James A. O'Brien, and George Marakas. Management Information Systems with MISource 2007, 8th ed. Boston, MA: McGraw-Hill, Inc., 2007. ISBN: 13 9780073323091
The document discusses security challenges for information systems, including vulnerabilities from hackers, malware, and system flaws. It describes the need for organizations to implement security frameworks including policies, controls, identity management, auditing and disaster recovery planning to protect digital assets and comply with legal requirements. Specific tools mentioned for safeguarding information include identity management software, authentication methods like passwords and biometrics, and security profiles to restrict user access.
MIS-CH01: Information Systems, Organization, and StrategySukanya Ben
1) The chapter discusses how information systems impact organizations and can be used to develop competitive strategies. It covers topics like how organizational features influence IS, the economic and behavioral impacts of IS on organizations, and models for competitive strategy like Porter's.
2) Key frameworks discussed include Porter's competitive forces model and how IS can support different generic strategies to deal with competition. The value chain model is also introduced.
3) The relationship between organizations and IS is complex and two-way, with many factors like management decisions, culture, and politics mediating their influence on one another.
The document discusses e-commerce and how the internet has changed business models and transactions. It describes the unique features of e-commerce like ubiquity, global reach, and personalization. It also discusses different types of e-commerce like B2C, B2B, and C2C. Digital markets and goods are explained along with how the internet lowers costs. Various business models used in e-commerce are also summarized.
This document provides an overview of key concepts about information systems. It discusses how information systems are transforming business and why they are essential. It defines an information system and its components, including the organizational, management, and technology dimensions. It also explains how complementary assets are needed to ensure information systems provide value. Finally, it discusses the academic disciplines used to study information systems, including their technical and behavioral approaches.
The document discusses the need for information security in organizations. It states that the primary mission of an information security program is to ensure information assets remain safe and useful. It then outlines four important functions of information security for organizations: protecting the organization's ability to function, protecting the data and information it collects and uses, enabling the safe operation of applications, and safeguarding technology assets. Finally, it emphasizes that implementing information security is as much about management as it is about technology.
MIS-CH02: Global e-Business and CollaborationSukanya Ben
This document discusses different types of information systems used in businesses. It covers transaction processing systems, management information systems, decision support systems, executive support systems, and enterprise applications. Enterprise applications include enterprise systems, supply chain management systems, customer relationship management systems, and knowledge management systems. These systems help businesses improve processes, support decision making at different levels of management, and link the entire enterprise.
This document provides an overview of chapter 2 from a management information systems textbook. It discusses business processes and how they relate to information systems. It describes different types of information systems like transaction processing systems, management information systems, decision support systems, and enterprise applications. It explains how these systems serve different management groups and how enterprise systems that link functions can improve organizational performance. It also discusses the importance of collaboration technologies.
This document discusses ethics for IT professionals and users. It addresses key characteristics of IT professionals, the relationships they must manage and potential ethical issues. These include relationships with employers, clients, suppliers and other stakeholders. It also discusses codes of ethics, professional organizations, certification and licensing for IT professionals. Common ethical issues for IT users like software piracy and inappropriate information sharing are also covered, along with approaches to support ethical user practices through policies.
The document discusses security challenges for information systems, including vulnerabilities from hackers, malware, and system flaws. It describes the need for organizations to implement security frameworks including policies, controls, identity management, auditing and disaster recovery planning to protect digital assets and comply with legal requirements. Specific tools mentioned for safeguarding information include identity management software, authentication methods like passwords and biometrics, and security profiles to restrict user access.
MIS-CH01: Information Systems, Organization, and StrategySukanya Ben
1) The chapter discusses how information systems impact organizations and can be used to develop competitive strategies. It covers topics like how organizational features influence IS, the economic and behavioral impacts of IS on organizations, and models for competitive strategy like Porter's.
2) Key frameworks discussed include Porter's competitive forces model and how IS can support different generic strategies to deal with competition. The value chain model is also introduced.
3) The relationship between organizations and IS is complex and two-way, with many factors like management decisions, culture, and politics mediating their influence on one another.
The document discusses e-commerce and how the internet has changed business models and transactions. It describes the unique features of e-commerce like ubiquity, global reach, and personalization. It also discusses different types of e-commerce like B2C, B2B, and C2C. Digital markets and goods are explained along with how the internet lowers costs. Various business models used in e-commerce are also summarized.
This document provides an overview of key concepts about information systems. It discusses how information systems are transforming business and why they are essential. It defines an information system and its components, including the organizational, management, and technology dimensions. It also explains how complementary assets are needed to ensure information systems provide value. Finally, it discusses the academic disciplines used to study information systems, including their technical and behavioral approaches.
The document discusses the need for information security in organizations. It states that the primary mission of an information security program is to ensure information assets remain safe and useful. It then outlines four important functions of information security for organizations: protecting the organization's ability to function, protecting the data and information it collects and uses, enabling the safe operation of applications, and safeguarding technology assets. Finally, it emphasizes that implementing information security is as much about management as it is about technology.
MIS-CH02: Global e-Business and CollaborationSukanya Ben
This document discusses different types of information systems used in businesses. It covers transaction processing systems, management information systems, decision support systems, executive support systems, and enterprise applications. Enterprise applications include enterprise systems, supply chain management systems, customer relationship management systems, and knowledge management systems. These systems help businesses improve processes, support decision making at different levels of management, and link the entire enterprise.
This document provides an overview of chapter 2 from a management information systems textbook. It discusses business processes and how they relate to information systems. It describes different types of information systems like transaction processing systems, management information systems, decision support systems, and enterprise applications. It explains how these systems serve different management groups and how enterprise systems that link functions can improve organizational performance. It also discusses the importance of collaboration technologies.
This document discusses ethics for IT professionals and users. It addresses key characteristics of IT professionals, the relationships they must manage and potential ethical issues. These include relationships with employers, clients, suppliers and other stakeholders. It also discusses codes of ethics, professional organizations, certification and licensing for IT professionals. Common ethical issues for IT users like software piracy and inappropriate information sharing are also covered, along with approaches to support ethical user practices through policies.
This document provides an overview of information security. It defines information and discusses its lifecycle and types. It then defines information security and its key components - people, processes, and technology. It discusses threats to information security and introduces ISO 27001, the international standard for information security management. The document outlines ISO 27001's history, features, PDCA process, domains, and some key control clauses around information security policy, organization of information security, asset management, and human resources security.
Information systems are transforming business by improving customer experience, reducing costs, and enabling new business models. An information system collects, processes, stores, and distributes data to support decision making across an organization. It has organizational, management, and technological components. Academically, information systems draw from disciplines like computer science, management science, operations research, psychology, economics, and sociology. A sociotechnical perspective views information systems as jointly optimizing social and technical aspects to achieve organizational performance. Complementary assets ensure information systems provide genuine value by supporting the implementation and use of new technologies.
This document discusses several ethical, social, and political issues raised by information systems. It addresses principles of responsibility, accountability, and liability regarding data use and privacy protection. Contemporary technologies like data mining and predictive modeling pose challenges to privacy and intellectual property. Laws and policies are still developing to address these issues.
Encryption is a process that converts information into an encoded format, called ciphertext, which cannot be easily understood by unauthorized parties. There are different types of encryption, including symmetric encryption which uses a single key and asymmetric encryption which uses a public/private key pair. Proper encryption helps ensure the confidentiality, integrity, and authenticity of data in electronic commerce and online transactions. Some common threats to e-commerce include credit card fraud, hacking, and security breaches which can compromise personal or financial data. Using digital signatures and certificates can help verify the identity of parties involved in online transactions and protect against threats like spoofing or tampering with data.
MIS-CH04: Ethical and Social Issues in INformation SystemsSukanya Ben
This document contains sections from a textbook chapter on ethical and social issues in information systems. It discusses key topics like privacy, intellectual property, principles for ethical decision making, and challenges posed by new technologies. Specific sections cover content piracy on the web, data analysis techniques like profiling and relationship mining, monitoring employees in the workplace, and protecting privacy and intellectual property in the digital age.
