Security, Privacy, and Ethical Issues in Information Systems and the Internet

1
Chapter 14

• Security, Privacy, and Ethical Issues in
  Information Systems and the Internet

2
Lecture Outline

• Computer Waste Mistakes
• Computer Crime
• Privacy
• Health Concerns

3
Computer Waste

• Discard technology
• Unused systems
• Personal use of corporate time technology

4
Types of Computer-Related Mistakes

• Data entry or capture errors
• Errors in computer programs
• Errors in handling files (formatting, copying,
  and deleting)
• Mishandling of computer output
• Inadequate planning for and control of equipment
  malfunctions
• Inadequate planning for and control of
  environmental difficulties (electrical or
  humidity problems)
• Inadequate computing capacity for Web site
• Failure to provide access to the most current
  information

5
Preventing Computer Waste Mistakes

• Computer acquisition use
• Individual workgroup training
• Maintenance use of computer systems
• Approval for applications systems
• Required documentation

6
Useful Policies to Eliminate Waste and Mistakes

• Control changes using owner authorization and
  documentation
• Good user manual including operating procedure,
  management, and control of the application
• System report including title and time period
• Ensure valid data input, HTML, and URLs
• Proper procedure to ensure correct input data

7
Computer Crime

• The vast, interconnected information systems of
  today are a relatively open territory of crime
  where the modern computer criminal seems to
  remain one step ahead of the law enforcing
  officials.
• Crimes are committed by people that have
• Knowledge to gain access to a computer system
• Knowledge to manipulate the system to produce the
  desired result
• Generally, the computer is used
• As tool to commit crime
• As the object of crime

8
Computers as Tools to Commit Crime

• Credit card fraud, by illegally gaining access to
  back accounts (or credit cards)
• Making illegal financial transactions like
  fraudulent payments
• Counterfeiting money, bank checks, stock and bond
  certificates using high-quality printers

9
Computers as Objects of Crime

• Illegal access and use of the organization's
  computer based information systems by a criminal
  hacker
• Data alteration and destruction many times caused
  by a virus (application or system virus), a worm,
  a logic bomb or a Trojan horse
• Data and information theft by those that
  illegally access the system (usually insiders)
• Equipment theft
• Software piracy by illegally duplicating software
  (patrolled by the Software Publishers
  Association)
• Computer-related scams especially over the
  Internet
• International computer crime especially crime
  related to obtaining computer hardware, related
  technology and trade secrets

10
Data Alteration Destruction

• Virus
• Application virus
• System virus
• Macro virus
• Worm
• Logic bomb

11
Preventing Computer-Related Crime

• Crime prevention by state federal agencies
• Anti-virus programs
• Internet laws for libel protection of decency
• Preventing crime on the Internet
• Crime prevention by corporations

12
How to Protect from Hackers
13
How to Protect from Hackers

• Install user authentication and encryption on
  firewall
• Install latest security patches
• Disable guest accounts and null accounts
• No overfriendly log-in procedures for remote
  users
• Given an application its own dedicated server
• Restrict physical access to the server (room)
• Turn audit trails on
• Install caller ID
• Install corporate firewall
• Install up to date antivirus software
• Conduct regular IS security audits
• Critical data backup

14
Privacy

• Privacy at work
• E-mail privacy
• Privacy of hardware software consumers
• Privacy the Internet

15
Health Concerns

• Repetitive stress injury (RSI)
• Carpal tunnel syndrome (CTS)
• Ergonomics

16
Points of Remember

• Computer Waste Mistakes
• Computer Crime
• Privacy
• Health Concerns