SlideShare a Scribd company logo
Professional Practices
SS-301
Ehtesham Raza,
Assistant Professor,
Govt. Murray College,
Sialkot.
Lecture 10:
Information Security and
Privacy
Topic: Information Security Practices
• Introduction
• The CIA: Information Security Principles
• Information Security Organizational
Structure
• Information Classification
Introduction
• Information security, sometimes shortened to
InfoSec, is the practice of
defending information from unauthorized access,
use, disclosure, disruption, modification,
inspection, recording or destruction. It is a general
term that can be used regardless of the form the
data may take (e.g. electronic, physical)
The CIA:
Information Security Principles
• The CIA principle
– Confidentiality
– Integrity
– Availability
Information Security Organizational Structure
Information Classification
• Information Classification
• Government classifications
• Private Sector classifications
– Criteria
Lecture 11:
Computer Misuse and
Criminal Law
Computer Misuse & Criminal
Law
Introduction:
The media and popular computing press
abound with tales of multi-million pound
computer frauds and of the dangers to
commercial companies, governmental data
banks, financial institutions and national
security from the activities of computer
hackers
Computing and criminal activity
• Modern business process is done through
utilizing computer software and hardware,
i.e. some form of computer system is used
in it.
• There has been a sharp rise in the number
of crimes involving computing; and the
Internet has undoubtedly created new
security risks
Categories of misuse
Under the study of the English criminal law, the Law
Commission highlighted a number of categories of misuse
of computers
• Computer fraud
• Unauthorized obtaining of information from a computer
– Computer hacking
– Eavesdropping on a computer
– Making unauthorized use of computers for personal benefit
• Unauthorized alteration or destruction of information
stored on a computer
• Denying access to an authorized user
• The unauthorized removal of information stored on a
computer
Computer Fraud
• The Law Commission defined computer fraud as conduct
which involves the manipulation of a computer or internet,
by whatever method, in order dishonestly to obtain money,
property, or some other advantage of value, or to cause
loss
• Computer fraud is further divided into three categories
– Input frauds
e.g. intentionally entering false data or amending data into the
computer
– Output frauds
Output fraud involves stealing or misusing system output
– Program frauds
Program fraud involves the dishonest alteration of a computer
program
Obtaining unauthorized access
to a computer
• The second form of misuse identified by
the Law Commission was unauthorized
obtaining of information from a computer.
It is sub-divided as:
• Computer hacking:
Accessing a computer without the authorization
of the owner. In this case the person accesses
the computer secretly for stealing information,
data or manipulation of data for diverse
purposes
Continued…
• Eavesdropping
Literal meaning listening or spying secretly
• Unauthorized use of a
computer for personal benefit
Using computer’s authorized information for
personal benefits. In this case, the person
misusing the computer is usually employee or
authorized user of the company
Lecture 12:
Social Networking & Ethics
Topic: Social Networking & Ethics
• Introduction
• The Good, the Bad and the Ugly
• How to Protect yourself
• How to protect your children
Introduction to Social Networking & Ethics
Def: When a computer network connects people
or organizations, it is a social network. Just as
a computer network is a set of machines
connected by a set of cables, a social network
is a set of people (or organizations or other
social entities) connected by a set of social
relationships, such as friendship, coworking or
information exchange
National Cyber Alert System
• Web 2.0
– Facebook & Myspace - Free-access social
networking websites
– Twitter – “micro” blog – 280 characters or less
– Blog – shared on-line journal
– Video Sharing Sites – YouTube, Flikr
– Podcast – audio broadcast that can be downloaded
The Good, the Bad and the Ugly
• Example
The case of a person asking for emergency money while
impersonating a Facebook user to her friends
http://eliasbizannes.com/blog/2009/01/phishing-for-fraud-on-
facebook/ Also the British MI6 chief that was exposed by his
wife’s Facebook pictures:
http://www.dailymail.co.uk/news/article-1197562/MI6-chief-
blows-cover-wifes-Facebook-account-reveals-family-holidays-
showbiz-friends-links-David-Irving.html
How to Protect Your Self
• Keep private information private
• Do not post address, ssn, phone number,
financial info, your schedule, full birth date
• Be careful not to display information used to
answer security questions (e.g., favorite pet,
mother’s maiden name)
• Use caution when you click links
• Be careful about installing extras on your site
• Be wary of unknown friends (strangers)
• Google yourself
• Don’t blindly connect
• Trust your gut instinct
• Use and maintain anti-virus software
• Use strong passwords
• Don’t use the same password for a social networking
site and for your email
• Remember - social networking sites are a public
resource – like a billboard in cyberspace
• Evaluate sites privacy settings
• Lock down your profile information to people you
accepts as a friend. That way no one can read your
personal information unless they are an approved
friend
• Be skeptical
How to Protect Your Children
• “It’s 10 p.m., do you know where your
children are?”
– “And who they are talking to online?”
– Age limits on some social networking sites
– Facebook and MySpace open to people 13 and
older
– Twitter open to all
Thank you!