Information Systems in Global Business Todaytvto1381
Explain why information systems are so essential in business today.
Define an information system from both a technical and a business perspective.
Identify and describe the three dimensions of information systems
This document discusses basics of information security including data security, network security, and information security. It defines information systems and explains the need for and importance of securing information. Reasons for information classification are provided along with criteria and levels of classification. The document also covers security basics such as confidentiality, integrity, availability, and authentication. Techniques for data obfuscation and event classification are described.
MIS-CH9: Achieving Operational Excellence and Customer IntimacySukanya Ben
Enterprise applications like ERP, SCM, and CRM systems help businesses achieve operational excellence and customer intimacy through integrated software modules and a central database. They increase efficiency by enabling information to be shared across business processes. SCM systems coordinate planning, production, and logistics with suppliers. CRM systems capture customer data to help firms better understand customers and achieve customer intimacy. Both SCM and CRM systems aim to improve business value through metrics like reduced costs, improved service, and increased sales and profits.
This document provides an overview of ethics and discusses why ethics are important, especially in business. It defines ethics as a set of beliefs about right and wrong behavior. Organizations are increasingly focused on ethics due to trends like globalization and heightened scrutiny. Fostering good ethics is important for an organization to gain community trust, operate consistently, encourage good practices, avoid legal issues, and prevent bad publicity. Methods for improving ethics include appointing an ethics officer, establishing ethical standards, and creating an organizational code of ethics.
MIS-CH05: IT Infrastructure and Emerging TechnologiesSukanya Ben
This document provides an overview of chapter 5 from a management information systems textbook. It discusses IT infrastructure and emerging technologies. The key topics covered include the components and evolution of IT infrastructure, trends in computer hardware and software platforms, and challenges of managing infrastructure. It also includes learning objectives, case studies, and figures illustrating concepts like Moore's law and the stages of infrastructure evolution.
This document discusses computer ethics and security risks. It begins by defining computer ethics as moral guidelines governing computer use. It then lists seven frequently discussed areas of computer ethics: unauthorized computer use, software piracy, information accuracy, intellectual property rights, codes of conduct, information privacy, and green computing. The document goes on to define computer security risks and common types like hackers, crackers, and cybercriminals. It also outlines methods to safeguard against risks such as viruses, unauthorized access, and theft through antivirus software, firewalls, and access controls.
The document provides information about building information systems. It discusses various topics related to systems development including the core activities in the systems development process (analysis, design, programming, testing, conversion, production and maintenance). It also describes different methodologies for modeling and designing systems, such as structured methodologies and object-oriented development. Finally, it discusses alternative methods for building information systems like prototyping and end-user development.
This document discusses securing information systems and provides an overview of security concepts and tools. It covers system vulnerabilities, threats like malware and hackers, establishing security frameworks, and technologies to safeguard systems like firewalls, encryption, and digital certificates. The key topics are securing systems from internal and external threats, implementing controls and policies, and using technical tools to protect information assets and ensure system availability.
This document discusses security and ethical challenges related to information technology. It covers topics like corporate social responsibility theories, principles of technology ethics, privacy issues, computer crimes like hacking and cybertheft, and measures to protect security such as encryption, firewalls, and auditing. Business professionals have an ethical responsibility to promote proper IT use and ensure security, privacy, and informed consent regarding technology risks.
Ethical And Social Issues in MIS - Management Information SystemFaHaD .H. NooR
Information ethics has been defined as "the branch of ethics that focuses on the relationship between the creation, organization, dissemination, and use of information, and the ethical standards and moral codes governing human conduct in society".[1] The term information ethics was first coined by Robert Hauptman and used in the book Ethical challenges in librarianship. It examines the morality that comes from information as a resource, a product, or as a target.[2] It provides a critical framework for considering moral issues concerning informational privacy, moral agency (e.g. whether artificial agents may be moral), new environmental issues (especially how agents should behave in the infosphere), problems arising from the life-cycle (creation, collection, recording, distribution, processing, etc.) of information (especially ownership and copyright, digital divide, and digital rights). It is very vital to understand that librarians, archivists, information professionals among others, really understand the importance of knowing how to disseminate proper information as well as being responsible with their actions when addressing information.[3]
Information ethics has evolved to relate to a range of fields such as computer ethics,[4] medical ethics, journalism[5] and the philosophy of information.
Dilemmas regarding the life of information are becoming increasingly important in a society that is defined as "the information society". The explosion of so much technology has brought information ethics to a forefront in ethical considerations. Information transmission and literacy are essential concerns in establishing an ethical foundation that promotes fair, equitable, and responsible practices. Information ethics broadly examines issues related to ownership, access, privacy, security, and community. It is also concerned with relational issues such as "the relationship between information and the good of society, the relationship between information providers and the consumers of information".[6]
Information technology affects common issues such as copyright protection, intellectual freedom, accountability, privacy, and security. Many of these issues are difficult or impossible to resolve due to fundamental tensions between Western moral philosophies (based on rules, democracy, individual rights, and personal freedoms) and the traditional Eastern cultures (based on relationships, hierarchy, collective responsibilities, and social harmony).[7] The multi-faceted dispute between Google and the government of the People's Republic of China reflects some of these fundamental tensions.
MIS-CH07: Telecommunications, the Internet, and Wireless TechnologySukanya Ben
This document provides an overview of key topics in telecommunications, networking, the internet, and wireless technologies. It discusses the components of telecommunications networks including clients, servers, interfaces, wiring, and devices. It also describes different types of networks like local area networks (LANs) and wide area networks (WANs). The document outlines internet architecture, addressing, and governance. It explains technologies like packet switching, TCP/IP protocols, and wireless transmission standards that enable digital communication over networks.
James A. O'Brien, and George Marakas. Management Information Systems with MISource 2007, 8th ed. Boston, MA: McGraw-Hill, Inc., 2007. ISBN: 13 9780073323091
Chapter 4 Ethical and Social Issues in Information SystemsSammer Qader
This document discusses ethical, social, and political issues raised by information systems. It introduces key concepts like privacy, intellectual property, and accountability. It identifies five moral dimensions impacted by new technologies: information rights, property rights, system quality, quality of life, and accountability. Technological advances like increased computing power, data storage, data analysis, and networking have introduced new challenges around these issues that societies are still adapting to. The document advocates analyzing issues using a five-step approach and developing professional codes of conduct to help guide ethical decisions.
Management Information System [Kenneth Laudon]mmuser2014
The document discusses the role and importance of information systems in business today. It states that information systems are essential for businesses to achieve operational excellence, develop new products and business models, gain customer and supplier intimacy, improve decision making, gain competitive advantages, and ensure survival. The document also defines an information system as a set of components that collect, process, store, and distribute information to support decision making, coordination, and control. It differentiates between data and information, stating that information systems process raw data into meaningful information.
components of I T infrastructure, major computer hardware, data storage, input, and output technologies used in business and the major hardware trends, major types of computer software used in business and the major software trends, principal issues in managing hardware and software technology.Business Capabilities
This document discusses several security, ethical, and privacy challenges related to information technology. It covers topics like cyberscams, hacking, software piracy, viruses, privacy issues, and computer monitoring in the workplace. It also examines the responsibilities of businesses and professionals to maintain ethical standards regarding issues like monitoring employee communications, customer data protection, and preventing cybercrime.
This document discusses various topics related to information technology ethics and security. It covers computer crime, hacking tactics, cyber theft, software piracy, viruses and worms, adware and spyware, privacy issues, and methods for protecting systems through encryption, firewalls, and other security measures. The goal of security management is to ensure the accuracy, integrity and safety of information systems and resources.
This document provides an overview of information security. It defines information and discusses its lifecycle and types. It then defines information security and its key components - people, processes, and technology. It discusses threats to information security and introduces ISO 27001, the international standard for information security management. The document outlines ISO 27001's history, features, PDCA process, domains, and some key control clauses around information security policy, organization of information security, asset management, and human resources security.
