SlideShare a Scribd company logo

[MU630] 005. Ethics, Privacy and Security

A
AriantoMuditomo

Copyright Notice: This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here. Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.

Economy & Finance
1 of 19
© 2018 Arianto Muditomo All Rights Reserved Copyright Notice: This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non- commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here. Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
arianto.muditomo@2018 Referrences: 1) Baltzan, Paige 2014. Business Driven Information Systems. 4th Edition. New York: McGraw-Hill. 2) Pearlson, Keri E. And Saunders Carol S. 2013. Managing and Using Information Systems: A Strategic Approach. 5th Ed. Danvers: John Wiley & Sons. 3) Turban, Efraim, Volonino, Linda, and Wood, Gregory 2013. Information Technology for Management. 9th Edition. Hoboken: John Wiley & Sons. 4) Turban, Efraim, Strauss, Judy, and Lai, Linda 2016. Social Commerce: Marketing and Technology Management. Hidelberg: Springer. 5) Xu, Jun and Quaddus, Mohammed 2013. Managing Information Systems: Ten Essential Topics. Amsterdam: Atlantis Press. 6) Turban, Rainer: Introduction to Information Systems Enablig and Transforming Business 2nd Ed., John Wiley & Sons.2009 7) Kenneth C. Laudon and Jane P. Laudon, Management Information Systems, Managing The Digital Firm, Pearson: Prentice Hall 2006 8) Business information systems : technology, development and management for the e-business / Paul Bocij, Andrew Greasley and Simon Hickie. – Fifth edition., © Pearson Education Limited 2015 1 • Session #1: Information System in Business • Session #2: IT Strategic Planning • Session #3: Business Information System • Session #4: Business Intelligence & Decision Support • Session #5: Ethics, Privacy and Security • Session #6: e-Business and e-Commerce • Session #7: Knowledge Management • Session #8: Enterprise Information System
arianto.muditomo@2018 2 § Describe the major ethical issues related to information technology and identify situations in which they occur. § Identify the many threats to information security. § Understand the various defense mechanisms used to protect information systems. § Explain IT auditing and planning for disaster recovery.
arianto.muditomo@2018 #4 CHECK POINT PRE-LEARNING TEST 3 § What do you know about Code Ethics? § What is Privacy? § Please identify the many threats to information security.
arianto.muditomo@2018 § Ethics refers to the principles of right and wrong that individuals use to make choices to guide their behaviors. Deciding what is right or wrong is not always easy or clear-cut. For this reason, many companies and professional organizations develop their own codes of ethics. § A code of ethics is a collection of principles that is intended to guide decision making by members of the organization. 4 Responsibility means that you accept the consequences of your decisions and actions. Accountability refers to determining who is responsible for actions that were taken. Liability is a legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations, or systems.
arianto.muditomo@2018 5 Privacy issues involve collecting, storing, and disseminating information about individuals. Accuracy issues involve the authenticity, fidelity, and accuracy of information that is collected and processed. Property issues involve the ownership and value of information. Accessibility issues revolve around who should have access to information and whether they should have to pay for this access.
arianto.muditomo@2018 6 Privacy Issues • What information about oneself should an individual be required to reveal to others? • What kind of surveillance can an employer use on its employees? • What types of personal information can people keep to themselves and not be forced to reveal to others? • What information about individuals should be kept in databases, and how secure is the information there? Accuracy Issues • Who is responsible for the authenticity, fidelity, and accuracy of the information collected? • How can we ensure that the information will be processed properly and presented accurately to users? • How can we ensure that errors in databases, data transmissions, and data processing are accidental and not intentional? • Who is to be held accountable for errors in information, and how should the injured parties be compensated? Property Issues • Who owns the information? • What are the just and fair prices for its exchange? • How should one handle software piracy (copying copyrighted software)? • Under what circumstances can one use proprietary databases? • Can corporate computers be used for private purposes? • How should experts who contribute their knowledge to create expert systems be compensated? • How should access to information channels be allocated? Accessibility Issues • Who is allowed to access information? • How much should companies charge for permitting accessibility to information? • How can accessibility to computers be provided for employees with disabilities? • Who will be provided with equipment needed for accessing information? • What information does a person or an organization have a right or privilege to obtain, under what conditions, and with what safeguards?
arianto.muditomo@2018 PRIVACY Privacy is the right to be left alone and to be free of unreasonable personal intrusions. v Information privacy is the right to determine when, and to what extent, information about yourself can be gathered and/or communicated to others. v Privacy rights apply to individuals, groups, and institutions. 7