More Related Content

What's hot

Computer security privacy and ethics
Computer security privacy and ethicsComputer security privacy and ethics
Computer security privacy and ethics
geneveve_
 
Protecting Personal Privacy
Protecting Personal PrivacyProtecting Personal Privacy
Protecting Personal Privacy
DoubleXDS
 
Ethics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodEthics and privacy ppt 3rd period
Ethics and privacy ppt 3rd period
charvill
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 

What's hot (20)

Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against children
 
Cyber crimes among adolescents
Cyber crimes among adolescentsCyber crimes among adolescents
Cyber crimes among adolescents
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
 
Breakfast Briefings - February 2018
Breakfast Briefings - February 2018Breakfast Briefings - February 2018
Breakfast Briefings - February 2018
 
Cyber law (identity theft)
Cyber law (identity theft)Cyber law (identity theft)
Cyber law (identity theft)
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Information security awareness, middle management
Information security awareness, middle managementInformation security awareness, middle management
Information security awareness, middle management
 
Computer security privacy and ethics
Computer security privacy and ethicsComputer security privacy and ethics
Computer security privacy and ethics
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
Computer Crimes
Computer CrimesComputer Crimes
Computer Crimes
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Protecting Personal Privacy
Protecting Personal PrivacyProtecting Personal Privacy
Protecting Personal Privacy
 
Computer security
Computer securityComputer security
Computer security
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
ppt on child pornography and cyber crime
ppt on child pornography and cyber crimeppt on child pornography and cyber crime
ppt on child pornography and cyber crime
 
Ethics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodEthics and privacy ppt 3rd period
Ethics and privacy ppt 3rd period
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Cyberspace
CyberspaceCyberspace
Cyberspace
 

Similar to finance and accounting

MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
EndAlk15
 
PROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACYPROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACY
DoubleXDS
 

Similar to finance and accounting (20)

MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
 
cyber safety_grade11cse_afsheen,vishal.pptx
cyber safety_grade11cse_afsheen,vishal.pptxcyber safety_grade11cse_afsheen,vishal.pptx
cyber safety_grade11cse_afsheen,vishal.pptx
 
Cyber Safety ppt.pptx
Cyber Safety ppt.pptxCyber Safety ppt.pptx
Cyber Safety ppt.pptx
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
 
Technology ComputerCrime presentation.pptx
Technology ComputerCrime presentation.pptxTechnology ComputerCrime presentation.pptx
Technology ComputerCrime presentation.pptx
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 
Misuse of computer
Misuse of computerMisuse of computer
Misuse of computer
 
Cyber Crime, Cyber Space and Effects .pptx
Cyber Crime, Cyber Space and Effects .pptxCyber Crime, Cyber Space and Effects .pptx
Cyber Crime, Cyber Space and Effects .pptx
 
Cyber Crime Cyber Space and Effects .pptx
Cyber Crime Cyber Space and Effects .pptxCyber Crime Cyber Space and Effects .pptx
Cyber Crime Cyber Space and Effects .pptx
 
Hacking
Hacking Hacking
Hacking
 
PROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACYPROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACY
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
 
E commerce
E commerce E commerce
E commerce
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptx
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptx
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber security By rajeev.pptx
Cyber security By rajeev.pptxCyber security By rajeev.pptx
Cyber security By rajeev.pptx
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
 

More from Hamza Cheema

More from Hamza Cheema (20)

seven habits
seven habitsseven habits
seven habits
 
leadership
leadershipleadership
leadership
 
time management
time managementtime management
time management
 
professional ethics
professional ethicsprofessional ethics
professional ethics
 
the profession
 the profession the profession
the profession
 
managing teams and their conflicts
managing teams and their conflictsmanaging teams and their conflicts
managing teams and their conflicts
 
swot-analysis
swot-analysisswot-analysis
swot-analysis
 
professional ethics in_computing
professional ethics in_computingprofessional ethics in_computing
professional ethics in_computing
 
ethics and professionalism
ethics and professionalismethics and professionalism
ethics and professionalism
 
effective time-management-important-vs-urgent
effective time-management-important-vs-urgenteffective time-management-important-vs-urgent
effective time-management-important-vs-urgent
 
time management islamic way
time management islamic waytime management islamic way
time management islamic way
 
time management
time managementtime management
time management
 
professionalism
professionalismprofessionalism
professionalism
 
habbits of highly effective people
habbits of highly effective peoplehabbits of highly effective people
habbits of highly effective people
 
leardeship
leardeshipleardeship
leardeship
 
be the tranformer (overall characteristics)
 be the tranformer (overall characteristics) be the tranformer (overall characteristics)
be the tranformer (overall characteristics)
 
characteristics of a professional organization
characteristics of a professional organizationcharacteristics of a professional organization
characteristics of a professional organization
 
hackivism
hackivismhackivism
hackivism
 
computer misuse n criminal law
computer misuse n criminal lawcomputer misuse n criminal law
computer misuse n criminal law
 
intellectual property rights
 intellectual property rights intellectual property rights
intellectual property rights
 

