The document discusses various security and ethical challenges related to management information systems. It covers topics such as hacking, cyber theft, unauthorized computer use at work, software piracy, computer viruses, privacy issues, health issues related to computer use, and theories of corporate social responsibility. It also provides details on security measures like encryption, firewalls, denial of service defenses, email monitoring, virus defenses, security codes, backup files, biometric security, fault tolerant systems, and disaster recovery.

1. Security and Ethical Challenges Management Information Systems Management Information Systems Reported by: LOUIE A. MEDINACELI ZEPPELIN B. MALPAL AZUDIN T. MAZTURA CLODUALDO G. MAGAAN, JR. GILBERT S. DADOR, MBA Special Lecturer

2. Security challenges Computer crimes that exist in the present society are:- Hacking Cyber Theft Unauthorized use at work Software Piracy Piracy of intellectual property Computer viruses and worms Management Information Systems

3. Hacking Hacking is the obsessive use of computers, or the unauthorized access and use of networked computer systems. Hackers usually Steal or damage data Get unauthorized access to computer files Monitor e-mails or web server access May use remote services that allow one computer to execute programs on another Plant data that will cause system to welcome intruders Management Information Systems

4. Cyber Theft Cyber theft involves theft of money by unauthorized network entry and fraudulent alteration of computer databases. Management Information Systems

5. Unauthorized use at Work Unauthorized use of computer resources especially by employees Playing video games Unauthorized use of internet Non-work related upload/download Transmission of confidential data Moonlighting Management Information Systems

6. Software Piracy Unauthorized copying of data is called software piracy or software theft Software is protected by copyright law and user license agreement that allows only limited copies to be made Management Information Systems

7. Piracy of Intellectual Property Materials other than software are also pirated by making multiple copies Piracy of music, video, images, articles, books etc. Dissemination of these material through internet websites Management Information Systems

8. Computer viruses and worms A virus is a program code that cannot work without being inserted into another program A worm is a distinct program that can run unaided These programs copy annoying or destructive routines into the networked computer systems of anyone who accesses computers affected with the virus or who uses copies of magnetic disks taken from infected computers They enter a computer through e-mail or file attachments, or through illegal software. A virus usually copies itself into the OS, and then spreads to main memory and thus hard disk and any inserted external memory. Management Information Systems

9. Privacy Issues Privacy on the internet Computer Matching Privacy Laws Computer libel and censorship (threats are spamming and flaming) Management Information Systems

10. Other Challenges Employment challenges because a lot of tasks have been automated Computer monitoring causes intrusion in personal space for workers Challenges in working conditions are caused by tasks which are monotonous in nature. But it also automates most of the work and gives way to more challenging jobs Challenges to individuality as they eliminate the human relationships between people Management Information Systems

11. Health issues The use of IT in the workplace raises a variety of health issues . Heavy use of computers is reportedly causing health problems such as: · Job stress · Damaged arm and neck muscles · Eye strain · Radiation exposure · Death by computer-caused accidents Management Information Systems

12. Benefits Medical diagnosis Crime control Environmental monitoring Urban planning Computer based training Distance learning Management Information Systems

13. Ethical responsibility of business professionals Business ethics are concerned with Equity Rights Honesty Exercise of corporate power Management Information Systems

14. Categories of Ethical Business Issues Management Information Systems

15. Theories of corporate social responsibility The stockholders theory holds that managers are agents of the stockholders and their only ethical responsibility is to increase the profits of the business without violating the law or engaging in fraudulent activities. The social contract theory states that companies have ethical responsibilities to all members of society, which allow corporations to exist based on a social contract The stakeholders theory states that managers have ethical responsibility to manage a firm for the benefit of all of its stakeholders i.e. stockholders, employees, customers, suppliers and local community. Management Information Systems

16. Principles of technology ethics Proportionality of benefits to risk Informed consent to risks Justice in distribution of risk with benefits derived to each sub unit Minimized risk by the selected option Management Information Systems

17. Ethical guideline Acting with integrity Increasing your professional competence Setting high standards of personal performance Accepting responsibility for your work Advancing the health, privacy, and general welfare of the public Management Information Systems

