



|
Ethical Use of Computer Hardware and Software |
|
Discount used tires asked our team to make a policy that regulate the use of their information system. After detail discussions, we found that the privacy of the firm’s customers is the most important aspect of the suggested policy. To enforce this policy we decided: · Regular employees will not be able to display the customers’ credit cards, and only the store manager will be able to display them. · For the manager to display these sensitive information must provide two different passwords. · The system will lock itself if any of the passwords provided are not the right one for three times. · To unlock the system, the manager, the owner, and the system administrator must provide their passwords to the system. · The input of the credit card information will be through scanning. · The manager shouldn’t be able to get a complete list of all the credit cards that the system contains. · For the manager to display the credit card information, must provide the customer’s phone number. · Any illegal use for the sensitive information must be faced with severed punishment. After investigation, if it was clear that the manager involved with illegal use of the sensitive information, the manager must be fired from his job, and take all the necessary legal actions against him. · The manager and the employees must be educated about the illegal use of customers’ information and the expected consequences that will follow this illegal use. Every business has secrets that shouldn’t be available to everybody inside the firm. Access to sensitive information related to the firm must be given to the staff, which cannot perform their jobs without it. · The administrator shouldn’t give access to any sensitive information without the permeation of the owner. · Each employee will be provided an individual password that will give him a limited access to the information he needs to perform his job. · It is the responsibility of the employee to keep his password secret. · The system must provide detail report about the activities that the employees perform through the system. The administrator should evaluate the report and send alert messages to the owner, in case of any violation. · Any illegal use for the sensitive information must be faced with severed punishment. After investigation, if it was clear that the employee involved with any illegal use of the sensitive information, the employee must be fired from his job, and take all the necessary legal actions against him. · The manager and the employees must be educated about the illegal use of the firm’s information and the expected consequences that will follow this illegal use. Another aspect of the use of the information system is how to keep the information from lost in case of a system crash or a disaster. · The administrator of the system must backup the information by store it in a removable device on daily basis. · To access the information on the storage device, the owner must provide two passwords that are unchallengeable. · The device must lack itself, if the passwords provided are not correct. To unlock the device the owner must provide three more passwords that in addition to the first two. The use of the Internet is another threat to the system, to secure the system from outside attack, we decided the following: · Access to sensitive information through the Internet must be eliminated completely. · The use of the Internet must be limited to promote the firm and for marketing aspects and to communicate with other firms only. · Any emails that the firm received must be scanned with virus protection software before the email can open. · The sore manager is the only person will be allowed to receive and send emails through the Internet and for business use only. · The store manager and other employees must be educated about the danger of the Internet on the system. · Hardware and software firewalls must be provided to the system to protect it from outside attack. · The virus protection software must be updated on regular basis. |