arianto.muditomo@2018 § Data aggregators, digital dossiers, and profiling § Electronic Surveillance § Personal Information in Databases § Information on Internet Bulletin Boards, Newsgroups, and Social Networking Sites 8 Privacy Codes and Policies Privacy policies or privacy codes are an organization’s guidelines for protecting the privacy of customers, clients, and employees. How to Protect?
arianto.muditomo@2018 PRIVACY POLICY a business is prohibited from collecting any personal information unless the customer specifically authorizes it. 9 a business is permits to collect personal information until the customer specifically requests that the data not be collected
arianto.muditomo@2018 THREATS TO INFORMATION SECURITY A number of factors contribute to the increasing vulnerability of organizational information assets, which are 10 • Today’s interconnected, interdependent, wirelessly networked business environment • Government legislation • Smaller, faster, cheaper computers and storage devices • Decreasing skills necessary to be a computer hacker • International organized crime taking over cyber-crime • Downstream liability • Increased employee use of unmanaged devices • Lack of management support
arianto.muditomo@2018 11 Information systems controls are the procedures, devices, or software aimed at preventing a compromise to the system. Organizations have many information resources (These resources are subject to a huge number of threats. ) The exposure of an information resource is the harm, loss, or damage that can result if a threat compromises that resource. A threat to an information resource is any danger to which a system may be exposed Risk is the likelihood that a threat will occur A system’s vulnerability is the possibility that the system will suffer harm by a threat
arianto.muditomo@2018 12 FIGURE 3.1 Security threats. [6] p. 86
arianto.muditomo@2018 Whitman and Mattord (2003) classified threats into five general categories to help us better under- stand the complexity of the threat problem. 13 Unintentional acts • Human errors • Social Engineering, Reverse Social Engineering, and Social Data Mining. • Deviations in the Quality of Service by Service Providers • Environmental Hazards Natural disasters • Natural disasters include floods, earthquakes, hurricanes, tornadoes, lightning, and in some cases, fires. In many cases, these disasters— sometimes referred to as acts of God— can cause catastrophic losses of systems and data. Technical failures •Technical failures include problems with hardware and software. The most common hardware problem is a crash of a hard disk drive. Management failures •Management failures involve a lack of funding for information secu- rity efforts and a lack of interest in those efforts. Such lack of leadership will cause the information security of the organization to suffer. Deliberate acts • Espionage or trespass • Information extortion • Sabotage or vandalism • Theft of equipment or information • Identity theft • Compromises to intellectual property • Software attacks • Supervisory control and data acquisition (SCADA) attacks • Cyber-terrorism and cyber- warfare
arianto.muditomo@2018 14 BCP, Backup & Recovery Control Risk Management IS Auditing • Risk acceptance: Accept the potential risk, continue operating with no controls, and absorb any damages that occur. • Risk limitation: Limit the risk by implementing controls that minimize the impact of the threat. • Risk transference: Transfer the risk by using other means to compensate for the loss, such as by purchasing insurance. • Physical Control • Access Control • Communication Control • Application Control • Types of Auditors & Audits • How is auditing executes? • Hot-site • Warm-site • Cold-site • Off-site data storage
arianto.muditomo@2018 THE DIFFICULTIES IN PROTECTING INFORMATION RESOURCES § Hundreds of potential threats exist. § Computing resources may be situated in many locations. § Many individuals control information assets. § Computer networks can be located outside the organization and may be difficult to protect. § Rapid technological changes make some controls obsolete as soon as they are installed. § Many computer crimes are undetected for a long period of time so it is difficult to learn from experience. § People tend to violate security procedures because the procedures are inconvenient. § The amount of computer knowledge necessary to commit computer crimes is usually minimal. As a matter of fact, one can learn hacking for free on the Internet. § The cost of preventing hazards can be very high.Therefore, most organizations simply cannot afford to protect against all possible hazards. § It is difficult to conduct a cost-benefit justification for controls before an attack occurs because it is difficult to assess the value of a hypothetical attack. 15
arianto.muditomo@2018 16 § What do know about Code Ethics? A code of ethics is a collection of principles that is intended to guide decision making by members of the organization. § What is Privacy? Privacy is the right to be left alone and to be free of unreasonable personal intrusions. § Please identify the many threats to information security. Unintentional threats include human errors, environmental hazards, and computer system failures. Intentional threats include espionage, extortion, vandalism, theft, software attacks, and compromises to intellectual property. Software attacks include viruses, worms,Trojan horses, logic bombs, back doors, denial–of– service, alien software, phishing, and pharming. A growing threat is cyber-crime, which includes identity theft and phishing attacks.
arianto.muditomo@2018 § Please make a short description about the most privacy case that happens for the last 10 years § References: Facebook privacy case, Google privacy case, Wikileaks ethics and privacy case, Microsoft privacy case etc 17
© 2018 Arianto Muditomo All Rights Reserved