18. Security management of IT Encryption Firewalls Denial of service attacks E-mail monitoring Virus defense Security codes Backup files Security monitors Biometric security Computer failure controls Fault tolerant systems Disaster recovery System controls and audits Management Information Systems

19. Encryption The concept of private key and public key can be extended to authentication protocols. There are three types of authentication protocols followed by organizations. Password Authentication protocol Challenge Handshake authentication Protocol Extensible Authentication Protocol Management Information Systems

20. Firewall Firewalls are used to restrict access to one network from another network. Different types of firewalls exist. Packet Filtering Stateful firewalls Proxy Firewalls Kernel Proxy firewalls Management Information Systems

21. Denial of Service Defenses The Internet is extremely vulnerable to variety of assaults by criminal hackers, especially denial of service (DOS) attacks. Denial of service assaults via the Internet depend on three layers of networked computer systems, and these are the basic steps e-business companies and other organizations can take to protect their websites form denial of service and other hacking attacks . Management Information Systems

22. e-Mail Monitoring Internet and other online e-mail systems are one of the favorite avenues of attack by hackers for spreading computer viruses or breaking into networked computers. E-mail is also the battleground for attempts by companies to enforce policies against illegal, personal, or damaging messages by employees, and the demands of some employees and others, who see such policies as violations of privacy rights. Management Information Systems

23. Virus Defenses Many companies are building defenses against the spread of viruses by centralizing the distribution and updating of antivirus software, as a responsibility of there IS departments. Other companies are outsourcing the virus protection responsibility to their Internet service providers or to telecommunications or security management companies. Management Information Systems

24. Security Codes Typically, a multilevel password system is used for security management. First, an end user logs on to the computer system by entering his or her unique identification code, or user ID. The end user is then asked to enter a password in order to gain access into the system. Next, to access an individual file, a unique file name must be entered. Management Information Systems

25. Backup Files Backup files, which are duplicate files of data or programs, are another important security measure. · Files can be protected by file retention measures that involve storing copies of files from previous periods. · Several generations of files can be kept for control purposes. Management Information Systems

26. Security Monitors System security monitors are programs that monitor the use of computer systems and networks and protect them from unauthorized use, fraud, and destruction. Security monitor programs provide the security measures needed to allow only authorized users to access the networks. Security monitors also control the use of the hardware, software, and data resources of a computer system . Security monitors can be used to monitor the use of computer networks and collect statistics on any attempts at improper use. Management Information Systems

27. Biometric Security These are security measures provided by computer devices, which measure physical traits that make each individual unique. This includes: Voice verification Fingerprints Hand geometry Signature dynamics Keystroke analysis Retina scanning Face recognition Genetic pattern analysis Management Information Systems

28. Computer Failure Controls Programs of preventative maintenance of hardware and management of software updates are commonplace Using computers equipped with automatic and remote maintenance capabilities Establishing standards for electrical supply, air conditioning, humidity control, and fire prevention standards Management Information Systems

29. Computer Failure Controls Arrange for a backup computer system capability with disaster recovery organizations. Scheduling and implementing major hardware or software changes to avoid problems. Training and supervision of computer operators. Using fault tolerant computer systems (fail-safe and fail-soft capabilities) Management Information Systems

30. Computer Failure Controls Arrange for a backup computer system capability with disaster recovery organizations. Scheduling and implementing major hardware or software changes to avoid problems. Training and supervision of computer operators. Using fault tolerant computer systems (fail-safe and fail-soft capabilities) Management Information Systems

31. Fault Tolerant Systems Management Information Systems

32. Disaster Recovery Hurricanes, earthquakes, fires, floods, criminal and terrorist acts, and human error can all severely damage an organization's computing resources, and thus the health of the organization itself. That is why it is important for organizations to develop disaster recovery procedures and formalize them in a disaster recovery plan. It specifies which employees will participate in disaster recovery, and what their duties will be; what hardware, software, and facilities will be used; and the priority of applications that will be processed. Arrangements with other companies for use of alternative facilities as a disaster recovery site and off site storage of an organization's databases are also part of an effective recovery effort. Management Information Systems

33. THANK YOU !!! OPTICAL ILLUSION: if YOU LOOK at the PICTURE CAREFULLY, AFTER a FEW SECONDS, YOU CAN SEE the PHILIPPINES or the DIAMOND RING