Title: Security, Privacy, and Ethical Issues in Information Systems and the Internet
1Security, Privacy, and Ethical Issues in
Information Systems and the Internet
2Principles and Learning Objectives
- Policies and procedures must be established to
avoid computer waste and mistakes. - Describe some examples of waste and mistakes in
an IS environment, their causes, and possible
solutions.
3Principles and Learning Objectives
- Computer crime is a serious and rapidly growing
area of concern requiring management attention. - Explain the types and effects of computer crime.
- Identify specific measures to prevent computer
crime. - Discuss the principles and limits of an
individuals right to privacy.
4Principles and Learning Objectives
- Jobs, equipment, and working conditions must be
designed to avoid negative health effects. - List the important effects of computers on the
work environment. - Identify specific actions that must be taken to
ensure the health and safety of employees. - Outline criteria for the ethical use of
information systems.
5Social Issues in Information Systems
6Computer Waste Mistakes
7Computer Waste
- Example
- Discard technology-Some companies discard usable
hardware and software that could be used
elsewhere in the company, or sold or donated - Unused systems - never used to it fullest extent
- Personal use of corporate time and technology-
Employees playing computer games or surfing the
Web at their desks on company time is also a
source of waste, as are junk e-mail and junk
faxes.
- Prevention
- User manuals
- Training
- Policy procedure
8Computer mistakes
- Example
- Error/failure/incorrect output
- Inappropriate processing instruction
- Inaccurate data entry
- Mishandling IS output
- Poor system design
- Prevention
- Careful programming
- Testing/backup
- Provide user manual
- training
9Preventing Computer Waste and Mistakes
- For example, procedures could ensure that
computers no longer needed in one part of the
company would be used in another part, rather
than discarded.
10Preventing Computer-Related Waste and Mistakes-
pg618
11Implementing Policies and Procedures-pg619
12Computer CrimeComputer crime includes a
wide range of categories, such asintroducing
viruses, stealing credit card numbers from
on-line systems stealing an informationcrashing
Web sites.
13 Number of Incidents Reported to CERT
14Computer Crime and Security Survey-pg 622
15The Computer as a Tool to Commit Crime
- Social engineering-stealing credit card numbers
from on-line retailer CD Universe and stealing
10 million from Citibank - Dumpster diving or searching through an
organizations garbage to find the information
they need. - Identity theft- Password sniffers are small
programs that can be run on computers or networks
to record logins and passwords. - Cyberterrorism
16Computers as Objects of Crime
- Illegal access and use
- Hackers vs. crackers- The term hacker has long
been used to describe an individual who enjoys
technology and spends much time learning about
and using computers.Crackers are hackers who
gain unauthorized access to computer systems - Script bunnies-.Individuals with little technical
knowledge who download programs, called scripts,
that automate breaking into computers, are called
script bunnies. - Insiders -
17Data Alteration and Destruction
- Virus-A virus is a program that attaches itself
to other programs - Application virus
- System virus
- Macro virus
- Worm- A worm is an independent program, that
replicates itself, interrupting the functioning
of networks and computers - Logic bomb- Logic bombs may be disguised as
Trojan horse, which is a program that appears to
be useful but hides a virus or worm.
18Data Alteration and Destruction-pg 625
19 Top Viruses July 2002-pg627
20 Top Viruses July 2002
21Computers as Objects of Crime
- Information and equipment theft
- Software and Internet piracy
- Computer-related scams
- International computer crime
22Preventing Computer-Related Crime
- Crime prevention by state and federal agencies
- Crime prevention by corporations-encryption
- Public Key Infrastructure (PKI)
- Biometrics
- Antivirus programs
23Preventing Crime on the Internet
- Develop effective Internet and security policies
- Use a stand-alone firewall with network
monitoring capabilities - Monitor managers and employees
- Use Internet security specialists to perform
audits
24 Common Methods Used to Commit Computer Crimes-pg
633
25 How to Protect Your Corporate Data from
Hackers-pg634
26PrivacyThe right to be out of public view
27Privacy Issues
- Privacy and the Federal Government
- Privacy at work
- E-mail privacy
- Privacy and the Internet
28Using Antivirus Programs
29The Work Environment
- Although computer technology has brought
productivity and efficiency to the workplace, it
has raised health concerns as well.
30Health Concerns
- Repetitive stress injury (RSI)-Continued work
using computer keyboards, mice, or other
equipment can lead to repetitive stress disorder
and carpal tunnel syndrome, both resulting in
pain in the fingers, wrist, or hand - Carpal tunnel syndrome (CTS)-The aggravation of
the pathway for nerves that travel through the
wrist. - Ergonomics-the study of designing and positioning
equipment to enhance employee safety and health.
Ergonomics has suggested that furniture can be
designed to decrease fatigue, strain, or injury
from working with computers. The positioning of
keyboards and display screens, as well as
lighting, is also important
31Avoiding Health and Environment Problems
- Maintain good posture and positioning.
- Dont ignore pain or discomfort.
- Use stretching and strengthening exercises.
- Find a good physician who is familiar with RSI
and how to treat it.
32Summary
- Computer waste - the inappropriate use of
computer technology and resources in both the
public and private sectors - Software and Internet piracy - represent the most
common computer crime