Recommended

Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible DataTom Walker
 
Information Privacy
Information PrivacyInformation Privacy
Information Privacyimehreenx
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Information privacy and Security
Information privacy and SecurityInformation privacy and Security
Information privacy and SecurityAnuMarySunny
 
Data Privacy
Data PrivacyData Privacy
Data Privacycliff_rudolph
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
Privacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital WorldPrivacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital WorldArab Federation for Digital Economy
 

Recommended

Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible DataTom Walker
 
Information Privacy
Information PrivacyInformation Privacy
Information Privacyimehreenx
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Information privacy and Security
Information privacy and SecurityInformation privacy and Security
Information privacy and SecurityAnuMarySunny
 
Data Privacy
Data PrivacyData Privacy
Data Privacycliff_rudolph
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
Privacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital WorldPrivacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital WorldArab Federation for Digital Economy
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & SecurityEryk Budi Pratama
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer PrivacyAshish Jain
 
Data privacy & social media
Data privacy & social mediaData privacy & social media
Data privacy & social mediaProf. Jacques Folon (Ph.D)
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
Information Privacy
Information PrivacyInformation Privacy
Information Privacyprimeteacher32
 
Privacy in simple
Privacy in simplePrivacy in simple
Privacy in simpleAurora Computer Studies
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protectionsp_krishna
 
Data protection
Data protectionData protection
Data protectionRaviPrashant5
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...- Mark - Fullbright
 
What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR? What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR? Bernard Marr
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)KP Naidu
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceRapid7
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryEMC
 
GDPR - Sink or Swim
GDPR - Sink or SwimGDPR - Sink or Swim
GDPR - Sink or SwimGuy Griffiths
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSInteraktiv
 
Data Protection GDPR Basics
Data Protection GDPR BasicsData Protection GDPR Basics
Data Protection GDPR BasicsElizabeth Dunne B.L. PC.dp
 
Data Protection Presentation
Data Protection PresentationData Protection Presentation
Data Protection PresentationIBM Business Insight
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptxRavindra Babu
 

More Related Content

What's hot

Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer PrivacyAshish Jain
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protectionsp_krishna
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...- Mark - Fullbright
 
What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR? What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR? Bernard Marr
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)KP Naidu
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceRapid7
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryEMC
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSInteraktiv
 

What's hot (20)

Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer Privacy
 
Data privacy & social media
Data privacy & social mediaData privacy & social media
Data privacy & social media
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
 
Information Privacy
Information PrivacyInformation Privacy
Information Privacy
 
Privacy in simple
Privacy in simplePrivacy in simple
Privacy in simple
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
 
Data protection
Data protectionData protection
Data protection
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...
 
What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR? What Are The Pitfalls Of People Analytics And Data-Driven HR?
What Are The Pitfalls Of People Analytics And Data-Driven HR?
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
 
GDPR - Sink or Swim
GDPR - Sink or SwimGDPR - Sink or Swim
GDPR - Sink or Swim
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
 
Data Protection GDPR Basics
Data Protection GDPR BasicsData Protection GDPR Basics
Data Protection GDPR Basics
 
Data Protection Presentation
Data Protection PresentationData Protection Presentation
Data Protection Presentation
 

Similar to [MU630] 005. Ethics, Privacy and Security

005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptxRavindra Babu
 
[MU630] 001. Information System in Business
[MU630] 001. Information System in Business[MU630] 001. Information System in Business
[MU630] 001. Information System in BusinessAriantoMuditomo
 
IT risk discusion qustion.pdf
IT risk discusion qustion.pdfIT risk discusion qustion.pdf
IT risk discusion qustion.pdfstirlingvwriters
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramFinancial Poise
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUser Vision
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesStephen Denning
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response PlanNext Dimension Inc.
 