Recently uploaded

plant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated cropsplant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated crops
parmarsneha2
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
Avinash Rai
 
Accounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdfAccounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdf
YibeltalNibretu
 

Recently uploaded (20)

Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup   New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup   New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
plant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated cropsplant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated crops
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
 
B.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdfB.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdf
 
Accounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdfAccounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdf
 
How to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS ModuleHow to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS Module
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 

finance and accounting

  • 1. Professional Practices SS-301 Ehtesham Raza, Assistant Professor, Govt. Murray College, Sialkot.
  • 3. Topic: Information Security Practices • Introduction • The CIA: Information Security Principles • Information Security Organizational Structure • Information Classification
  • 4. Introduction • Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical)
  • 5. The CIA: Information Security Principles • The CIA principle – Confidentiality – Integrity – Availability
  • 7. Information Classification • Information Classification • Government classifications • Private Sector classifications – Criteria
  • 8. Lecture 11: Computer Misuse and Criminal Law
  • 9. Computer Misuse & Criminal Law Introduction: The media and popular computing press abound with tales of multi-million pound computer frauds and of the dangers to commercial companies, governmental data banks, financial institutions and national security from the activities of computer hackers
  • 10. Computing and criminal activity • Modern business process is done through utilizing computer software and hardware, i.e. some form of computer system is used in it. • There has been a sharp rise in the number of crimes involving computing; and the Internet has undoubtedly created new security risks
  • 11. Categories of misuse Under the study of the English criminal law, the Law Commission highlighted a number of categories of misuse of computers • Computer fraud • Unauthorized obtaining of information from a computer – Computer hacking – Eavesdropping on a computer – Making unauthorized use of computers for personal benefit • Unauthorized alteration or destruction of information stored on a computer • Denying access to an authorized user • The unauthorized removal of information stored on a computer
  • 12. Computer Fraud • The Law Commission defined computer fraud as conduct which involves the manipulation of a computer or internet, by whatever method, in order dishonestly to obtain money, property, or some other advantage of value, or to cause loss • Computer fraud is further divided into three categories – Input frauds e.g. intentionally entering false data or amending data into the computer – Output frauds Output fraud involves stealing or misusing system output – Program frauds Program fraud involves the dishonest alteration of a computer program
  • 13. Obtaining unauthorized access to a computer • The second form of misuse identified by the Law Commission was unauthorized obtaining of information from a computer. It is sub-divided as: • Computer hacking: Accessing a computer without the authorization of the owner. In this case the person accesses the computer secretly for stealing information, data or manipulation of data for diverse purposes
  • 14. Continued… • Eavesdropping Literal meaning listening or spying secretly • Unauthorized use of a computer for personal benefit Using computer’s authorized information for personal benefits. In this case, the person misusing the computer is usually employee or authorized user of the company
  • 16. Topic: Social Networking & Ethics • Introduction • The Good, the Bad and the Ugly • How to Protect yourself • How to protect your children
  • 17. Introduction to Social Networking & Ethics Def: When a computer network connects people or organizations, it is a social network. Just as a computer network is a set of machines connected by a set of cables, a social network is a set of people (or organizations or other social entities) connected by a set of social relationships, such as friendship, coworking or information exchange
  • 18. National Cyber Alert System • Web 2.0 – Facebook & Myspace - Free-access social networking websites – Twitter – “micro” blog – 280 characters or less – Blog – shared on-line journal – Video Sharing Sites – YouTube, Flikr – Podcast – audio broadcast that can be downloaded
  • 19. The Good, the Bad and the Ugly • Example The case of a person asking for emergency money while impersonating a Facebook user to her friends http://eliasbizannes.com/blog/2009/01/phishing-for-fraud-on- facebook/ Also the British MI6 chief that was exposed by his wife’s Facebook pictures: http://www.dailymail.co.uk/news/article-1197562/MI6-chief- blows-cover-wifes-Facebook-account-reveals-family-holidays- showbiz-friends-links-David-Irving.html
  • 20. How to Protect Your Self • Keep private information private • Do not post address, ssn, phone number, financial info, your schedule, full birth date • Be careful not to display information used to answer security questions (e.g., favorite pet, mother’s maiden name) • Use caution when you click links • Be careful about installing extras on your site
  • 21. • Be wary of unknown friends (strangers) • Google yourself • Don’t blindly connect • Trust your gut instinct • Use and maintain anti-virus software • Use strong passwords
  • 22. • Don’t use the same password for a social networking site and for your email • Remember - social networking sites are a public resource – like a billboard in cyberspace • Evaluate sites privacy settings • Lock down your profile information to people you accepts as a friend. That way no one can read your personal information unless they are an approved friend • Be skeptical
  • 23. How to Protect Your Children • “It’s 10 p.m., do you know where your children are?” – “And who they are talking to online?” – Age limits on some social networking sites – Facebook and MySpace open to people 13 and older – Twitter open to all