Security and Ethical Challenges
Learning Objectives 1. Identify several ethical issues in how the use of information technologies in business affects empl...
Security and Ethics • Major Security Challenges • Serious Ethical Questions • Threats to Business and Individuals • Real W...
Security and EthicsBusiness/IT Security, Ethics, and Society Employment Health Individuality Privacy Working Conditions Cr...
Security and Ethics •Business Ethics •Stockholder Theory •Social Contract Theory •Stakeholder Theory Ethical Responsibilit...
Security and Ethics Ethical Responsibility K. Adisesha 6
Security and Ethics Technology Ethics K. Adisesha 7
Security and Ethics Ethical Guidelines K. Adisesha 8
Security and Ethics Enron Corporation: Failure in Business Ethics • Drove Stock Prices Higher Never Mentioning Any Weaknes...
Security Management • Security is 6 to 8% of IT Budget in Developing Countries • 63% Have or Plan to Have Position of Chie...
Antivirus 96% Virtual Private Networks 86% Intrusion-Detection Systems 85% Content Filtering/Monitoring 77% Public-Key Inf...
PayPal, Inc. Cybercrime on the Internet • Online Payment Processing Company • Observed Questionable Accounts Being Opened ...
Computer Crime • Hacking • Cyber Theft • Unauthorized Use of Work • Piracy of Intellectual Property • Computer Viruses and...
Examples of Common Hacking Security Management K. Adisesha 14
Recourse Technologies: Insider Computer Crime • Link Between Company Financial Difficulty and Insider Computer Crimes • Us...
Internet Abuses in the Workplace Security Management K. Adisesha 16
Network Monitoring Software Security Management K. Adisesha 17
AGM Container Controls: Stealing Time and Resources • The Net Contains Many Productivity Distractions • Remedies Include M...
Copying Music CDs: Intellectual Property Controversy • RIAA Crack Down on Music Piracy • Web Sites Fighting Back • 140 Mil...
Facts About Recent Computer Viruses and Worms Security Management K. Adisesha 20
University of Chicago: The Nimda Worm • Nimda Worm Launch Sept. 18, 2001 Mass Mailing of Malicious Code Attacking MS-Windo...
Right to Privacy Privacy on the Internet Acxiom, Inc. Challenges to Consumer Privacy • Acxiom – 30 Years Amassing Massive ...
Right to Privacy •Computer Profiling •Computer Matching •Privacy Laws •Computer Libel and Censorship •Spamming •Flaming Pr...
Other Challenges •Employment Challenges •Working Conditions •Individuality Issues •Health Issues Privacy Issues K. Adisesh...
Ergonomics Privacy Issues K. Adisesha 25
Ergonomics • Job Stress • Cumulative Trauma Disorders (CTDs) • Carpal Tunnel Syndrome • Human Factors Engineering • Societ...
Security Management of Information Technology • Business Value of Security Management • Protection for all Vital Business ...
Security Management of Information Technology Tools of Security Management
Security Management of Information Technology • Need for Security Management Caused by Increased Use of Links Between Busi...
Security Management of Information Technology •Encryption –Public Key –Private Key Graphically… Internetworked Security De...
Encryption Security Management of Information Technology K. Adisesha 31
Firewalls Security Management of Information Technology Firewall Intranet Server Firewall Router Router Intranet Server Ho...
Security Management of Information Technology • Worldwide Search for Active IP Addresses • Sophisticated Probes Scan Any H...
Security Management of Information Technology • MTV.com Website Targeted for Distributed Denial of Service (DDOS) Attacks ...
Defending Against Denial of Service Attacks Security Management of Information Technology K. Adisesha 35
Security Management of Information Technology • e-Sniff Monitoring Device Searches e-Mail by Key Word or Records of Web Si...
Security Management of Information Technology • Much Software Was Unable to Stop Nimda Worm • Software Alone is Often Not ...
Example Security Suite Interface Security Management of Information Technology K. Adisesha 38
Other Security Measures Security Management of Information Technology • Security Codes • Multilevel Password System –Smart...