Article 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technoArticle 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technohoney690131
 
Ready for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital EconomyReady for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital EconomyRay ABOU
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issuesJagdeepSingh394
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Burton Lee
 
Data set Legislation
Data set Legislation Data set Legislation
Data set Legislation Data-Set
 
[MU-630] 001. Information System In Business
[MU-630] 001. Information System In Business[MU-630] 001. Information System In Business
[MU-630] 001. Information System In BusinessArianto Muditomo
 
001. Information System in Business
001. Information System in Business001. Information System in Business
001. Information System in BusinessArianto Muditomo
 

Similar to [MU630] 005. Ethics, Privacy and Security (20)

005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptx
 
[MU630] 001. Information System in Business
[MU630] 001. Information System in Business[MU630] 001. Information System in Business
[MU630] 001. Information System in Business
 
IT risk discusion qustion.pdf
IT risk discusion qustion.pdfIT risk discusion qustion.pdf
IT risk discusion qustion.pdf
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital Experiences
 
UX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital ExperiencesUX & GDPR - Building Customer Trust with your Digital Experiences
UX & GDPR - Building Customer Trust with your Digital Experiences
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
 
Article 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technoArticle 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking techno
 
Ready for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital EconomyReady for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital Economy
 
Data Analytics Ethics: Issues and Questions (Arnie Aronoff, Ph.D.)
Data Analytics Ethics: Issues and Questions (Arnie Aronoff, Ph.D.)Data Analytics Ethics: Issues and Questions (Arnie Aronoff, Ph.D.)
Data Analytics Ethics: Issues and Questions (Arnie Aronoff, Ph.D.)
 
Internet security and privacy issues
Internet security and privacy issuesInternet security and privacy issues
Internet security and privacy issues
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
 
Data set Legislation
Data set Legislation Data set Legislation
Data set Legislation
 
[MU-630] 001. Information System In Business
[MU-630] 001. Information System In Business[MU-630] 001. Information System In Business
[MU-630] 001. Information System In Business
 
001. Information System in Business
001. Information System in Business001. Information System in Business
001. Information System in Business
 

More from AriantoMuditomo

[HR601] 008. Enterpreneurship & Innovative Leadership
[HR601] 008. Enterpreneurship & Innovative Leadership[HR601] 008. Enterpreneurship & Innovative Leadership
[HR601] 008. Enterpreneurship & Innovative LeadershipAriantoMuditomo
 
[HR601] 007. Creativity & Innovation
[HR601] 007. Creativity & Innovation[HR601] 007. Creativity & Innovation
[HR601] 007. Creativity & InnovationAriantoMuditomo
 
[HR601] 006. Introduction of Innovation & Entrepreneurship
[HR601] 006. Introduction of Innovation & Entrepreneurship[HR601] 006. Introduction of Innovation & Entrepreneurship
[HR601] 006. Introduction of Innovation & EntrepreneurshipAriantoMuditomo
 
[HR601] 005. Organization Change Management & Culture Change management
[HR601] 005. Organization Change Management & Culture Change management[HR601] 005. Organization Change Management & Culture Change management
[HR601] 005. Organization Change Management & Culture Change managementAriantoMuditomo
 
[HR601] 004. Introduction to Change Management
[HR601] 004. Introduction to Change Management[HR601] 004. Introduction to Change Management
[HR601] 004. Introduction to Change ManagementAriantoMuditomo
 
[HR601] 003. KM Strategy & Implementation
[HR601] 003. KM Strategy & Implementation[HR601] 003. KM Strategy & Implementation
[HR601] 003. KM Strategy & ImplementationAriantoMuditomo
 
[HR601] 002. KM & Organizational Learning
[HR601] 002. KM & Organizational Learning[HR601] 002. KM & Organizational Learning
[HR601] 002. KM & Organizational LearningAriantoMuditomo
 
[HR601] 001. Introduction of Knowledge Management
[HR601] 001. Introduction of Knowledge Management [HR601] 001. Introduction of Knowledge Management
[HR601] 001. Introduction of Knowledge Management AriantoMuditomo
 
