Transcript ss - Computer Engineering
Security, Privacy, and Ethical Issues in Information Systems and the Internet
Chapter 9
Fundamentals of Information Systems, Second Edition 1
Computer Crime
Fundamentals of Information Systems, Second Edition 2
Number of Incidents Reported to CERT
Fundamentals of Information Systems, Second Edition 3
Computer Crime and Security Survey
Fundamentals of Information Systems, Second Edition 4
The Computer as a Tool to Commit Crime
• Social engineering: Someone gives away the password to log into a certain computer • Dumpster diving: Search information in garbage to break into computers • Identity theft: Get personal information (SSN); started happening in Turkey as well • Cyberterrorism: Attacking government computers to get across a point Fundamentals of Information Systems, Second Edition 5
Computers as Objects of Crime
• Illegal access and use – Hackers are good at programming – Crackers (Criminal hackers) use programming skills to gain illegal access to a computer network or file. • Information and equipment theft (2 nd to car theft) • Software and Internet piracy • Computer-related scams: “Nigerian lady” • International computer crime Fundamentals of Information Systems, Second Edition 6
How to Respond to a Security Incident
Fundamentals of Information Systems, Second Edition 7
Data Alteration and Destruction
• Virus: Attaches itself to other programs • Worm: Independent program; propagates on its own • Logic bomb: Programmed to be activated at a certain time • Trojan horse: Appears to be useful, but hides a destructive program Fundamentals of Information Systems, Second Edition 8
The Six Computer Incidents with the Greatest Worldwide Economic Impact
Fundamentals of Information Systems, Second Edition 9
Top Viruses – July 2002
Fundamentals of Information Systems, Second Edition 10
Preventing Computer-Related Crime
• Crime prevention by state and federal agencies • Crime prevention by corporations – Public Key Infrastructure (PKI) – Biometrics • Anti-virus programs Fundamentals of Information Systems, Second Edition 11
Preventing Computer-Related Crime
• Intrusion Detection Software • Managed Security Service Providers (MSSPs) • Internet Laws for Libel and Protection of Decency Fundamentals of Information Systems, Second Edition 12
Preventing Crime on the Internet
• Develop effective Internet and security policies • Use a stand-alone firewall with network monitoring capabilities • Monitor managers and employees • Use Internet security specialists to perform audits Fundamentals of Information Systems, Second Edition 13
Common Methods Used to Commit Computer Crimes
Fundamentals of Information Systems, Second Edition 14
How to Protect Your Corporate Data from Hackers
Fundamentals of Information Systems, Second Edition 15
Antivirus Software
Fundamentals of Information Systems, Second Edition 16
Privacy
Fundamentals of Information Systems, Second Edition 17
Privacy Issues
• Privacy and the Federal Government • Privacy at work • E-mail privacy • Privacy and the Internet Fundamentals of Information Systems, Second Edition 18
The Right to Know and the Ability to Decide
Fundamentals of Information Systems, Second Edition 19
Federal Privacy Laws and Provisions
Fundamentals of Information Systems, Second Edition 20
The Work Environment
Fundamentals of Information Systems, Second Edition 21
Health Concerns
• Repetitive stress injury (RSI) • Repetitive motion disorder • Carpal tunnel syndrome (CTS) • Ergonomics Fundamentals of Information Systems, Second Edition 22
Avoiding Health and Environment Problems
• Maintain good posture and positioning.
• Do not ignore pain or discomfort.
• Use stretching and strengthening exercises.
• Find a good physician who is familiar with RSI and how to treat it.
• After treatment, start back slowly and pace yourself.
Fundamentals of Information Systems, Second Edition 23
Medical Topics on the Internet
Fundamentals of Information Systems, Second Edition 24
Computer Waste & Mistakes
Fundamentals of Information Systems, Second Edition 25
Social Issues in Information Systems
Fundamentals of Information Systems, Second Edition 26
Computer Waste
• Discard technology • Unused systems • Personal use of corporate time and technology Fundamentals of Information Systems, Second Edition 27
Preventing Computer Waste and Mistakes
• Establish Policies and Procedures • Implement Policies and Procedures • Monitor Policies and Procedures • Review Policies and Procedures Fundamentals of Information Systems, Second Edition 28
Types of Computer-Related Mistakes
Fundamentals of Information Systems, Second Edition 29
Useful Policies to Eliminate Waste and Mistakes
Fundamentals of Information Systems, Second Edition 30
Summary
•
Computer waste
- the inappropriate use of computer technology and resources in both the public and private sectors •
Identity theft
- a crime in which an imposter obtains key pieces of personal identification information in order to impersonate someone else •
Software and Internet piracy
- represent the most common computer crime Fundamentals of Information Systems, Second Edition 31
Principles and Learning Objectives
• Policies and procedures must be established to avoid computer waste and mistakes.
– Describe some examples of waste and mistakes in an IS environment, their causes, and possible solutions.
– Identify policies and procedures useful in eliminating waste and mistakes.
Fundamentals of Information Systems, Second Edition 32
Principles and Learning Objectives
• Computer crime is a serious and rapidly growing area of concern requiring management attention.
– Explain the types and effects of computer crime.
– Identify specific measures to prevent computer crime.
– Discuss the principles and limits of an individual’s right to privacy.
Fundamentals of Information Systems, Second Edition 33
Principles and Learning Objectives
• Jobs, equipment, and working conditions must be designed to avoid negative health effects.
– List the important effects of computers on the work environment.
– Identify specific actions that must be taken to ensure the health and safety of employees .
Fundamentals of Information Systems, Second Edition 34