Principles of Information Systems - Chapter 14


Published on

Principles of Information Systems Sixth Edition, Written by Ralph Star, George Reynolds

Published in: Education, Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Although information technology has become so valuable most of us can’t imagine life without it, it also brings problems. After studying this chapter, you should be able to address the objectives on the next 2 slides.
  • Principles of Information Systems - Chapter 14

    1. 1. Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 14
    2. 2. Principles and Learning Objectives <ul><li>Policies and procedures must be established to avoid computer waste and mistakes. </li></ul><ul><ul><li>Describe some examples of waste and mistakes in an IS environment, their causes, and possible solutions. </li></ul></ul><ul><ul><li>Identify policies and procedures useful in eliminating waste and mistakes. </li></ul></ul>
    3. 3. Principles and Learning Objectives <ul><li>Computer crime is a serious and rapidly growing area of concern requiring management attention. </li></ul><ul><ul><li>Explain the types and effects of computer crime. </li></ul></ul><ul><ul><li>Identify specific measures to prevent computer crime. </li></ul></ul><ul><ul><li>Discuss the principles and limits of an individual’s right to privacy. </li></ul></ul>
    4. 4. Principles and Learning Objectives <ul><li>Jobs, equipment, and working conditions must be designed to avoid negative health effects. </li></ul><ul><ul><li>List the important effects of computers on the work environment. </li></ul></ul><ul><ul><li>Identify specific actions that must be taken to ensure the health and safety of employees. </li></ul></ul><ul><ul><li>Outline criteria for the ethical use of information systems. </li></ul></ul>
    5. 5. Social Issues in Information Systems
    6. 6. Computer Waste & Mistakes
    7. 7. Computer Waste <ul><li>Discard technology </li></ul><ul><li>Unused systems </li></ul><ul><li>Personal use of corporate time and technology </li></ul>
    8. 8. Preventing Computer Waste and Mistakes <ul><li>Establish Policies and Procedures </li></ul><ul><li>Implement Policies and Procedures </li></ul><ul><li>Monitor Policies and Procedures </li></ul><ul><li>Review Policies and Procedures </li></ul>
    9. 9. Preventing Computer-Related Waste and Mistakes
    10. 10. Implementing Policies and Procedures
    11. 11. Computer Crime
    12. 12. Number of Incidents Reported to CERT
    13. 13. Computer Crime and Security Survey
    14. 14. The Computer as a Tool to Commit Crime <ul><li>Social engineering </li></ul><ul><li>Dumpster diving </li></ul><ul><li>Identity theft </li></ul><ul><li>Cyberterrorism </li></ul>
    15. 15. Computers as Objects of Crime <ul><li>Illegal access and use </li></ul><ul><ul><li>Hackers vs. crackers </li></ul></ul><ul><ul><li>Script bunnies </li></ul></ul><ul><ul><li>Insiders </li></ul></ul>
    16. 16. Illegal Access and Use
    17. 17. Data Alteration and Destruction <ul><li>Virus </li></ul><ul><ul><li>Application virus </li></ul></ul><ul><ul><li>System virus </li></ul></ul><ul><ul><li>Macro virus </li></ul></ul><ul><li>Worm </li></ul><ul><li>Logic bomb </li></ul>
    18. 18. Data Alteration and Destruction
    19. 19. Top Viruses – July 2002
    20. 20. Top Viruses – July 2002
    21. 21. Computers as Objects of Crime <ul><li>Information and equipment theft </li></ul><ul><li>Software and Internet piracy </li></ul><ul><li>Computer-related scams </li></ul><ul><li>International computer crime </li></ul>
    22. 22. Preventing Computer-Related Crime <ul><li>Crime prevention by state and federal agencies </li></ul><ul><li>Crime prevention by corporations </li></ul><ul><ul><li>Public Key Infrastructure (PKI) </li></ul></ul><ul><ul><li>Biometrics </li></ul></ul><ul><li>Antivirus programs </li></ul>
    23. 23. Preventing Computer-Related Crime <ul><li>Intrusion Detection Software </li></ul><ul><li>Managed Security Service Providers (MSSPs) </li></ul><ul><li>Internet Laws for Libel and Protection of Decency </li></ul>
    24. 24. Preventing Crime on the Internet <ul><li>Develop effective Internet and security policies </li></ul><ul><li>Use a stand-alone firewall with network monitoring capabilities </li></ul><ul><li>Monitor managers and employees </li></ul><ul><li>Use Internet security specialists to perform audits </li></ul>
    25. 25. Common Methods Used to Commit Computer Crimes
    26. 26. How to Protect Your Corporate Data from Hackers
    27. 27. Privacy
    28. 28. Privacy Issues <ul><li>Privacy and the Federal Government </li></ul><ul><li>Privacy at work </li></ul><ul><li>E-mail privacy </li></ul><ul><li>Privacy and the Internet </li></ul>
    29. 29. Using Antivirus Programs
    30. 30. Fairness and Information Use
    31. 31. Federal Privacy Laws and Regulations <ul><li>The Privacy Act of 1979 </li></ul><ul><li>Gramm-Leach-Bliley Act </li></ul><ul><li>USA Patriot Act </li></ul>
    32. 32. Other Federal Privacy Laws
    33. 33. Other Federal Privacy Laws
    34. 34. The Work Environment
    35. 35. Health Concerns <ul><li>Repetitive stress injury (RSI) </li></ul><ul><li>Carpal tunnel syndrome (CTS) </li></ul><ul><li>Ergonomics </li></ul>
    36. 36. Avoiding Health and Environment Problems <ul><li>Maintain good posture and positioning. </li></ul><ul><li>Don’t ignore pain or discomfort. </li></ul><ul><li>Use stretching and strengthening exercises. </li></ul><ul><li>Find a good physician who is familiar with RSI and how to treat it. </li></ul>
    37. 37. Medical Topics on the Internet
    38. 38. Ethical Issues in Information Systems <ul><li>The AITP Code of Ethics </li></ul><ul><ul><li>Obligation to management </li></ul></ul><ul><ul><li>Obligation to fellow AITP members </li></ul></ul><ul><ul><li>Obligation to society </li></ul></ul><ul><li>The ACM Code of Professional Conduct </li></ul><ul><ul><li>Acquire and maintain professional competence </li></ul></ul>
    39. 39. AITP Code of Ethics
    40. 40. Summary <ul><li>Computer waste - the inappropriate use of computer technology and resources in both the public and private sectors </li></ul><ul><li>Software and Internet piracy - represent the most common computer crime </li></ul><ul><li>Ethics - determine generally accepted and discouraged activities within a company </li></ul>