[MU630] 008. Enterprise Information System
[MU630] 008. Enterprise Information System[MU630] 008. Enterprise Information System
[MU630] 008. Enterprise Information SystemAriantoMuditomo
 
[MU630] 007. Knowledge Management
[MU630] 007. Knowledge Management[MU630] 007. Knowledge Management
[MU630] 007. Knowledge ManagementAriantoMuditomo
 
[MU630] 006. e-Business & e-Commerce
[MU630] 006. e-Business & e-Commerce[MU630] 006. e-Business & e-Commerce
[MU630] 006. e-Business & e-CommerceAriantoMuditomo
 
[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision SupportAriantoMuditomo
 
[MU630] 003. Business Information System
[MU630] 003. Business Information System[MU630] 003. Business Information System
[MU630] 003. Business Information SystemAriantoMuditomo
 
[MU630] 002. IT Strategic Planning
[MU630] 002. IT Strategic Planning[MU630] 002. IT Strategic Planning
[MU630] 002. IT Strategic PlanningAriantoMuditomo
 

More from AriantoMuditomo (14)

[HR601] 008. Enterpreneurship & Innovative Leadership
[HR601] 008. Enterpreneurship & Innovative Leadership[HR601] 008. Enterpreneurship & Innovative Leadership
[HR601] 008. Enterpreneurship & Innovative Leadership
 
[HR601] 007. Creativity & Innovation
[HR601] 007. Creativity & Innovation[HR601] 007. Creativity & Innovation
[HR601] 007. Creativity & Innovation
 
[HR601] 006. Introduction of Innovation & Entrepreneurship
[HR601] 006. Introduction of Innovation & Entrepreneurship[HR601] 006. Introduction of Innovation & Entrepreneurship
[HR601] 006. Introduction of Innovation & Entrepreneurship
 
[HR601] 005. Organization Change Management & Culture Change management
[HR601] 005. Organization Change Management & Culture Change management[HR601] 005. Organization Change Management & Culture Change management
[HR601] 005. Organization Change Management & Culture Change management
 
[HR601] 004. Introduction to Change Management
[HR601] 004. Introduction to Change Management[HR601] 004. Introduction to Change Management
[HR601] 004. Introduction to Change Management
 
[HR601] 003. KM Strategy & Implementation
[HR601] 003. KM Strategy & Implementation[HR601] 003. KM Strategy & Implementation
[HR601] 003. KM Strategy & Implementation
 
[HR601] 002. KM & Organizational Learning
[HR601] 002. KM & Organizational Learning[HR601] 002. KM & Organizational Learning
[HR601] 002. KM & Organizational Learning
 
[HR601] 001. Introduction of Knowledge Management
[HR601] 001. Introduction of Knowledge Management [HR601] 001. Introduction of Knowledge Management
[HR601] 001. Introduction of Knowledge Management
 
[MU630] 008. Enterprise Information System
[MU630] 008. Enterprise Information System[MU630] 008. Enterprise Information System
[MU630] 008. Enterprise Information System
 
[MU630] 007. Knowledge Management
[MU630] 007. Knowledge Management[MU630] 007. Knowledge Management
[MU630] 007. Knowledge Management
 
[MU630] 006. e-Business & e-Commerce
[MU630] 006. e-Business & e-Commerce[MU630] 006. e-Business & e-Commerce
[MU630] 006. e-Business & e-Commerce
 
[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support[MU630] 004. Business Intelligence & Decision Support
[MU630] 004. Business Intelligence & Decision Support
 
[MU630] 003. Business Information System
[MU630] 003. Business Information System[MU630] 003. Business Information System
[MU630] 003. Business Information System
 
[MU630] 002. IT Strategic Planning
[MU630] 002. IT Strategic Planning[MU630] 002. IT Strategic Planning
[MU630] 002. IT Strategic Planning
 

Recently uploaded

Strategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate PresentationStrategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate PresentationAdnet Communications
 
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...priyasharma62062
 
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsMahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsDeepika Singh
 
cost-volume-profit analysis.ppt(managerial accounting).pptx
cost-volume-profit analysis.ppt(managerial accounting).pptxcost-volume-profit analysis.ppt(managerial accounting).pptx
cost-volume-profit analysis.ppt(managerial accounting).pptxazadalisthp2020i
 
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...janibaber266
 
Webinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumWebinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumFinTech Belgium
 