Example Security Monitor Security Management of Information Technology K. Adisesha 40
Evaluation of Biometric Security Security Management of Information Technology K. Adisesha 41
Computer Failure Controls Security Management of Information Technology •Fault Tolerant Systems –Fail-Over –Fail-Safe –Fai...
Methods of Fault Tolerance Security Management of Information Technology K. Adisesha 43
Visa International: Fault Tolerant Systems Security Management of Information Technology • Only 100% Uptime is Acceptable ...
Systems Controls and Audits • Information System Controls • Garbage-In, Garbage-Out (GIGO) • Auditing IT Security • Audit ...
Systems Controls and Audits Security Codes Encryption Data Entry Screens Error Signals Control Totals Security Codes Encry...
Summary • Ethical and Societal Dimensions • Ethical Responsibility in Business • Security Management K. Adisesha 47
KEY TERMS Antivirus software Audit trail Auditing business systems Backup files Biometric security Business ethics Compute...
Real World Case 1 The Business Challenge of Computer Viruses Click to go to Case 1 Real World Case 2 Security Management o...
Enterprise and Global Management of Information Technology K. Adisesha 50
1- What security measures should companies, business professionals, and consumers take to protect their systems from being...
The Business Challenge of Computer Viruses • Businesses Should – “Get Serious” About Cyber Security – Stop Relying on Micr...
2- What is the business and ethical responsibility of Microsoft in helping to prevent the spread of computer viruses? Have...
The Business Challenge of Computer Viruses Microsoft (95% Market Share) Must Ensure Software is Hostile to Hackers Must Wr...
3- What are several possible reasons why some companies (like GM) were seriously affected by computer viruses, while other...
The Business Challenge of Computer Viruses • Undue Dependence on Microsoft for Quality Software • GM Ignored Security unti...
The Business Challenge of Computer Viruses • Undue Dependence on Microsoft for Quality Software • GM Ignored Security unti...
Security Management of Data Resources and Process Control Networks 1- What are several possible reasons why some companies...
Security Management of Data Resources and Process Control Networks • Key Components of a Security System: – Understanding ...
Security Management of Data Resources and Process Control Networks • Biometric and Proximity Devices Streamline Secure Net...
Security Management of Data Resources and Process Control Networks 2- What security measures is Du Pont taking to protect ...
Security Management of Data Resources and Process Control Networks • Du Pont Co.-The Critical Manufacturing Processes, wil...
Security Management of Data Resources and Process Control Networks • A Team-IT Staffers, Process-Control Engineers, and Ma...
Security Management of Data Resources and Process Control Networks 3- What are several other steps Geisinger and Du Pont c...
Security Management of Data Resources and Process Control Networks Include the Concepts Presented in the Chapter Material ...
1- What security problems are typically remedied by Microsoft’s security patches for Windows? Why do such problems arise i...
Security Management of Windows Software • Vulnerability to Computer Viruses (Worms) • Microsoft’s Push to Deliver New Vers...
2- What challenges does the process of applying Windows patches pose for many businesses? What are some limitations of the...
Security Management of Windows Software • Patching Required Companies to Drop Everything with Finite Resources • Larger Co...
3- Does the business value of applying Windows patches outweigh its costs, limitations, and the demands it places on the I...
Security Management of Windows Software • Exploit-Proof Code Patching is Best Strategy • Microsoft’s Windows Update Patch ...
Security Management of Windows Software • Exploit-Proof Code Patching is Best Strategy • Microsoft’s Windows Update Patch ...
1- What is the function of each of the network security tools identified in this case? Visit the websites of security firm...
Managing Network Security Systems • Network Intrusion-Detection Systems • Firewalls • Anti-Virus Tools • Automating the Pr...
2- What is the value of security information management software to a company? Use the companies in this case as examples....
Managing Network Security Systems • Provides a Single Place To Get Information • Automated Gathering, Consolidating, and C...
3- What can smaller firms who cannot afford the cost of such software do to properly manage and use the information about ...
Managing Network Security Systems •Plan for Having Periodic Audits of IT Security •Review/Update Regularly Control Feature...
Managing Network Security Systems •Plan for Having Periodic Audits of IT Security •Review/Update Regularly Control Feature...
Security and Ethical Challenges Thank you K. Adisesha 80
×