Information systems are transforming business by improving customer experience, reducing costs, and enabling new business models. An information system collects, processes, stores, and distributes data to support decision making across an organization. It has organizational, management, and technological components. Academically, information systems draw from disciplines like computer science, management science, operations research, psychology, economics, and sociology. A sociotechnical perspective views information systems as jointly optimizing social and technical aspects to achieve organizational performance. Complementary assets ensure information systems provide genuine value by supporting the implementation and use of new technologies.
This document discusses several ethical, social, and political issues raised by information systems. It addresses principles of responsibility, accountability, and liability regarding data use and privacy protection. Contemporary technologies like data mining and predictive modeling pose challenges to privacy and intellectual property. Laws and policies are still developing to address these issues.
Encryption is a process that converts information into an encoded format, called ciphertext, which cannot be easily understood by unauthorized parties. There are different types of encryption, including symmetric encryption which uses a single key and asymmetric encryption which uses a public/private key pair. Proper encryption helps ensure the confidentiality, integrity, and authenticity of data in electronic commerce and online transactions. Some common threats to e-commerce include credit card fraud, hacking, and security breaches which can compromise personal or financial data. Using digital signatures and certificates can help verify the identity of parties involved in online transactions and protect against threats like spoofing or tampering with data.
MIS-CH04: Ethical and Social Issues in INformation SystemsSukanya Ben
This document contains sections from a textbook chapter on ethical and social issues in information systems. It discusses key topics like privacy, intellectual property, principles for ethical decision making, and challenges posed by new technologies. Specific sections cover content piracy on the web, data analysis techniques like profiling and relationship mining, monitoring employees in the workplace, and protecting privacy and intellectual property in the digital age.
Information Systems in Global Business Todaytvto1381
Explain why information systems are so essential in business today.
Define an information system from both a technical and a business perspective.
Identify and describe the three dimensions of information systems
This document discusses basics of information security including data security, network security, and information security. It defines information systems and explains the need for and importance of securing information. Reasons for information classification are provided along with criteria and levels of classification. The document also covers security basics such as confidentiality, integrity, availability, and authentication. Techniques for data obfuscation and event classification are described.
MIS-CH9: Achieving Operational Excellence and Customer IntimacySukanya Ben
Enterprise applications like ERP, SCM, and CRM systems help businesses achieve operational excellence and customer intimacy through integrated software modules and a central database. They increase efficiency by enabling information to be shared across business processes. SCM systems coordinate planning, production, and logistics with suppliers. CRM systems capture customer data to help firms better understand customers and achieve customer intimacy. Both SCM and CRM systems aim to improve business value through metrics like reduced costs, improved service, and increased sales and profits.
This document provides an overview of ethics and discusses why ethics are important, especially in business. It defines ethics as a set of beliefs about right and wrong behavior. Organizations are increasingly focused on ethics due to trends like globalization and heightened scrutiny. Fostering good ethics is important for an organization to gain community trust, operate consistently, encourage good practices, avoid legal issues, and prevent bad publicity. Methods for improving ethics include appointing an ethics officer, establishing ethical standards, and creating an organizational code of ethics.
MIS-CH05: IT Infrastructure and Emerging TechnologiesSukanya Ben
This document provides an overview of chapter 5 from a management information systems textbook. It discusses IT infrastructure and emerging technologies. The key topics covered include the components and evolution of IT infrastructure, trends in computer hardware and software platforms, and challenges of managing infrastructure. It also includes learning objectives, case studies, and figures illustrating concepts like Moore's law and the stages of infrastructure evolution.
This document discusses computer ethics and security risks. It begins by defining computer ethics as moral guidelines governing computer use. It then lists seven frequently discussed areas of computer ethics: unauthorized computer use, software piracy, information accuracy, intellectual property rights, codes of conduct, information privacy, and green computing. The document goes on to define computer security risks and common types like hackers, crackers, and cybercriminals. It also outlines methods to safeguard against risks such as viruses, unauthorized access, and theft through antivirus software, firewalls, and access controls.
The document provides information about building information systems. It discusses various topics related to systems development including the core activities in the systems development process (analysis, design, programming, testing, conversion, production and maintenance). It also describes different methodologies for modeling and designing systems, such as structured methodologies and object-oriented development. Finally, it discusses alternative methods for building information systems like prototyping and end-user development.
This document discusses securing information systems and provides an overview of security concepts and tools. It covers system vulnerabilities, threats like malware and hackers, establishing security frameworks, and technologies to safeguard systems like firewalls, encryption, and digital certificates. The key topics are securing systems from internal and external threats, implementing controls and policies, and using technical tools to protect information assets and ensure system availability.
This document discusses security and ethical challenges related to information technology. It covers topics like corporate social responsibility theories, principles of technology ethics, privacy issues, computer crimes like hacking and cybertheft, and measures to protect security such as encryption, firewalls, and auditing. Business professionals have an ethical responsibility to promote proper IT use and ensure security, privacy, and informed consent regarding technology risks.
Ethical And Social Issues in MIS - Management Information SystemFaHaD .H. NooR
Information ethics has been defined as "the branch of ethics that focuses on the relationship between the creation, organization, dissemination, and use of information, and the ethical standards and moral codes governing human conduct in society".[1] The term information ethics was first coined by Robert Hauptman and used in the book Ethical challenges in librarianship. It examines the morality that comes from information as a resource, a product, or as a target.[2] It provides a critical framework for considering moral issues concerning informational privacy, moral agency (e.g. whether artificial agents may be moral), new environmental issues (especially how agents should behave in the infosphere), problems arising from the life-cycle (creation, collection, recording, distribution, processing, etc.) of information (especially ownership and copyright, digital divide, and digital rights). It is very vital to understand that librarians, archivists, information professionals among others, really understand the importance of knowing how to disseminate proper information as well as being responsible with their actions when addressing information.[3]
Information ethics has evolved to relate to a range of fields such as computer ethics,[4] medical ethics, journalism[5] and the philosophy of information.
Dilemmas regarding the life of information are becoming increasingly important in a society that is defined as "the information society". The explosion of so much technology has brought information ethics to a forefront in ethical considerations. Information transmission and literacy are essential concerns in establishing an ethical foundation that promotes fair, equitable, and responsible practices. Information ethics broadly examines issues related to ownership, access, privacy, security, and community. It is also concerned with relational issues such as "the relationship between information and the good of society, the relationship between information providers and the consumers of information".[6]
Information technology affects common issues such as copyright protection, intellectual freedom, accountability, privacy, and security. Many of these issues are difficult or impossible to resolve due to fundamental tensions between Western moral philosophies (based on rules, democracy, individual rights, and personal freedoms) and the traditional Eastern cultures (based on relationships, hierarchy, collective responsibilities, and social harmony).[7] The multi-faceted dispute between Google and the government of the People's Republic of China reflects some of these fundamental tensions.
MIS-CH07: Telecommunications, the Internet, and Wireless TechnologySukanya Ben
This document provides an overview of key topics in telecommunications, networking, the internet, and wireless technologies. It discusses the components of telecommunications networks including clients, servers, interfaces, wiring, and devices. It also describes different types of networks like local area networks (LANs) and wide area networks (WANs). The document outlines internet architecture, addressing, and governance. It explains technologies like packet switching, TCP/IP protocols, and wireless transmission standards that enable digital communication over networks.
James A. O'Brien, and George Marakas. Management Information Systems with MISource 2007, 8th ed. Boston, MA: McGraw-Hill, Inc., 2007. ISBN: 13 9780073323091
Chapter 4 Ethical and Social Issues in Information SystemsSammer Qader
This document discusses ethical, social, and political issues raised by information systems. It introduces key concepts like privacy, intellectual property, and accountability. It identifies five moral dimensions impacted by new technologies: information rights, property rights, system quality, quality of life, and accountability. Technological advances like increased computing power, data storage, data analysis, and networking have introduced new challenges around these issues that societies are still adapting to. The document advocates analyzing issues using a five-step approach and developing professional codes of conduct to help guide ethical decisions.
