THE SOCIAL MEDIA

People can connect with each other via social media by building online communities where
they can exchange information,thoughts,messages,and other material, such as images,audio,and
video.

Social Networking Platforms

A social networking, website brings together Internet users to form an online community
that allows them to overcome challenges such as time,space,and cultural differences. It enables
people to communicate with one another over the internet by sharing their
Thoughts,ideas,knowledge,hobbies,and experiences. Members of an online social network will use
it to communicate with their peers,families,and co-workers. They can engage with people they
already know in order to forge new personal and professional bonds. Facebook, twitter, YouTube,
and LinkedIn are all popular social Networking sites.

SOCIAL NETWORKING ETHICAL ISSUES

Online violence,intimidation,stalking, cyberbullying, experiences with sexual predators, the

sharing of pornographic content, and employee involvement in social networking are some of the
ethics challenges that users of social networking sites face.

1. Cyberbullying

Harassment, torment, ridicule, or threats directed at a minor by another minor or a group of

minors over the Internet or by phone. Females and 15 - to 16-year-olds are most likely to be victims
of cyberbullying. Cyberbullying has also escalated to the point that some children have attempted
suicide as a result of it.

2. Cyber Abuse

Any physical or mental mistreatment or lack of care caused by the use of an electronic
communications system, that, causes damage or pain to others. Cyber bullying includes both cyber
assault and cyber stalking, a wide range of activities in which someone behaves in a manner that
causes others hurt or anxiety. Cyberbullying isn’t necessarily obvious,harmful,or otherwise
harmful to a person or group of people, causing significant emotional distress.

3. Cyber Stalking

Is a form of cyber bullying that consists of a long-term pattern of unwelcome, continuous

pursuit and disruptive activity (involving the use of an electronic communications device) directed
at another user, causing fear and anxiety in the victim. For victims, cyber stalking may be a major
issue, frightening them and inducing emotional trauma. Cyber harassment often leads to aggressive
or excessive phone calls, threatening or obscene letters, trespassing, vandalism, actual stalking,
and even physical violence.
 4. Encounters with Sexual Predators

By incorporating sex talk and then planning to visit youth in person for sexual encounters,
sexual offenders use online messaging to, build trust and faith in their victims, who are usually
teenagers. Any social networking sites have been chastised for failing to protect minors from
sexual predators.

5. Uploading of Inappropriate Material

Most social networking sites have terms of service agreements, privacy policies, or material
codes of Ethics that summarize the platform’s core legal aspects. In most cases, the terms specify
that the site reserves the right to remove content and terminate user accounts that breach the
platform’s policies. These initiatives can be challenging to implement. Non-consensual posts that
contain private images or videos of people without their consent are often referred to as “revenge
porn.” Ex-partners often share this sort of material in order to shame,embarrass,and/or annoy their
former spouse.

6. Employee

Participation on Social Media Networks to minimize compliance problems and to set

consistent rules and standards for workers, businesses should implement a social media strategy.
Employees will be encouraged to voice their views and practice imagination with a framework in
place, knowing that what they post on social media would not have a direct effect on their careers.

7. Cyber Harassment

The abusive behaviour,which includes the use of electronic media, is a type of cyber
harassment.

COMPUTER PRIVACY AND CYBERSECURITY

Cybersecurity awareness encourages basic knowledge of cyber vulnerabilities and risks, as
well as cyber hygiene and effective solution options. When people are faced with cyber threats, it
educates them on best practices and preventive steps. Cyber understanding about cyber-related
risks should be promoted among the general population, businesses, and government employees.

A global repository will help improve the number and quality of national cybersecurity
awareness programs by streamlining and facilitating them. The archive should be preserved and
revised on a regular basis to incorporate recent technical advancements and perspectives.

People benefit greatly from technology, but it is often necessary to consider the negative, or
possibly negative, effects. Computer technology must be implemented in such a way that its
positive effects are maximized and its negative effects are minimized.
The following are the most pressing concerns:

1. Digital Data: What are the risks to our privacy, and how do we safeguard our identities?
2. Security: How do we keep track of who has access to confidential data and protected
hardware and software?

PRIVACY

Technology makes it possible to collect and use data of all kinds, including information
about people.

THE TECHNOLOGIES THAT HAVE IMPACTS ON PRIVACY

1. Large Databases

Large corporations are continually, collecting data on their employees. Every day,
information about us is collected and held in huge databases. Credit card providers, for example,
keep track of cardholder transactions,transfers,and credit histories in customer directories.

Such personal data is collected,analyzed,and sold by a data, gathering industry known as

information resellers or information brokers. Data resellers create electronic identities or extremely
informative and customized accounts of people using publicly, accessible datasets and, in many
cases, non-public databases.

You almost definitely have an electronic profile with your name,address,phone number,
Social Security number, bank account details, and other information. This electronic profiles are
sold by information resellers to targeted advertisers, fund-raisers, and others. Many websites
provide these services for free or at a low discount. This presents a number of critical questions,
including:
1.Collecting public, but personally identifying, information.
2.Spreading information without personal consent.

