00:01
So we are opposed to an incident here where a senior manager in a company is concerned about insider attacks from disaffected staff on the company's it assets.
00:10
As part of the resilience improvement program, she proposes that a logging system and data analysis software be introduced to capture and analyze all employee actions, but that employees should not be told about this system.
00:21
Discuss the ethics of both introducing a logging system and doing so without telling the system users.
00:30
So first we're going to discuss just introducing the logging system itself, the ethical upsides and downsides.
00:38
So the first ethical benefit of introducing a logging system would introduce user accountability for users accessing files.
00:47
So for instance, say a certain user deletes a file path containing a bunch of excel sheets, it's pretty important to know when that has happened and who has has done it.
01:01
So introducing a logging system would maintain accountability for users that do tasks that make widespread changes and unauthorized attempts at accessing certain files, software, and sites will be logged.
01:17
This is genuinely sound it practice to prevent users from accessing things that are either insecure, cause insecurity, or allow for personalized or time -consuming tasks that aren't related to work.
01:37
And lastly, security on the domain is just bolstered for having introducing logging systems and auditing systems.
01:46
Now, the ethical downsides to just introducing the logging system itself could be that users may be overly cautious and not feel free to work within the domain.
01:56
And unauthorized attempts at accessing files could just be due to.
02:00
To ignorance, not necessarily malfeasance...