Information Security Ethical Scenarios
SEC/319 Version 3 / 1

University of Phoenix Material

Information Security Ethical Scenarios

Scenario 1

You are the owner of Cool Joe’s A/C and Heating that services a large metropolitan area. The business has a fleet of 15 service vehicles that cover the 100-square-mile service area. You have purchased smartphone technology that incorporates GPS technology to improve employees’ ability to locate customer’s addresses at a great cost to your business. With the purchase of a special GPS tracking application you can install on your company’s information system, the smartphones will also give you the ability to track your employees’ exact locations within the service area. Is this an ethical use of the information technology used by your business, or is it a violation of your employees’ privacy?

Scenario 2

You are a security professional in an organization that uses a security information system to verify if individuals have any felonies or warrants. The system can verify this information by entering an individual’s social security number or driver’s license number. A close friend of yours, who does not have access to the security information system, comes to your office and asks you to do her a favor. She has the driver’s license number of an individual who she claims just moved into her neighborhood, and she wants to check his background. What are your ethical responsibilities in this situation? What actions should be taken? What if this individual had moved into your neighborhood?

Scenario 3

You are the owner of a high-class restaurant in New York City. You have recently purchased a new customer relationship management information system that can help you manage your customers’ reservations. The system gives you the ability to not only track how often customers visit your restaurant, but what they order, the size of their bills, what kind of tips they leave your employees, if they are difficult customers, and where they like to sit in the restaurant. Is tracking this kind of information an invasion of your customers’ privacy? If you do collect this type of information, what are your ethical responsibilities to protect the information? Would it be ethical for you to sell this information to other businesses in your area?

Copyright ©2015by University of Phoenix. All rights reserved.