Site hosted by Angelfire.com: Build your free website today!
Text Box: Discount Used & New Tires Co.

Ethical Use of Computer Hardware and Software

Discount used tires asked our team to make a policy that regulate the use of their information system. After detail discussions, we found that the privacy of the firm’s customers is the most important aspect of the suggested policy. To enforce this policy we decided:

· Regular employees will not be able to display the              customers’ credit cards, and only the store manager will be              able to display them.

· For the manager to display these sensitive information must              provide two different passwords.

· The system will lock itself if any of the passwords provided              are not the right one for three times.

· To unlock the system, the manager, the owner, and the              system administrator must provide their passwords to the              system.

· The input of the credit card information will be through              scanning.

· The manager shouldn’t be able to get a complete list of all              the credit cards that the system contains.

· For the manager to display the credit card information,              must provide the customer’s phone number.

· Any illegal use for the sensitive information must be faced              with severed punishment. After investigation, if it was clear              that the manager involved with illegal use of the sensitive              information, the manager must be fired from his job, and              take all the necessary legal actions against him.

· The manager and the employees must be educated about              the illegal use of customers’ information and the expected              consequences that will follow this illegal use.

Every business has secrets that shouldn’t be available to everybody inside the firm. Access to sensitive information related to the firm must be given to the staff, which cannot perform their jobs without it.

· The administrator shouldn’t give access to any sensitive information without the permeation of the owner.

· Each employee will be provided an individual password that will give him a limited access to the information he needs to perform his job.

· It is the responsibility of the employee to keep his password secret.

· The system must provide detail report about the activities that the employees perform through the system. The administrator should evaluate the report and send alert messages to the owner, in case of any violation.

· Any illegal use for the sensitive information must be faced with severed punishment. After investigation, if it was clear that the employee involved with any illegal use of the sensitive information, the employee must be fired from his job, and take all the necessary legal actions against him.

· The manager and the employees must be educated about the illegal use of the firm’s information and the expected consequences that will follow this illegal use.

Another aspect of the use of the information system is how to keep the information from lost in case of a system crash or a disaster.

· The administrator of the system must backup the              information by store it in a removable device on daily basis.

· To access the information on the storage device, the owner              must provide two passwords that are unchallengeable.

· The device must lack itself, if the passwords provided are              not correct. To unlock the device the owner must provide              three more passwords that in addition to the first two.

The use of the Internet is another threat to the system, to secure the system from outside attack, we decided the following:

· Access to sensitive information through the Internet must        be eliminated completely.

· The use of the Internet must be limited to promote the firm        and for marketing aspects and to communicate with other        firms only.

· Any emails that the firm received must be scanned with        virus protection software before the email can open.

· The sore manager is the only person will be allowed to        receive and send emails through the Internet and for        business use only.

· The store manager and other employees must be educated        about the danger of the Internet on the system.

· Hardware and software firewalls must be provided to the        system to protect it from outside attack.

· The virus protection software must be updated on regular        basis.