Management Information System [Kenneth Laudon]mmuser2014
The document discusses the role and importance of information systems in business today. It states that information systems are essential for businesses to achieve operational excellence, develop new products and business models, gain customer and supplier intimacy, improve decision making, gain competitive advantages, and ensure survival. The document also defines an information system as a set of components that collect, process, store, and distribute information to support decision making, coordination, and control. It differentiates between data and information, stating that information systems process raw data into meaningful information.
components of I T infrastructure, major computer hardware, data storage, input, and output technologies used in business and the major hardware trends, major types of computer software used in business and the major software trends, principal issues in managing hardware and software technology.Business Capabilities
This document discusses several security, ethical, and privacy challenges related to information technology. It covers topics like cyberscams, hacking, software piracy, viruses, privacy issues, and computer monitoring in the workplace. It also examines the responsibilities of businesses and professionals to maintain ethical standards regarding issues like monitoring employee communications, customer data protection, and preventing cybercrime.
This document discusses various topics related to information technology ethics and security. It covers computer crime, hacking tactics, cyber theft, software piracy, viruses and worms, adware and spyware, privacy issues, and methods for protecting systems through encryption, firewalls, and other security measures. The goal of security management is to ensure the accuracy, integrity and safety of information systems and resources.
This document discusses ethical issues and security challenges related to information technology. It covers topics like computer crime, hacking, privacy, censorship, cyberlaw, and strategies for improving security such as encryption, firewalls, biometrics, and fault tolerant systems. The document provides examples and definitions to explain these concepts over several pages. It also includes two case studies and questions to help readers apply the concepts.
The document summarizes security and ethical challenges related to management information systems. It discusses various computer crimes like hacking, cyber theft, unauthorized use at work. It also talks about privacy issues, health issues related to computer use, and benefits of information technology. It then describes various security measures like encryption, firewalls, and ethical responsibilities of business professionals.
The document discusses the topic of security and ethical challenges in management information systems. It covers issues like computer crime, hacking, cyber theft, software piracy, computer security risks, and safeguards to address unauthorized access and use. Potential health concerns of computer use as well as theories of corporate social responsibility and principles of technology ethics are also summarized.
Norbert Wiener's work during World War II laid the foundations for the field of computer ethics. His book discussed the purpose of human life, principles of justice, applied ethics methods, and key computer ethics topics and issues. One of the largest early computer crimes occurred from 1970-1973 when a bank teller embezzled over $1.5 million by hacking hundreds of customer accounts. In 2013, hackers briefly crashed stock prices by tweeting a false report that President Obama had been injured in an attack. Professional organizations have established ethics codes to guide computing professionals and users. Common computer crimes include financial fraud, hacking, software and hardware piracy, and computer viruses. Data security relies on physical safeguards, access controls,
This chapter discusses ethical issues related to information technology, the impacts of IT on organizations and individuals, societal effects, security risks and computer crimes, and methods for protecting information resources. It covers topics such as privacy, intellectual property, how IT affects job content and organizational structure, the digital divide, and security measures like controls, backups, and disaster recovery planning. The learning objectives are to understand these various topics related to IT ethics, impacts, security, and methods for protecting information.
VTU - MIS Module 8 - Security and Ethical ChallengesPriya Diana Mercy
Ethical responsibilities of Business Professionals
Business, technology, Computer crime
Hacking, cyber theft, unauthorized use at work. Piracy
Software and intellectual property.
Privacy – Issues and the Internet
Privacy Challenges
Working condition, individuals. Health and Social Issues
Ergonomics
Cyber terrorism
The document describes the roles and responsibilities of ethical hackers. It explains that ethical hackers are employed by companies to perform legal penetration tests to find vulnerabilities, and only report their findings without solving problems. The document contrasts ethical hackers with illegal hackers who access systems without permission to steal or damage data. It provides examples of certification programs and outlines some of the legal and ethical considerations for people working in the security testing field.
This document discusses computer and internet crime. It identifies increasing complexity as increasing vulnerability and reliance on commercial software with known vulnerabilities. Various types of attacks are discussed like viruses, worms, Trojan horses, and phishing. Perpetrators include hackers, crackers, insiders, and cybercriminals. Managing security requires a multilayer approach including assessment, policies, user education, and tools to prevent breaches. Computer forensics is important for addressing computer crime in court.
This document provides an overview of ethical hacking. It describes the role of an ethical hacker as someone who performs penetration tests or security tests with a company's permission to find weaknesses. Ethical hackers may be employed by companies, and only report their findings without solving problems themselves. The document contrasts ethical hackers with illegal hackers and crackers who access systems without authorization. It also discusses certification programs, legal and illegal activities for ethical hackers, and using contracts when working as an independent security tester.
This document provides an overview of ethical hacking. It describes the role of an ethical hacker as someone who performs penetration tests or security tests with a company's permission to find weaknesses. Ethical hackers may be employed by companies, and only report their findings without solving problems themselves. The document contrasts ethical hackers with illegal hackers and crackers who access systems without authorization. It also discusses certification programs, legal and ethical issues, and contracting as an ethical hacker.
CEH Hacking Overview from beginner to expertjmbrrvgzhr
This chapter provides an overview of ethical hacking and describes the roles of various types of hackers. It explains that ethical hackers are employed by companies to perform legal penetration tests to find weaknesses, while actual hackers break into systems illegally. Ethical hackers use the same tools and techniques as hackers but have permission. The chapter also discusses security certifications and the legal issues surrounding various hacking activities.
This document discusses the role of an ethical hacker and what they are legally allowed and not allowed to do. An ethical hacker is employed by companies to perform penetration tests and security tests to find weaknesses in a company's network, with the company's permission. They report any findings but do not fix issues themselves. Hackers that break into systems without permission break the law. Ethical hackers operate within legal bounds by having the owner's consent.
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
IT security, hackers,IT security and risks and safe guards, password, how to create password, bio-metric authentication , virus , antivirus software ,how to safe a devices from virus.types of viruses
This document discusses various computer security issues and risks. It covers topics like computer crimes like theft, hacking, and software piracy. It also discusses how to reduce security risks through measures like passwords, firewalls, encryption, backups, and physical access restrictions. Finally, it discusses challenges balancing security, privacy, and ethics with new technologies.
This document presents information on computer security and ethics. It discusses various cyber crimes such as hacking, cracking, and cyberterrorism. It also covers malware like computer viruses, worms, Trojan horses, and rootkits. The document outlines symptoms of infection and safeguards against viruses. Additional cyber threats explained include denial of service attacks, back doors, and spoofing. The presentation concludes with information on firewalls and references used.
This document discusses internet security. It begins by defining the internet and its types such as dial up, DSL, cable, wireless, satellite, and cellular. It then defines internet security and its objective to establish rules and measures against attacks over the internet. The document outlines the history of internet security from 1960 to 2000. It discusses common internet security threats like viruses, trojan horses, worms, hacking, phishing, and spyware. Finally, it recommends techniques to improve security such as using strong passwords, antivirus software, firewalls, authenticating data, unlinking accounts, and blocking cookies.
Security information for internet and securitySomesh Kumar
The document discusses various security threats to information technology systems and assets. It covers common types of threats such as hacking, malware, and social engineering attacks. It also discusses vulnerabilities in hardware, software, networks, physical sites, and personnel. The document outlines features of IT security including confidentiality, integrity and availability. It provides examples of protective measures organizations can take including strong access control, keeping software updated, network protection, employee training, and backups.
The document discusses various threats to information security assets including data, hardware, and users. It covers common types of hacking such as denial-of-service attacks, spoofing, and social engineering. The document also outlines protective measures that can be taken including access control, keeping software updated, network protection, employee training, and backups. Vulnerabilities related to hardware, software, networks, personnel, physical sites and organizational issues are described.
