and disposing of computers, servers and related components like monitors, printers, networking and communications devises and storage drives such that it has no impact on the environment. (Murugesan, San, 2008). The objective of green IT solutions is to: a) Reduce the application of hazardous
Creating Organizational Value through the Integration of Information Technology: A Management Perspective Change Management and the Construction of a Receptive Organization Transformational and Participative Leadership A Decentralized Organizational Culture Effective Utilization of Resources Simulations Performance Monitoring Systems Risk Management and Support Strategies When considering the ever-changing and highly competitive global landscape of business today, firms must stay at the cutting edge of their respective fields in order to sustain profitability in the long-term. With the current exponential growth