3.Spreading inaccurate information.

2. Private Networks

Any companies use a device called employee- monitoring software to log practically everything
their workers do on their computers. An employee, for example, used his company’s e-mail to send
a highly personal letter to a neighbor, but his supervisor read it.

3. The Internet and the Web

IP addresses are used to identify any device on the Internet. IP addresses can be used to track
Internet activity back to the source, encouraging information security professionals and law
enforcement agents to look at violations like illegal network access and exchanging copyright data
without authorization.

When an user browses the Internet, his browser saves important information to his computer’s
hard drive without him realizing it the following items are included in this data, which provides
details of a person’s online activities:

a.History files contain the location (or addresses) of places accessed recently by a person.
b.temporary Internet archives, also known as the browser cache, store the content of Web pages as
well as instructions for viewing them. The browser saves these files if a user visits a website. These
files are used to automatically redisplay Web content if an user leaves a site and returns later.

c. Cookies are small, data files that websites leave on the user’s hard drive when le enters them.
Cookies are often used to save website preferences, such as the user’s preferred language or
location.

Several other risks, could jeopardize, personal information. Web bugs are images or HTML
code that are concealed on a Web page or in an e-mail address. These are used to send data without
the user’s permission. When a user opens an e-mail that, might contain a Web error, for example,
information is forwarded back to the bug’s source. This e-mail address is now active according to
the receiving server. Companies that offer active mailing lists to spammers use web vulnerabilities.
Many e-mail services now reject images and HTML code from anonymous senders as a result of
this scam, The user must choose whether or not to allow such material to be reelected in current
and future communications.

Spyware is the most vulnerable kind of privacy attack. Spyware is a term that refers to a
variety of services that are intended to secretly monitor and report an individual’s online activities.
Unfortunately, many spyware applications go undetected, owing to users ‘lack of knowledge of
their infection. Spyware can be installed and run in the background. Spyware is often disguised as
practical software, like a protection application.

Using, care while accessing unfamiliar websites and installing malware from an undisclosed
source is one (1) of the strongest protections against spyware. Another defense is to use anti-
spyware or spy removal systems, which are programs that are programmed to identify and
eliminate different forms of privacy attacks.

MEASURES TO PROTECT COMPUTER SECURITY

 Computer networks and data can be hacked in a variety of ways, and there are several ways
to guarantee computer security. Restricting,access,encrypting files forecasting events, and
avoiding data failure are all important steps in ensuring computer security.

Restricting Access

Biometric scanning systems and passwords, as well as code words and phrases, may be used
to limit access. A dictionary attack is a form of program that tries thousands of terms to obtain
entry. To assist with compliance activities, use security suites,firewalls,and password managers.

Encrypting Data

Unauthorized access is a risk if information is transmitted over a network or stored on a

computer server. The alternative is cryptography, which encrypts data so that only anyone with a
secret piece of knowledge known as an encryption key, or just á key, can read it.

COMMON USES OF ENCRYPTION

a. Transfer Protocol Secure (https) requires browsers and websites to encrypt all messages.
b. Virtual Private Networks (VPNs) encrypt connections between company networks and
remote users.
c. WPA2(Wi-Fi Protected Access) is the most widely used wireless network encryption for
home wireless networks.

Anticipating Disasters

Companies and individuals can prepare for disasters by implementing a disaster response
strategy that ensures physical and computer protection. Protecting hardware from human and
natural hazards is the focus of physical defense. Data protection is concerned with preventing
unwanted tampering or harm to information and data. Most large businesses have crisis recovery
programs in place that outline how to keep processes running before regular computer operations
can be restored.

Preventing Data Loss

Data backups can be performed on a regular basis to avoid data failure. To secure data in the
event of burglary,arson,lood,or other events, backups are often kept off-site. Incremental backups
save several copies of data at various points of time to protect against data destruction due to
unintentional deletion or adjustments..
TRUSTWORTHY COMPUTING

Based on sound business practices, trustworthy computing is a form of computing that

provides secure, private, and consistent computing experiences. Any machine or network’s
protection is a mix of technology, regulation, and individuals. To be successful, it necessitates a
wide variety of activities. A effective protection policy starts with an assessment of threats to the
organization’s computers and network, the identification of measures to fix the most critical
vulnerabilities, and the education of end users about the risks involved and the steps they must
take to avoid a security incident. Microsoft has committed to delivering on a trustworthy
computing initiative that will boost confidence in its digital products, as shown below:

MICROSOFT’S FOUR PILLARS OF TRUSTWORTHY COMPUTING

These refers to the actions taken by Microsoft to support trustworthy computing

1st PILLAR:SECURITY

Invest in the knowledge and technologies needed to provide a secure environment. To

develop and implement safe computing, collaborate with law enforcement authorities, industry
leaders, academia, and the private sector. Consumers should be educated on safe computing to
build credibility.

2ND PILLAR:PRIVACY

Make privacy a top priority in product design, production, and testing. Contribute to the
development of industry,organisation,and government practices and polcies.Enable people to have
a sense of control over their personal data.