Similar to Chap13 Security and Ethical Challenges (20)
Text Mining - Advanced Customer AnalyticsAqib Syed
Text mining is a process of deriving/extracting high quality meaningful information and patterns.
Text analysis involves information retrieval, analysis to study word frequency distributions, pattern recognition, information extraction, data mining techniques including link and association analysis, visualization, and predictive analytics.
A research study applying Text Mining and Machine Learning tools.
The authors find that loan applicants' choice of words reveals insights into their intentions, circumstances, and personality.
This information is powerful in predicting loan repayment, going beyond typical financial and demographic factors.
Potential borrowers submit their request for a loan for a specific amount with a specific maximum interest rate (they are willing to pay).
The loan amount they wish to borrow must in (between $1,000 and $25,000 in the data).
Prosper verifies all financial information, including the potential borrower’s credit score.
Textual variables:
The number of characters in the title and the text box.
The percentage of words with six or more letters.
SMOG: This measures writing quality by mapping it to number of years of formal education needed to easily understand the text in first reading.
Count of spelling mistakes.
Bigrams : Two-word combinations (help to understand the context and the pattern).
Financial variable:
Loan amount, borrower’s credit grade, Debt to income ratio.
Demographic variables:
Gender, age, location, race.
Aim:
To evaluate whether the text used by borrowers in their loan application predicts their loan default.
Machine Learning Methods:
Ensemble stacking approach
Train each model on the calibration data (2 logistics regression and 3 tree-based methods).
Build a weighting model to combine the models calibrated in the first model.
KNOWLEDGE BASED ENTREPRENEURSHIP - ALT Business Plan59cc9dee8.pdfAqib Syed
Moving from one country to another is just as usual as going to another city in this global village. People move for their work, study, or to immigrate. Due to this closeness of the boundary, things are getting available everywhere, and people are less likely to compromise to satisfy their demands. This is also relevant to food which is why we observe the growing trend of various restaurants everywhere, but when it comes to cooking food, there are still some unfulfilled areas. That is where we tried to look for a problem to solve for the consumers.
1.2 Vision
“To be Norway’s best provider of 1000+ varieties of authentic baskets with tastes from all over the world contributing towards sharing the food culture.”
1.3 Mission
Our mission is to offer an authentic taste experience in each basket we sell by supplementing traditional ingredients from different countries under one e-platform. We will offer customizable baskets based on the number of servings and a digital recipe book in each basket that instructs the food enthusiast on the proper ingredients and amount to be utilized while cooking their favorite or different cuisines. Customer satisfaction will be our top priority because it will ultimately help us generate greater demand and accomplish our vision.
Challenged-Based Learning Project on IVAR IKS (Digitalisation and sustainabil...Aqib Syed
IVAR is a company owned by Stavanger, Sola, Sandnes, Gjesdal, Hå, Time, Strand, Hjelmeland, Kvitsøy, Randaberg, Klepp and Suldal- kommune. It stands for Interkommunalt Vann Avløp Renovasjon. It has the responsibility for the sanitation, drainage and renovation in the region. Their vision is to have a society where nothing gets wasted (IVAR, 2021). At the same time, they are working on utilizing the resources they get in everyday in a productive and efficient way.
Their goal as a company as they are treating water is to be able to throw out sewage and wastewater to the ocean, without harming the marine life in it (IVAR,2021). While they also recycle the wastes that comes in every day. This makes them able to produce biogas and fertilizer.
We contacted the company via the email ivar@ivar.no and Mr Audun Roalkvam Head of recycling department at IVAR. At the Head office of IVAR at Mariero in Stavanger he gave us a brief interview. During this interview he gave us the answears for our most important questions. This report will proceed further in the light of factual insights provided by Mr Audun.
Why IVAR?
There was a bit confusion to select in between various restaurants, mega grocery stores or wastage management companies. After some initial discussion with the team, we decided to form a list of different interrelated questions regarding food wastage and we went to Rema 1000, Coop Mega, and Kiwi on the first outdoor visit and they gave us some emails to contact to right person in the company. We sent them emails with our questions but still could not get the answers. However, meanwhile we decided to finalize the one restaurant which may be popular and having a good traffic of customers as the food wastage could be a mandatory problem for them. Hence, we explored Villa 22, Olivia Torget, Egon Stavanger and Harry Pepper. After few hours of Intractive interview sessions with the staff and concerned person, we ended up concluding that they were doing their best to minimize food wastage. We came to know that it is a legal practice to throw the partially eaten or even the untouched food coming from the customer’s table so we can't do much about that, and regarding the food which is left behind is the refrigerator and can get expired within few days, they answered that our professional chefs are intelligent enough hence they know how precisely they can get the most out of it before it gets expired. Conversely, we were not satisfied on this response because it is nearly impossible to have a that precise check and balance in the inventory which is fragile as we also found a verbal evidence from other restaurants that they said we encourage our working staff to take that food which is going get expired within few days and it is not required anymore. That was where we ended up concluding that our first question is not worth anymore to work on it so it led us to reconsider our second question on how to improve food waste more efficiently with digitalization
E Scooters in Scandinavia and SustainabilityAqib Syed
This article describes the result on how electrical scooters and their swappable batteries have an impact on the environment. One of the leading companies, called TIER, has been selected for the analysis and exploration of the sustainability proposition. There will be an in-depth analysis of both circular and linear economies in terms of the company's perspective. The research is based on both theories from different articles, but also by an anonymous survey sent out to people.
Through the survey, it’s been observed an insight into how important sustainability and the environment are for the individual. Furthermore, the various answers in the survey stated that many chose to use electric scooters both because of accessibility, but also because of the environment. All this related to linear and circular economy, shows that TIER has thought about reuse by using reusable swappable batteries.
The conclusion that was drawn in this text is that for many, climate, environment and sustainability are important facts when it comes to everyday choices. Using recycling, instead of throwing away products, is important. Furthermore, one can then see that the survey corresponds with much of the theoretical basis.
The Great Leader Muhammad Ali Jinnah
This presentation was a project of History of Sub Continent. Dr Zabir Saeed Badar are supporting the "batch of 2019 BBA (Hons) Semester 7"
Sir Syed Ahmed Khan Bahadur -History of PakistanAqib Syed
Sir Syed Ahmed Khan was an Indian scholar and reformist who founded the Muhammadan Anglo-Oriental College, which later developed into the Aligarh Muslim University. He realized the importance of education for Muslims and opened several schools and societies. In 1877, he established the Muhammadan Anglo-Oriental College, which aimed to modernize Muslims through Western education while preserving their Islamic and cultural identity. Through his writings and educational initiatives, Sir Syed strived to improve relations between Muslims and the British and promote unity between the two communities.
Pakistan Resolution 1940 -History of PakistanAqib Syed
Pakistan Resolution 1940 -History of Pakistan
This Documentary was a project of History of Sub Continent. Dr Zabir Saeed Badar are supporting the "batch of 2019 BBA (Hons) Semester 7"
Rise of Mughal Empire (1625-1707)- History of SubContinentAqib Syed
Rise of Mughal Empire (1625-1707)- History of SubContinent
This Documentary was a project of History of Sub Continent. Dr Zabir Saeed Badar are supporting the "batch of 2019 BBA (Hons) Semester 7".
Decline of Mughals (1707-1857) -History of SubContinentAqib Syed
Decline of Mughals (1707-1857) -History of SubContinent
This Documentary was a project of History of Sub Continent. Dr Zabir Saeed Badar are supporting the "batch of 2019 BBA (Hons) Semester 7".
All the footage is recorded in Lahore Museum, Mall Road Lahore.
BBA Semester 7 (Batch 2015-2019)
GroupMembers:
Syed Aqib Ali
Mudassar Ahmad
Rizwan Naseer
Muhammad Huzaifa
Nimra Shafiq
Special Thanks to Prof. Zabir Saeed Badar.