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Adnet Communications
 
Pension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdfPension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdfHenry Tapper
 
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budgetCall Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budgetSareena Khatun
 
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...Henry Tapper
 
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...priyasharma62062
 
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...rakulpreet584566
 
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...Call Girls Mumbai
 
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...priyasharma62062
 
Significant AI Trends for the Financial Industry in 2024 and How to Utilize Them
Significant AI Trends for the Financial Industry in 2024 and How to Utilize ThemSignificant AI Trends for the Financial Industry in 2024 and How to Utilize Them
Significant AI Trends for the Financial Industry in 2024 and How to Utilize Them360factors
 
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...kajal
 
Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...robinsonayot
 
Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...RaniT11
 
GIFT City Overview India's Gateway to Global Finance
GIFT City Overview India's Gateway to Global FinanceGIFT City Overview India's Gateway to Global Finance
GIFT City Overview India's Gateway to Global FinanceGaurav Kanudawala
 
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...Call Girls Mumbai
 

Recently uploaded (20)

Strategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate PresentationStrategic Resources May 2024 Corporate Presentation
Strategic Resources May 2024 Corporate Presentation
 
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
[[Nerul]] MNavi Mumbai Honoreble Call Girls Number-9833754194-Panvel Best Es...
 
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsMahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Mahendragarh Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
 
cost-volume-profit analysis.ppt(managerial accounting).pptx
cost-volume-profit analysis.ppt(managerial accounting).pptxcost-volume-profit analysis.ppt(managerial accounting).pptx
cost-volume-profit analysis.ppt(managerial accounting).pptx
 
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...
Famous No1 Amil Baba Love marriage Astrologer Specialist Expert In Pakistan a...
 
Webinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumWebinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech Belgium
 
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024
 
Pension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdfPension dashboards forum 1 May 2024 (1).pdf
Pension dashboards forum 1 May 2024 (1).pdf
 
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budgetCall Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
Call Girls Howrah ( 8250092165 ) Cheap rates call girls | Get low budget
 
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
 
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
Virar Best Sex Call Girls Number-📞📞9833754194-Poorbi Nalasopara Housewife Cal...
 
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...
Call Girls In Kolkata-📞7033799463-Independent Escorts Services In Dam Dam Air...
 
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...
Vip Call Girls Ravi Tailkes 😉 Bhubaneswar 9777949614 Housewife Call Girls Se...
 
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...
Female Russian Escorts Mumbai Call Girls-((ANdheri))9833754194-Jogeshawri Fre...
 
Significant AI Trends for the Financial Industry in 2024 and How to Utilize Them
Significant AI Trends for the Financial Industry in 2024 and How to Utilize ThemSignificant AI Trends for the Financial Industry in 2024 and How to Utilize Them
Significant AI Trends for the Financial Industry in 2024 and How to Utilize Them
 
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
Call Girls in Benson Town / 8250092165 Genuine Call girls with real Photos an...
 
Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...Test bank for advanced assessment interpreting findings and formulating diffe...
Test bank for advanced assessment interpreting findings and formulating diffe...
 
Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...Collecting banker, Capacity of collecting Banker, conditions under section 13...
Collecting banker, Capacity of collecting Banker, conditions under section 13...
 
GIFT City Overview India's Gateway to Global Finance
GIFT City Overview India's Gateway to Global FinanceGIFT City Overview India's Gateway to Global Finance
GIFT City Overview India's Gateway to Global Finance
 
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...
Vip Call Girls Rasulgada😉 Bhubaneswar 9777949614 Housewife Call Girls Servic...
 

