Various issues have come up regarding the security and privacy in using electronic systems. According to Turn (1976), lack of privacy and security in the use of information technology has led to many people lacking confidence in the technology. Many people have opted for other ways of carrying on their daily undertakings other than using the Web. Businesses need to be properly informed on how to make the Web private and how to protect their information and create proper ethics. Security policies created should look into the desires of their users in order to be able to gain their trust.
Waekentin (2002) argues that an effective security policy provides businesses with strategic ways of shaping up their e-services for their sake and for the sake of the people required to be using these services. It also defines the value of the business objectives and represents the business requirements. By establishing the process of developing a relevant, usable policy in the information technology, an organization can make the difficult decisions on the information security programs and implementation the rest of the programs with ease. An organization that reviews its information security program is able to identify any weaknesses that may arise and try look for solutions for them.
Ethics in the use of information system is also another way in which users have lacked trust in the use of the e-services. According to Errol (1996), computer technologies have enabled businesses to be more efficient and they have been used as a way of obtaining information and communicating ideas. However, as they are continuously being used, ethical dilemmas have arisen and policies of enhancing proper ethics must be established to promote trust of the information system to its users. Ethics include moral decisions made by e-service users in respect to the standards of those behaviors that are acceptable and helpful to the programs being implemented and to the people sharing these programs (Bruce 1992).
This study is aimed at establishing the various designs that can be set to enhance security, privacy and ethics in using the computer information systems. It is important that users of technology are informed on ways of creating privacy and promoting security while running web-designs and other information programs. There is need to create a balance between the use of e-services with privacy and security of information and the ethical standards.
According to Turn (1976) an information system that is secure accomplishes its tasks without any drawbacks on the user. Security in information system can be enhanced in different ways for the benefit of the user. For example, the specific features in the system can be formatted to protect the information. In this aspect, there would be need to create a software that uses passwords which have a relatively large number of characters. A password with six or more characters will limit other unauthorized users from having access to information. It will give the owner the confidence of using and storing information in the computer programs.
Security can also be enhanced in the use of computer programs by creating protective devices for the program. It is possible to have a program attacked by external people even when there have been secured by passwords. Customers using a particular site are prone to having their sites being attacked by unauthorized people. They may be misguided by people who pretend to be the owners of the sites they are using and may end up giving their private information to these unauthorized people (Turn 1976).
Lee (2002) has also argued that attacks may occur when the consumers programs are fed with information that prevents the user from using the program effectively. Attackers may get access to the programs and create a virus that will limit the consumer from having proper access to the contents of the program. When a program has been interrupted the attacker has easier access and can easily retrieve any private information from the program. It is therefore important that security policies look also into the design of the programs to prevent people from attacking the information through other sources.
Security of information programs consists of three concepts, that is, confidentiality, integrity, and availability. Confidentiality enables only that person who is authorized to use the program can have access to it. This means that anyone who wishes to use the program must have the authority to access it so as to ensure that the contents are fully secured. Integrity ensures information remains as it is without any alterations by external users. Availability enables the authorized user to have total access all information. When a program is available, then it means that the person authorized to use it can retrieve all the information without having to consult other people. Availability of computer programs will promote security and confidence to the users (Turn 1976).
Krishnan (2004) argues that computer information technology has been a source of ideas and a means of achieving objectives among businesses and other users. Advancement in information systems also creates social and political relationships and this makes ethical standards an important aspect in promoting efficiency. Electronic systems are being used by different people from different backgrounds as a way of sharing and communicating ideas and this brings up the necessity to create proper ethics among the systems so as to enhance the relationships of the different users.
According to Dunn (1994) ethics include moral decisions that are made by individuals in relation to the rest of the community, standards of acceptable behavior while communicating and relating with other people through the information system, and rules that are set by different people to promote good relations. Users of different programs need to establish different rules and regulations that would ensure ethics are enhanced and people do not misuse these ethics.
Ethics emphasize on the acceptable behaviors that should be observed while using the computer programs to create conducive operating situations for users from all backgrounds. People would like to have a system where they can freely interact with one another without conflicting in respect to proper norms and behaviors. Issues of acceptable behavior in the use of information systems include simple standards of maturity to understanding different people’s rights and responsibilities and this can be facilitated by coming up with appropriate measures of enhancing ethical discipline (Dunn 1994).
Activities that most users in the computer information system find unethical occur when people begin to misuse the rights and capabilities given to them. For example, information system allows people to send and receive messages through the web. However, when a user sends annoying messages to all available addresses without considering the recipients’ norms and attitudes, then the system is said to be misused. Indiscriminate advertising through the web is also regarded as misuse and may lead to some people lacking the necessary confidence while using these systems (Arrington 2003).
Privacy in web usage goes hand in hand with security in the computer systems and proper ethics. According to Lee (2002), privacy means that a user can effectively make use of the information systems without having interruptions from other external users. If one can create a software program and use it effectively without getting unnecessary interruptions from other people then privacy is said to be enhanced.
Solutions to overcoming these problems
It is important that proper standards are established to ensure that security, privacy and proper ethics are observed while using the computer information systems. Waekentin (2002) has come up with solutions that are necessary to create an effective information system. These include:
- Users should be encouraged not to interfere with other people’s documents without their consent. It is necessary to create a network with other users but privacy should be respected in all ways.