You can watch a detailed video here:
https://www.youtube.com/watch?v=_WF-tvxlflk&t=26s
Allama Muhammad Iqbal as a Dreamer of Pakistan- History of SubContinentAqib Syed
Allama Muhammad Iqbal as a Dreamer of Pakistan- History of SubContinent
Sir Muhammad Iqbal (November 9, 1877 – April 21, 1938), widely known as Allama Iqbal, was a Muslim poet and philosopher . He became the national poet of Pakistan. He is also known as the poet of East. He wrote poetry in Urdu and Persian. His poetry is considered to be revolutionary.[1] His vision of an independent state for the Muslims of British India was a starting point for the creation of Pakistan. He is commonly referred to as Dr Allama Iqbal.
East Pakistan Separation- History of SubContinentAqib Syed
East Pakistan Separation- History of SubContinent
Political system in Pakistan broke down in 1971 because of output failure arising out of conflict among East and West Pakistan.
Though separation of East Pakistan occurred in 1971, the separation’s elements had begun to work with the emergence of Pakistan in 1947. Following were the main causes of the separation of East Pakistan.
General Muhammad Zia Ul Haq - Dictatorship in PakistanAqib Syed
General Muhammad Zia Ul Haq - Dictatorship in Pakistan
Zia was born in Jalandhar, British India, in 1924 asthe second child of Muhammad Akbar, who workedin the Army GHQ in Delhi and Selma, prior to theliberation of Pakistan from British colonial rule in1947.
He completed his initial education in Selma andthen attended St. Stephen's College, Delhi for hisgraduate degree. After graduation from St. XavierCollege, Zia joined the British Indian Army in 1943.
In 1957, Zulfikar Ali Bhutto became the youngest
member of Pakistan's delegation to the United Nations.
As his father was politically active, Bhutto had learned
politics and its affairs from very early age.
In 1958, he became Pakistan’s youngest cabinet
minister. He was assigned ministry of Water and
Power.
He was then given ministry of Commerce,
Communication and Industry.
Close and trustworthy to Ayub Khan.
Indus Water Treaty and Oil Exploration Agreement.
1963, Bhutto became Foreign Minister.
Ashoka- The Great _History of SubcontinentAqib Syed
Ashoka- The Great _History of Subcontinent
Ashoka, sometimes Ashoka the Great, was an Indian emperor of the Maurya Dynasty, who ruled almost all of the Indian subcontinent from c. 268 to 232 BCE.
This Documentary was a project of History of Sub Continent. Dr Zabir Saeed Badar are supporting the "batch of 2019 BBA (hons) Semester 7".
BBA Semester 7 (Batch 2015-2019)
GroupMembers:
Hamza Walayat
Muhammad Usman
Muhammad Zeeshan
Mian Umer
Rana Furqan
Touqeer Ashraf
Perception and Marketing- Consumer BehaviorAqib Syed
A research technique that enables marketers to plot graphically consumers’ perceptions concerning product attributes of specific brands.
Perception and Marketing- Consumer Behavior
A High–Involvement Learning Situation is one in which the consumer is motivated to process or learn the material.
A Low–Involvement Learning Situation is one in which the consumer has a little or no motivation to process or learn the material.
Exposure, Attention and Interpretation -Consumer BehaviorAqib Syed
Exposure, Attention and Interpretation -Consumer Behavior
Exposure provides consumers with the opportunity to pay attention to available information but in no way guarantees it.
Exposure
Kinds of Exposure
Examples of exposure
Attention
Kinds of Attention
Examples of Attention
Interpretation
Kinds of Interpretation
Examples of Interpretation
Emotions and Marketing Strategy- Cosnumer BehaviorAqib Syed
Emotions and Marketing Strategy- Cosnumer Behavior
We all experience hundreds of emotions and there are no words to explain all of them
Emotion can be positive an negative ; they can give happiness or unhappiness and discomfort.
An attitude is a hypothetical construct
that represents an individual's degree of
like or dislike for an item.
Types of Attitude
Functions of Attitude
Elements of Attitude
Theories of Attitude
Measuring Sources of Brand Equity -Brand ManagementAqib Syed
Measuring the sources of brand equity.
The use of social media platforms and websites to promote a product or service. (Wikipedia)
Refers to techniques that target social networks and applications to spread brand awareness or promote particular products. (Techopedia)
During the budget session of 2024-25, the finance minister, Nirmala Sitharaman, introduced the “solar Rooftop scheme,” also known as “PM Surya Ghar Muft Bijli Yojana.” It is a subsidy offered to those who wish to put up solar panels in their homes using domestic power systems. Additionally, adopting photovoltaic technology at home allows you to lower your monthly electricity expenses. Today in this blog we will talk all about what is the PM Surya Ghar Muft Bijli Yojana. How does it work? Who is eligible for this yojana and all the other things related to this scheme?
Prescriptive analytics BA4206 Anna University PPTFreelance
Business analysis - Prescriptive analytics Introduction to Prescriptive analytics
Prescriptive Modeling
Non Linear Optimization
Demonstrating Business Performance Improvement
Adani Group's Active Interest In Increasing Its Presence in the Cement Manufa...Adani case
Time and again, the business group has taken up new business ventures, each of which has allowed it to expand its horizons further and reach new heights. Even amidst the Adani CBI Investigation, the firm has always focused on improving its cement business.
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...Niswey
50 million companies worldwide leverage WhatsApp as a key marketing channel. You may have considered adding it to your marketing mix, or probably already driving impressive conversions with WhatsApp.
But wait. What happens when you fully integrate your WhatsApp campaigns with HubSpot?
That's exactly what we explored in this session.
We take a look at everything that you need to know in order to deploy effective WhatsApp marketing strategies, and integrate it with your buyer journey in HubSpot. From technical requirements to innovative campaign strategies, to advanced campaign reporting - we discuss all that and more, to leverage WhatsApp for maximum impact. Check out more details about the event here https://events.hubspot.com/events/details/hubspot-new-delhi-presents-unlocking-whatsapp-marketing-with-hubspot-integrating-messaging-into-your-marketing-strategy/
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...BBPMedia1
Nathalie zal delen hoe DEI en ESG een fundamentele rol kunnen spelen in je merkstrategie en je de juiste aansluiting kan creëren met je doelgroep. Door middel van voorbeelden en simpele handvatten toont ze hoe dit in jouw organisatie toegepast kan worden.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Satta matka fixx jodi panna all market dpboss matka guessing fixx panna jodi kalyan and all market game liss cover now 420 matka office mumbai maharashtra india fixx jodi panna
Call me 9040963354
WhatsApp 9040963354
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART INDIA MATKA KALYAN SATTA MATKA 420 INDIAN MATKA SATTA KING MATKA FIX JODI FIX FIX FIX SATTA NAMBAR MATKA INDIA SATTA BATTA
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Chap13 Security and Ethical Challenges
1. Chapter 13 Security and
Ethical Challenges
James A. O'Brien, and George Marakas.
