Beruflich Dokumente
Kultur Dokumente
Student Name:
Institutional Affiliation:
Course:
Date:
The Brazilian Federal Data Processing Service 2
Question 1
Business ethics is a fundamental concept to every business more so after PRISM of the
National Security agency was compromised. Ethics in business is defined as a set of acceptable
principle character that provide guidelines to what is right and wrong (David, 2016). Such
principle provide basis for the conduct of individuals as well as companies. From the case study,
it is evident that Brazils case was unethical based on the following accounts.
Data within the Brazilian Federal data processing service was illegally accessed. This
goes against the fundamentals of operational ethics. The fact that the foreign intelligence
agencies that carried out the cyber-attack, also suffered immense loses due to the Snowdens
disclosure does not preempt the unethical acts. Furthermore, countries are sovereign states and
breaching a nations sovereignty. Despite the blurred boundaries brought about by the age of the
internet, information remains as an asset of an owner and in this case a sovereign state. The mere
Question 2
According to the case study, foreign agencies had intercepted Brazils electronic
communications through snooping the Federal Data processing service email system. Electronic
mail virtually an essential service to all humanity, looking at its architecture, electronic mail
mimic mail transformation paper pattern, where an email author enters the recipients email
address, message subject, message content and submits it to the Mail server, the mail server then
transmits the message to an email storage and delivery agent from where it is then sent to the
recipients mailbox.
The Brazilian Federal Data Processing Service 3
Since electronic mail operates differently from common network traffic on the basis of
distinct real time connection components such as store and forwarding, electronic mails go
through various nodes and every transmission establishes a new connection. A security breach
could occur in any of the nodes or connections making it quite unsecure. From Brazils data
breach, it is evident that the inadequacies of the electronic mail system lead to user private
information being compromised. There was hardly enough security control measures that the
Brazilian government would have put in an original architecture had they considered the security
issues before to prevent what happened. However, the Brazilian government could have just
implemented measures to prevent intrusion as well as minimize the degree of impact in case of
such acts
Question 3
From the case study, Brazils Federal data processing service intends to create a secure
email system. Its government also has plans to put in place a new underwater high speed fiber
cable linking Brazil to Europe directly so as to avoid having to route through other countries
internet connections via the United States (Lucian, 2011). There are also considerations to put in
place laws that would force online service providers such as Google to host any information
safe and free from compromise (Moore, 2005). Possible standard suggestions include
S/MIME and PGP. This could also include the establishment of security policies on every
node within the client server architecture. Options include using a firewall, intrusion
2. The Brazilian government should also establish email system security access policies,
enabling it to realize acceptable standards for client or device access. For instance,
Maryland Montgomery county government should set the security level of its email to
only allow full access by blackberry devices, it could then limit access for other devices.
Furthermore, Brazil should train its citizens on fundamentals of using electronic mail,
such as only using trusted devices, not clicking every given link that is sent to their
Question 4
I looked closely at the Australian Government agencies electronic mail security policies. I
had to be quite careful so as not to create an opening for security breaches similar to the one in
Brazil. Australia have what they term as Protective Marking Policy whereby its objective is to
provide a framework to control and monitor the flow of sensitive data via electronic mail. This
solution necessitates a framework for users to categorize the emails before sending and is
implemented with the aid of januSEAL, some open source email plug-in that prompts users to
classify their emails every time they want to send messages, this contributes to email security in
a huge way.
parameter filtering services to be configured to enforce certain fundamental security rules. The
regulations provide filtering services, which adds to the content based regulations founded on the
email security level classification before sending. If the Brazilian Federal Data processing
service were to implement such policies in their electronic mail systems, the consequences of the
data breach would not have been that severe. Those messages that were not classified or marked
The Brazilian Federal Data Processing Service 5
would not be delivered thus contribute to reducing the chances of data leakages as well as
References
David, G. (2016). Business Ethics and Social Responsibility. . Retrieved from Managementhelp:
http://managementhelp.org/businessethics/
Lucian, C. (2011). Brazil to fortify government email system following NSA snooping
http://www.cs.utk.edu/~moore/opinions/email-submission-recommendations.html