[MU630] 005. Ethics, Privacy and Security

  • 1. © 2018 Arianto Muditomo All Rights Reserved Copyright Notice: This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non- commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here. Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
  • 2. arianto.muditomo@2018 Referrences: 1) Baltzan, Paige 2014. Business Driven Information Systems. 4th Edition. New York: McGraw-Hill. 2) Pearlson, Keri E. And Saunders Carol S. 2013. Managing and Using Information Systems: A Strategic Approach. 5th Ed. Danvers: John Wiley & Sons. 3) Turban, Efraim, Volonino, Linda, and Wood, Gregory 2013. Information Technology for Management. 9th Edition. Hoboken: John Wiley & Sons. 4) Turban, Efraim, Strauss, Judy, and Lai, Linda 2016. Social Commerce: Marketing and Technology Management. Hidelberg: Springer. 5) Xu, Jun and Quaddus, Mohammed 2013. Managing Information Systems: Ten Essential Topics. Amsterdam: Atlantis Press. 6) Turban, Rainer: Introduction to Information Systems Enablig and Transforming Business 2nd Ed., John Wiley & Sons.2009 7) Kenneth C. Laudon and Jane P. Laudon, Management Information Systems, Managing The Digital Firm, Pearson: Prentice Hall 2006 8) Business information systems : technology, development and management for the e-business / Paul Bocij, Andrew Greasley and Simon Hickie. – Fifth edition., © Pearson Education Limited 2015 1 • Session #1: Information System in Business • Session #2: IT Strategic Planning • Session #3: Business Information System • Session #4: Business Intelligence & Decision Support • Session #5: Ethics, Privacy and Security • Session #6: e-Business and e-Commerce • Session #7: Knowledge Management • Session #8: Enterprise Information System
  • 3. arianto.muditomo@2018 2 § Describe the major ethical issues related to information technology and identify situations in which they occur. § Identify the many threats to information security. § Understand the various defense mechanisms used to protect information systems. § Explain IT auditing and planning for disaster recovery.
  • 4. arianto.muditomo@2018 #4 CHECK POINT PRE-LEARNING TEST 3 § What do you know about Code Ethics? § What is Privacy? § Please identify the many threats to information security.
  • 5. arianto.muditomo@2018 § Ethics refers to the principles of right and wrong that individuals use to make choices to guide their behaviors. Deciding what is right or wrong is not always easy or clear-cut. For this reason, many companies and professional organizations develop their own codes of ethics. § A code of ethics is a collection of principles that is intended to guide decision making by members of the organization. 4 Responsibility means that you accept the consequences of your decisions and actions. Accountability refers to determining who is responsible for actions that were taken. Liability is a legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations, or systems.
  • 6. arianto.muditomo@2018 5 Privacy issues involve collecting, storing, and disseminating information about individuals. Accuracy issues involve the authenticity, fidelity, and accuracy of information that is collected and processed. Property issues involve the ownership and value of information. Accessibility issues revolve around who should have access to information and whether they should have to pay for this access.
  • 7. arianto.muditomo@2018 6 Privacy Issues • What information about oneself should an individual be required to reveal to others? • What kind of surveillance can an employer use on its employees? • What types of personal information can people keep to themselves and not be forced to reveal to others? • What information about individuals should be kept in databases, and how secure is the information there? Accuracy Issues • Who is responsible for the authenticity, fidelity, and accuracy of the information collected? • How can we ensure that the information will be processed properly and presented accurately to users? • How can we ensure that errors in databases, data transmissions, and data processing are accidental and not intentional? • Who is to be held accountable for errors in information, and how should the injured parties be compensated? Property Issues • Who owns the information? • What are the just and fair prices for its exchange? • How should one handle software piracy (copying copyrighted software)? • Under what circumstances can one use proprietary databases? • Can corporate computers be used for private purposes? • How should experts who contribute their knowledge to create expert systems be compensated? • How should access to information channels be allocated? Accessibility Issues • Who is allowed to access information? • How much should companies charge for permitting accessibility to information? • How can accessibility to computers be provided for employees with disabilities? • Who will be provided with equipment needed for accessing information? • What information does a person or an organization have a right or privilege to obtain, under what conditions, and with what safeguards?
  • 8. arianto.muditomo@2018 PRIVACY Privacy is the right to be left alone and to be free of unreasonable personal intrusions. v Information privacy is the right to determine when, and to what extent, information about yourself can be gathered and/or communicated to others. v Privacy rights apply to individuals, groups, and institutions. 7
  • 9. arianto.muditomo@2018 § Data aggregators, digital dossiers, and profiling § Electronic Surveillance § Personal Information in Databases § Information on Internet Bulletin Boards, Newsgroups, and Social Networking Sites 8 Privacy Codes and Policies Privacy policies or privacy codes are an organization’s guidelines for protecting the privacy of customers, clients, and employees. How to Protect?