Management Information Systems with MISource
2007, 8th
ed. Boston, MA: McGraw-Hill, Inc.,
2007. ISBN: 13 9780073323091
2. IT Security, Ethics, and Society
2Chapter 13 Security and Ethical Challenges
IT has both beneficial
and detrimental
effects on society and
people
Manage work
activities to
minimize the
detrimental effects
of IT
Optimize the
beneficial effects
3. Business Ethics
Ethics questions that managers confront as part
of their daily business decision making include:
Equity
Rights
Honesty
Exercise of corporate power
3Chapter 13 Security and Ethical Challenges
5. Corporate Social Responsibility
Theories
Stockholder Theory
Managers are agents of the stockholders
Their only ethical responsibility is to increase the profits of
the business without violating the law or engaging in
fraudulent practices
Social Contract Theory
Companies have ethical responsibilities to all members of
society, who allow corporations to exist
Stakeholder Theory
Managers have an ethical responsibility to manage a firm
for the benefit of all its stakeholders
Stakeholders are all individuals and groups that have a
stake in, or claim on, a company
5Chapter 13 Security and Ethical Challenges
6. Principles of Technology Ethics
Proportionality - The good achieved by the technology must
outweigh the harm or risk; there must be no alternative that
achieves the same or comparable benefits with less harm or
risk
Informed Consent - Those affected by the technology should
understand and accept the risks
Justice
The benefits and burdens of the technology should be
distributed fairly
Those who benefit should bear their fair share of the risks,
and those who do not benefit should not suffer a significant
increase in risk
Minimized Risk - Even if judged acceptable by the other three
guidelines, the technology must be implemented so as to
avoid all unnecessary risk
6Chapter 13 Security and Ethical Challenges
7. AITP Standards of Professional
Conduct
7Chapter 13 Security and Ethical Challenges
8. Responsible Professional
Guidelines
A responsible professional
Acts with integrity
Increases personal competence
Sets high standards of personal performance
Accepts responsibility for his/her work
Advances the health, privacy, and general
welfare of the public
8Chapter 13 Security and Ethical Challenges
9. Computer Crime
Computer crime includes
Unauthorized use, access, modification, or
destruction of hardware, software, data, or
network resources
The unauthorized release of information
The unauthorized copying of software
Denying an end user access to his/her own
hardware, software, data, or network resources
Using or conspiring to use computer or
network resources illegally to obtain
information or tangible property
9Chapter 13 Security and Ethical Challenges
11. Hacking
Hacking is
The obsessive use of computers
The unauthorized access and use of networked
computer systems
Electronic Breaking and Entering
Hacking into a computer system and reading
files, but neither stealing nor damaging anything
Cracker
A malicious or criminal hacker who maintains
knowledge of the vulnerabilities found for
private advantage
11Chapter 13 Security and Ethical Challenges
12. Common Hacking Tactics
Denial of Service
Hammering a website’s equipment with too many requests for
information
Clogging the system, slowing performance, or crashing the site
Scans
Widespread probes of the Internet to determine types of
computers, services, and connections
Looking for weaknesses
Sniffer
Programs that search individual packets of data as they pass
through the Internet
Capturing passwords or entire contents
Spoofing
Faking an e-mail address or Web page to trick users into
passing along critical information like passwords or credit card
numbers
12Chapter 13 Security and Ethical Challenges
13. Common Hacking Tactics
Trojan House
A program that, unknown to the user, contains instructions that
exploit a known vulnerability in some software
Back Doors
A hidden point of entry to be used in case the original entry
point is detected or blocked
Malicious Applets
Tiny Java programs that misuse your computer’s resources,
modify files on the hard disk, send fake email, or steal
passwords
War Dialing
Programs that automatically dial thousands of telephone
numbers in search of a way in through a modem connection
Logic Bombs
An instruction in a computer program that triggers a malicious
act
13Chapter 13 Security and Ethical Challenges
14. Common Hacking Tactics
Buffer Overflow
Crashing or gaining control of a computer by sending too much
data to buffer memory
Password Crackers
Software that can guess passwords
Social Engineering
Gaining access to computer systems by talking unsuspecting
company employees out of valuable information, such as
passwords
Dumpster Diving
Sifting through a company’s garbage to find information to help
break into their computers
14Chapter 13 Security and Ethical Challenges
15. Cyber Theft
Many computer crimes involve the theft of
money
The majority are “inside jobs” that involve
unauthorized network entry and alternation of
computer databases to cover the tracks of the
employees involved
Many attacks occur through the Internet
Most companies don’t reveal that they have
been targets or victims of cybercrime
15Chapter 13 Security and Ethical Challenges
16. Unauthorized Use at Work
Unauthorized use of computer systems and
networks is time and resource theft
Doing private consulting
Doing personal finances
Playing video games
Unauthorized use of the Internet or company
networks
Sniffers
Used to monitor network traffic or capacity
Find evidence of improper use
16Chapter 13 Security and Ethical Challenges
17. Internet Abuses in the Workplace
General email abuses
Unauthorized usage and access
Copyright infringement/plagiarism
Newsgroup postings
Transmission of confidential data
Pornography
Hacking
Non-work-related download/upload
Leisure use of the Internet
Use of external ISPs
Moonlighting
17Chapter 13 Security and Ethical Challenges
18. Software Piracy
Software Piracy
Unauthorized copying of computer programs
Licensing
Purchasing software is really a payment
for a license for fair use
Site license allows a certain number of copies
18
A third of the software
industry’s revenues are
lost to piracy
Chapter 13 Security and Ethical Challenges
19. Theft of Intellectual Property
Intellectual Property
Copyrighted material
Includes such things as music, videos,
images, articles, books, and software
Copyright Infringement is Illegal
Peer-to-peer networking techniques have
made it easy to trade pirated intellectual
property
Publishers Offer Inexpensive Online Music
Illegal downloading of music and video is
down and continues to drop
19Chapter 13 Security and Ethical Challenges
20. Viruses and Worms
A virus is a program that cannot work without
being inserted into another program
A worm can run unaided
These programs copy annoying or destructive
routines into networked computers
Copy routines spread the virus
Commonly transmitted through
The Internet and online services
Email and file attachments
Disks from contaminated computers
Shareware
20Chapter 13 Security and Ethical Challenges
21. Top Five Virus Families of all Time
My Doom, 2004
Spread via email and over Kazaa file-sharing network
Installs a back door on infected computers
Infected email poses as returned message or one that can’t be
opened correctly, urging recipient to click on attachment
Opens up TCP ports that stay open even after termination of
the worm
Upon execution, a copy of Notepad is opened, filled with
nonsense characters
Netsky, 2004
Mass-mailing worm that spreads by emailing itself to all email
addresses found on infected computers
Tries to spread via peer-to-peer file sharing by copying itself
into the shared folder
It renames itself to pose as one of 26 other common files along
the way
21Chapter 13 Security and Ethical Challenges
22. Top Five Virus Families of all Time
SoBig, 2004
Mass-mailing email worm that arrives as
an attachment
Examples: Movie_0074.mpg.pif, Document003.pif
Scans all .WAB, .WBX, .HTML, .EML, and .TXT files looking for
email addresses to which it can send itself
Also attempts to download updates for itself
Klez, 2002
A mass-mailing email worm that arrives with a randomly named
attachment
Exploits a known vulnerability in MS Outlook to auto-execute on
unpatched clients
Tries to disable virus scanners and then copy itself to all local
and networked drives with a random file name
Deletes all files on the infected machine and any mapped
network drives on the 13th of all even-numbered months
22Chapter 13 Security and Ethical Challenges
23. Top Five Virus Families of all Time
Sasser, 2004
Exploits a Microsoft vulnerability to spread from computer to
computer with no user intervention
Spawns multiple threads that scan local subnets for
vulnerabilities
23Chapter 13 Security and Ethical Challenges
24. The Cost of Viruses, Trojans,
Worms
Cost of the top five virus families
Nearly 115 million computers in 200 countries
were infected in 2004
Up to 11 million computers are believed to
be permanently infected
In 2004, total economic damage from virus
proliferation was $166 to $202 billion
Average damage per computer is between
$277 and $366
24Chapter 13 Security and Ethical Challenges
25. Adware and Spyware
Adware
Software that purports to serve a useful
purpose, and often does
Allows advertisers to display pop-up and
banner ads without the consent of the
computer users
Spyware
Adware that uses an Internet connection in
the background, without the user’s permission
or knowledge
Captures information about the user and
sends it over the Internet 25Chapter 13 Security and Ethical Challenges
26. Spyware Problems
Spyware can steal private information and also
Add advertising links to Web pages
Redirect affiliate payments
Change a users home page and search settings
Make a modem randomly call premium-rate
phone numbers
Leave security holes that let Trojans in
Degrade system performance
Removal programs are often not completely
successful in eliminating spyware
26Chapter 13 Security and Ethical Challenges
27. Privacy Issues
The power of information technology to store
and retrieve information can have a negative
effect on every individual’s right to privacy
Personal information is collected with every
visit to a Web site
Confidential information stored by credit
bureaus, credit card companies, and the
government has been stolen or misused
27Chapter 13 Security and Ethical Challenges
28. Opt-in Versus Opt-out
Opt-In
You explicitly consent to allow data to be
compiled about you
This is the default in Europe
Opt-Out
Data can be compiled about you unless you
specifically request it not be
This is the default in the U.S.