- Passwords for all confidential information must be set in a way that there are no chances of other people guessing them and hence having access to information. Passwords should not contain less than six characters and should be kept confidential for authorized people only.
- The people creating webs and other computer soft wares should ensure that there is no possibility of them being attacked by external users. They should design webs that are free from any external attack.
- People who have been a nuisance to other web users could be banned from using the programs. There can be created a barrier to ensure that they do not have access to the programs.
- The owners of the computer soft wares should employ external and qualified consultants to analyze the system and hence ensure it is not prone to external biased people.
Commercial, off-the-shelf (COTS)
These are hard wares or soft wares that are normally created to be sold to users for networking purposes. They are created in a way that they can be used by the general public and not for private use only. They are created and used by external people for business purposes or for governance purposes (McKinney 1985).
The use of COTS has been continuously being used to develop programs that can be used by different people. According to McKinney (1985), COTS are licensed to the general public and they are edited to fit the specifications of the public. They are cost-effective and hence are used as an alternative to in-house built soft wares. However, the major challenge that arises while using the COTS is that they are likely to change with changing events and the changes may not cater for all the users. The users also will not have control over the changes that would come up.
However, COTS have been seen to be one effective way of enhancing the use of computer information systems. McKinney (1985) argues that the COTS components if implemented will reduce the overall costs of developing soft wares. This is because the component can be bought and used by different people instead of having to create their own soft wares.
According to Goldman (1999), the COTS come in handy to reduce the overall costs of developing information systems. When they are used by the government, they are referred to as Government funded developments or the Government, off-the-shelf, which offer a great savings to costs of development and procurement by the government. Several groups of people have hence been encouraged to use the COTS in their operating systems.
Open Source soft wares (OSS)
The Open Source soft ware is a computer soft ware that allows users to use, edit and improve the contents in it to suit their specifications. It is said to have a user-readable code that licenses the user to make any changes to the information contained in it (McKinney 1985). According to McKinney, an OSS has the following characteristics which make it an effective computer soft ware:
Free use and exchange
The soft ware does not restrict any person from using or selling the component. It contains programs from different sources and these can be given away to other people or sold off as a way of sharing the information contained in it.
The soft ware must have a user code which gives the user access to all the information contained in it. The source/user code should be made in a way that the user is able to modify information contained in the program.
The soft ware must allow for modifications and researched work. It must also allow the contents to be distributed under similar conditions as those of the original and unedited software.
The soft ware must not discriminate against anybody wishing to use it. It must be free to all and must contain useful information for all users.
The soft ware must be technology-neutral
The program set up in the OSS must not be restricted to a part5icular technology. They must be technology-neutral to allow its users effectively implement it.
It is important that both businesses and individuals make use of the COTS and the OSS to develop their computer technology. These soft wares are both economical and resourceful. They have been developed to be used by all users and when people gain trust in the computer technology, the OSS and COTS can be used to eliminate any ambiguities that people get regarding the use of public soft wares. They can effectively be used hand in hand with the in-built soft wares.
Lee.K & Waekentin. Electronic Commerce: A managerial Perspective, Chicago; Prentice Hall, 2002.
McKinney D “Impact of Commercial Off-The-Shelf (COTS) Software and Technology on Systems Engineering”, Presentation to INCOSE Chapters, 2001.
Johnson D. Ethical issues in the use of computers U.S.A. Wadsworth Publishing Co. 1985.
Turn R. Privacy and Security Issues in Information Systems. Washington DC, U.S.A; IEEE Computer Society, 1976.
Dunn A. Local Groups Attempting to Knock Down the Information Superhighway’s Tollbooths,” New York Times; United States National Information Infrastructure, 1994.
Bruce S. The Hacker Crackdown: Law and Disorder on the Electronic Frontier. New York: Bantam, 1992.
Errol S. Distributed Information Systems: from Client/Server to Distributed Multimedia. McGraw Hill, 1996.
Goldman J, Rawles & Mariga. Client/Server Information Systems: A Business-oriented Approach. John Wiley and Sons Inc, 1999.
Fano A & Gershman. The Future of Business Services in the Age of Ubiquitous Computing. CACM, 2002.
Geroge R. et al. A Case Study in Pervasive Retail in proceedings of the WMC, 2002.
Krishnan D. Success and Failure on Web-based Financial Services. CACM, 2004.
Arrington C.T & Rathan. Enterprise Java with UML. John Willey and Sons Inc, 2003.
Shi and Wright. E-commercializing Business Operations. CACM, 2003.
Colman et al. Keeping E-business in Perspective. CACM, 2002.
Charlesworth M & Sewry. Ethical Issues in Enabling Information Technologies. Proceedings of SAICSIT (ACM conference), 2002.
Roussos G & Moussouri. Consumer Perceptions of Privacy, Security and Trust in Ubiquitous Commerce. Personal and Ubiquitous Computing (ACM), 2004.
Araujo I & Arrujo Developing Trust in Internet Commerce. Proceedings of the 2003 conference; Centre for Advanced Studies on Collaborative Research (ACM), 2003.
P.G. Neumann P.G. Risk in Trusting Untrustworthiness. CACM, 2003.
R. Grimm R & Rossnagel. Can P3p Help to Protect Privacy Worldwide? ACM Multimedia Workshop proceedings, 2000.