3RD PILLAR:RELIABILITY

Build a device that can continue to deliver service in the midst of internal or external
disruptions; in the case of a failure, they can be quickly restored to a previously established state
with no data Ioss; they provide reliable and timely service as needed; necessary modifications and
enhancements do not interrupt them on release; they have limited technological bugs; and they
perform as intended or promised.

4TH PILLAR: BUSINESS INTEGRITY

Be sensitive by accepting blame for issues and taking steps to resolve them. Keep intentions
straight, keep promises, and make sure clients know where they are in dealings with the company
by being honest in dealings with them.

ACTIVITIES FOR IMPLEMENTING TRUSTWORTHY COMPUTING

1.CONDUCT RISK ASSESSMENT

Which is the method of determining the security challenges posed by both internal and
external threats to an organization’s computers and networks. Its aim is to determine which time
and capital expenditures can help defend the company against the most possible and significant
threats. An asset is any hardware,software,computer System,network,or database that is used by
the enterprise to accomplish its business objectives in the light of IT risk assessment.

STEPS IN SECURITY RISK ASSESSMENT PROCESS

Step 1.
Determine which IT properties the company is most worried with. Resources that support
the organization’s mission and the achievement of its key objectives are usually given priority.

Step 2.

Identify the potential failure cases, or risks/threats, such as a DDoS attack or insider theft.

Step 3.

Examine the number of incidents or the risk of each imminent threat; certain risks, such as
insider theft, are more likely to occur.

Step 4.

Determine the impact of each threat occurring.

Step 5.

Determine how each hazard can be mitigated so that it is less likely to occur or has a smaller
impact on the organization if it does.

Step 6.
Assess the feasibility of implementing the mitigation options.
Step 7.

Perform a cost-benefit analysis to ensure that one’s efforts will be cost-effective.

Step 8.

Decide whether or not to implement a particular counter- measure.

2.ESTABLISH SECURITY POLICY

A security, strategy lays out an organization’s security criteria, as well as the safeguards and
sanctions that must be in place to fulfill such requirements. Documented protocols should be in
place for the following:

a.Using,an electronic framework (password guidelines).

b. Using e-mail attachments.

c. Using cellular computers to view company e-mail, store classified data, and run sensitive
applications.
3. EDUCATE EMPLOYEES,CONTRACTORS,AND PART-TIME WORKERS

They must be trained about the value of security in order to be motivated to comprehend and
adhere to security policies. Users must recognize that they are an important part of the protection
mechanism and that they have duties such as:

a.Protecting their credentials to prevent unwanted access to their accounts;

b.preventing anyone from using their passwords;

c. Implementing stringent access restrictions (file and directory permissions) to prevent data
leakage or destruction; and

d. reporting, any suspicious behavior to the organization’s IT protection group.

Preventative Measures

Implementing layered-security solution win up to date are t give difficulty to an attacker to

break-in into a to resolve these computer until giving-up eventually.

The following are the layers of protective measures:

a. Installing A Corporate Firewall
A firewall protects an organization’s internal thought-out s network from the outside world.
It also is following it restricts network connectivity according the corporation’s access
policies.

b. Intrusion Prevention Systems (IPSs)

This deter attacks by preventing malware, malformed packets, and other threats from
entering the secure network.

c. Installing Antivirus Software on Personal

 Antivirus program looks for a virus signature, which is a fixed sequence of bytes that
signals the existence of specific viruses. If antivirus software detects a virus, it notifies the user
and can disinfect, erase, or quarantine any Files,folders,or disks that have been infected the
following by the malicious code.

d. Implementing Safeguards Against Attacks by Malicious Insiders

Organizations must carefully identify staff duties and separate main tasks so that no one
worker is responsible for completing a high- Security mission.

e. Addressing The Most Critical Internet Security Threats

Installing a known patch to the program and maintaining programs and operating systems
up to date are two steps that must be taken to resolve these problems. Those in charge of
information protection must make preventing attacks based on these flaws a top priority

f. Conducting Periodic I’T Security Audits

A compliance audit is a preventative measure that assesses whether a company has a well-
thought-out security protocol in place and is following it (e.g. Password policy, system access, and
level of authority).

3.INSTALL DETECTION SYSTEM

An intrusion detection system (IDS) detects system and network resources and operations
using software and/or hardware. When it detects potential intrusions from the outside or misuse
from inside the enterprise, it alerts network security staff.

4.CREATE RESPONSE PLAN

A contingency strategy should be formulated well ahead of any incident and approved by
both the legal department and senior management of the organization.

The following items should be included in the response plan:

1. Incident Notification-Which specifies who should be notified and who should not.
2. Evidence Protection And Activity Logs -It records the aspects of a security issue when
working to fix it.
3. Incident Containment – It responds immediately to mitigate an assault to prevent A
terrible condition fro worsening.
4. Eradication – Before beginning the eradication campaign, the IT protection team must
gather and log any available illegal information from the device. It must then ensure that
all required backups are present, accurate, and virus-free.
5. Incident Follow-Up-An essential pet of follow-up is to determine how organization’s
security was compromise so that it does not happen again.