28Chapter 13 Security and Ethical Challenges
29. Privacy Issues
Violation of Privacy
Accessing individuals’ private email conversations and
computer records
Collecting and sharing information about individuals gained
from their visits to Internet websites
Computer Monitoring
Always knowing where a person is
Mobile and paging services are becoming more closely
associated with people than with places
Computer Matching
Using customer information gained from many sources to
market additional business services
Unauthorized Access of Personal Files
Collecting telephone numbers, email addresses, credit card
numbers, and other information to build customer profiles
29Chapter 13 Security and Ethical Challenges
30. Protecting Your Privacy on the
Internet
There are multiple ways to protect your privacy
Encrypt email
Send newsgroup postings through
anonymous remailers
Ask your ISP not to sell your name and
information to mailing list providers and
other marketers
Don’t reveal personal data and interests on
online service and website user profiles
30Chapter 13 Security and Ethical Challenges
31. Privacy Laws
Electronic Communications Privacy Act
and Computer Fraud and Abuse Act
Prohibit intercepting data communications messages, stealing or
destroying data, or trespassing in federal-related computer
systems
U.S. Computer Matching and Privacy Act
Regulates the matching of data held in federal agency files to
verify eligibility for federal programs
Other laws impacting privacy and how
much a company spends on compliance
Sarbanes-Oxley
Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley
USA Patriot Act
California Security Breach Law
Securities and Exchange Commission rule 17a-4
31Chapter 13 Security and Ethical Challenges
32. Computer Libel and Censorship
The opposite side of the privacy debate…
Freedom of information, speech, and press
Biggest battlegrounds - bulletin boards, email boxes, and
online files of Internet and public networks
Weapons used in this battle – spamming, flame mail,
libel laws, and censorship
Spamming - Indiscriminate sending of unsolicited email
messages to many Internet users
Flaming
Sending extremely critical, derogatory, and often
vulgar email messages or newsgroup posting to other
users on the Internet or online services
Especially prevalent on special-interest newsgroups
32Chapter 13 Security and Ethical Challenges
33. Cyberlaw
Laws intended to regulate activities over the Internet or via
electronic communication devices
Encompasses a wide variety of legal and political issues
Includes intellectual property, privacy, freedom of
expression, and jurisdiction
The intersection of technology and the law is controversial
Some feel the Internet should not be regulated
Encryption and cryptography make traditional form of
regulation difficult
The Internet treats censorship as damage and simply
routes around it
Cyberlaw only began to emerge in 1996
Debate continues regarding the applicability of legal
principles derived from issues that had nothing to do with
cyberspace
33Chapter 13 Security and Ethical Challenges
34. Other Challenges
Employment
IT creates new jobs and increases productivity
It can also cause significant reductions in job opportunities, as well as
requiring new job skills
Computer Monitoring
Using computers to monitor the productivity and behavior of employees as
they work
Criticized as unethical because it monitors individuals, not just work, and is
done constantly
Criticized as invasion of privacy because many employees do not know
they are being monitored
Working Conditions
IT has eliminated monotonous or obnoxious tasks
However, some skilled craftsperson jobs have been replaced by jobs
requiring routine, repetitive tasks or standby roles
Individuality
Dehumanizes and depersonalizes activities because computers eliminate
human relationships
Inflexible systems
34Chapter 13 Security and Ethical Challenges
35. Health Issues
Cumulative Trauma Disorders (CTDs)
Disorders suffered by people who sit at a
PC or terminal and do fast-paced repetitive
keystroke jobs
Carpal Tunnel Syndrome
Painful, crippling ailment of the hand
and wrist
Typically requires surgery to cure
35Chapter 13 Security and Ethical Challenges
36. Ergonomics
Designing healthy
work environments
Safe, comfortable,
and pleasant for
people to work in
Increases
employee morale
and productivity
Also called human
factors
engineering
36Chapter 13 Security and Ethical Challenges
Ergonomics Factors
37. Societal Solutions
Using information technologies to solve human
and social problems
Medical diagnosis
Computer-assisted instruction
Governmental program planning
Environmental quality control
Law enforcement
Job placement
The detrimental effects of IT
Often caused by individuals or organizations
not accepting ethical responsibility for their
actions
37Chapter 13 Security and Ethical Challenges
38. Security Management of IT
The Internet was developed for inter-operability,
not impenetrability
Business managers and professionals alike
are responsible for the security, quality, and
performance of business information systems
Hardware, software, networks, and data
resources must be protected by a variety
of security measures
38Chapter 13 Security and Ethical Challenges
39. Security Management
The goal of security
management is the
accuracy, integrity,
and safety of all
information system
processes and
resources
39Chapter 13 Security and Ethical Challenges
40. Internetworked Security Defenses
Encryption
Data is transmitted in scrambled form
It is unscrambled by computer systems for
authorized users only
The most widely used method uses a pair of
public and private keys unique to each
individual
40Chapter 13 Security and Ethical Challenges
42. Internetworked Security Defenses
Firewalls
A gatekeeper system that protects a
company’s intranets and other computer
networks from intrusion
Provides a filter and safe transfer point for
access to/from the Internet and other
networks
Important for individuals who connect to the
Internet with DSL or cable modems
Can deter hacking, but cannot prevent it
42Chapter 13 Security and Ethical Challenges
44. Denial of Service Attacks
Denial of service attacks depend on three
layers of networked computer systems
The victim’s website
The victim’s Internet service provider
Zombie or slave computers that have been
commandeered by the cybercriminals
44Chapter 13 Security and Ethical Challenges
45. Defending Against Denial of Service
At Zombie Machines
Set and enforce security policies
Scan for vulnerabilities
At the ISP
Monitor and block traffic spikes
At the Victim’s Website
Create backup servers and network
connections
45Chapter 13 Security and Ethical Challenges
46. Internetworked Security Defenses
Email Monitoring
Use of content monitoring software that scans
for troublesome words that might compromise
corporate security
Virus Defenses
Centralize the updating and distribution of
antivirus software
Use a security suite that integrates virus
protection with firewalls, Web security,
and content blocking features
46Chapter 13 Security and Ethical Challenges
47. Other Security Measures
Security Codes
Multilevel password system
Encrypted passwords
Smart cards with microprocessors
Backup Files
Duplicate files of data or programs
Security Monitors
Monitor the use of computers and networks
Protects them from unauthorized use, fraud, and destruction
Biometrics
Computer devices measure physical traits that make each
individual unique
Voice recognition, fingerprints, retina scan
Computer Failure Controls
Prevents computer failures or minimizes its effects
Preventive maintenance
Arrange backups with a disaster recovery organization
47Chapter 13 Security and Ethical Challenges
48. Other Security Measures
In the event of a system failure, fault-tolerant systems have
redundant processors, peripherals, and software that provide
Fail-over capability: shifts to back up components
Fail-save capability: the system continues to operate at the
same level
Fail-soft capability: the system continues to operate at a
reduced but acceptable level
A disaster recovery plan contains formalized procedures to follow
in the event of a disaster
Which employees will participate
What their duties will be
What hardware, software, and facilities will be used
Priority of applications that will be processed
Use of alternative facilities
Offsite storage of databases
48Chapter 13 Security and Ethical Challenges
49. Information System Controls
Methods and
devices that
attempt to
ensure the
accuracy,
validity, and
propriety of
information
system
activities
49Chapter 13 Security and Ethical Challenges
50. Auditing IT Security
IT Security Audits
Performed by internal or external auditors
Review and evaluation of security measures
and management policies
Goal is to ensure that that proper and
adequate measures and policies are in place
50Chapter 13 Security and Ethical Challenges