  • 10. arianto.muditomo@2018 PRIVACY POLICY a business is prohibited from collecting any personal information unless the customer specifically authorizes it. 9 a business is permits to collect personal information until the customer specifically requests that the data not be collected
  • 11. arianto.muditomo@2018 THREATS TO INFORMATION SECURITY A number of factors contribute to the increasing vulnerability of organizational information assets, which are 10 • Today’s interconnected, interdependent, wirelessly networked business environment • Government legislation • Smaller, faster, cheaper computers and storage devices • Decreasing skills necessary to be a computer hacker • International organized crime taking over cyber-crime • Downstream liability • Increased employee use of unmanaged devices • Lack of management support
  • 12. arianto.muditomo@2018 11 Information systems controls are the procedures, devices, or software aimed at preventing a compromise to the system. Organizations have many information resources (These resources are subject to a huge number of threats. ) The exposure of an information resource is the harm, loss, or damage that can result if a threat compromises that resource. A threat to an information resource is any danger to which a system may be exposed Risk is the likelihood that a threat will occur A system’s vulnerability is the possibility that the system will suffer harm by a threat
  • 14. arianto.muditomo@2018 Whitman and Mattord (2003) classified threats into five general categories to help us better under- stand the complexity of the threat problem. 13 Unintentional acts • Human errors • Social Engineering, Reverse Social Engineering, and Social Data Mining. • Deviations in the Quality of Service by Service Providers • Environmental Hazards Natural disasters • Natural disasters include floods, earthquakes, hurricanes, tornadoes, lightning, and in some cases, fires. In many cases, these disasters— sometimes referred to as acts of God— can cause catastrophic losses of systems and data. Technical failures •Technical failures include problems with hardware and software. The most common hardware problem is a crash of a hard disk drive. Management failures •Management failures involve a lack of funding for information secu- rity efforts and a lack of interest in those efforts. Such lack of leadership will cause the information security of the organization to suffer. Deliberate acts • Espionage or trespass • Information extortion • Sabotage or vandalism • Theft of equipment or information • Identity theft • Compromises to intellectual property • Software attacks • Supervisory control and data acquisition (SCADA) attacks • Cyber-terrorism and cyber- warfare
  • 15. arianto.muditomo@2018 14 BCP, Backup & Recovery Control Risk Management IS Auditing • Risk acceptance: Accept the potential risk, continue operating with no controls, and absorb any damages that occur. • Risk limitation: Limit the risk by implementing controls that minimize the impact of the threat. • Risk transference: Transfer the risk by using other means to compensate for the loss, such as by purchasing insurance. • Physical Control • Access Control • Communication Control • Application Control • Types of Auditors & Audits • How is auditing executes? • Hot-site • Warm-site • Cold-site • Off-site data storage
  • 16. arianto.muditomo@2018 THE DIFFICULTIES IN PROTECTING INFORMATION RESOURCES § Hundreds of potential threats exist. § Computing resources may be situated in many locations. § Many individuals control information assets. § Computer networks can be located outside the organization and may be difficult to protect. § Rapid technological changes make some controls obsolete as soon as they are installed. § Many computer crimes are undetected for a long period of time so it is difficult to learn from experience. § People tend to violate security procedures because the procedures are inconvenient. § The amount of computer knowledge necessary to commit computer crimes is usually minimal. As a matter of fact, one can learn hacking for free on the Internet. § The cost of preventing hazards can be very high.Therefore, most organizations simply cannot afford to protect against all possible hazards. § It is difficult to conduct a cost-benefit justification for controls before an attack occurs because it is difficult to assess the value of a hypothetical attack. 15
  • 17. arianto.muditomo@2018 16 § What do know about Code Ethics? A code of ethics is a collection of principles that is intended to guide decision making by members of the organization. § What is Privacy? Privacy is the right to be left alone and to be free of unreasonable personal intrusions. § Please identify the many threats to information security. Unintentional threats include human errors, environmental hazards, and computer system failures. Intentional threats include espionage, extortion, vandalism, theft, software attacks, and compromises to intellectual property. Software attacks include viruses, worms,Trojan horses, logic bombs, back doors, denial–of– service, alien software, phishing, and pharming. A growing threat is cyber-crime, which includes identity theft and phishing attacks.
  • 18. arianto.muditomo@2018 § Please make a short description about the most privacy case that happens for the last 10 years § References: Facebook privacy case, Google privacy case, Wikileaks ethics and privacy case, Microsoft privacy case etc 17
  • 19. © 2018 Arianto Muditomo All Rights Reserved