I NFORMATION S YSTEMS FOR C OMPETITIVE A DVANTAGE Chapter 9

2 SIX MAJOR ROLES AND GOALS OF IT 1.Increase employee productivity by reducing time, errors and costs using 2.Enhance decision making 3.Improve team collaboration 4.Create business partnerships and alliances 5.Enable global reach all over the world taking into consideration the culture of each nation or society. 6.Facilitate organizational transformation as the organization evolves and responds to the ever-changing marketplace.

9-3 I NFORMATION A GE T ERMS Computer Literacy Knowing how to use a computer to gather, store, organize, and otherwise process information. These are desirable and even required for many occupations today Computer Literacy Knowing how to use a computer to gather, store, organize, and otherwise process information. These are desirable and even required for many occupations today Digital Divide The gap developing in society between those that are computer literate and have access to computers and those that don’t and how it will affect them Digital Divide The gap developing in society between those that are computer literate and have access to computers and those that don’t and how it will affect them Computer Ethics The issues and standards of conduct as they pertain to the use of information systems including information privacy, accuracy, property, and accessibility Computer Ethics The issues and standards of conduct as they pertain to the use of information systems including information privacy, accuracy, property, and accessibility

9-4 C OMPUTER E THICS C ONCERNS

9-5 I NFORMATION P RIVACY AND I SSUES Information Privacy What information an individual must reveal to others in the course of gaining employment or shopping online Information Privacy What information an individual must reveal to others in the course of gaining employment or shopping online Identify Theft The stealing of another person’s private information (SIN, credit card numbers, etc.) for the purpose of using it to gain credit, borrow money, buy merchandise, or otherwise run up debt that are never paid. This is especially problematic because it: is invisible to the victim, they don’t know it is happening is very difficult to correct…credit agencies are involved can cause unrecoverable losses and legal costs Paying for Privacy CitiBank Identity Theft Commercials

9-6 I NFORMATION P RIVACY - H OW TO M AINTAIN Avoid having Cookies left on your machine Use settings in your browser to block cookies from being deposited on your machine by primary and third parties Use caution when requesting confirmation Use a separate account from normal to protect information from your employer, sellers, and any one using your computer Visit sites anonymously Use online privacy services that provide total privacy by blocking all techniques used to identify you online (e.g. Anonymizer) Choose websites monitored by independent organizations Use rating sites to identify merchant sites whose privacy policies conform to standards and are monitored (e.g epubliceye.com)

9-7 I NFORMATION A CCURACY Information Accuracy Concerned with assuring the authenticity and fidelity of information, and identifying those responsible for information errors that harm people Information Accuracy Concerned with assuring the authenticity and fidelity of information, and identifying those responsible for information errors that harm people Sources of information error Errors in computer output can come from two primary sources. These are: Machine Errors – errors in the computer program logic, communication and/or processing that receives, processes, stores, and presents information Human Errors – errors by the person(s) entering data or information into the computer system

9-8 I NFORMATION P ROPERTY Information Property Concerned with who owns information about individuals and how information can be sold and exchanged Information Property Concerned with who owns information about individuals and how information can be sold and exchanged Privacy Statements Are stated policies from the organizations collecting the information and how they intend to use it. These are legally binding statements Internal Use – used within the organization only External Use – can be sold to outside parties Information Ownership The organization storing the information owns it if it is given willingly…even if unknowingly by use of their sites (e.g. online surveys, credit card transactions, etc.)

9-9 I NFORMATION P ROPERTY – G ATHERING AND U SES Spam (see Chapter 4 for definition) This unsolicited can come from reputable sites selling your information. Possible problems from spam include: Viruses in attachments or links Added to other spam lists by responding Slows systems by taking up resources, disk space Spam (see Chapter 4 for definition) This unsolicited can come from reputable sites selling your information. Possible problems from spam include: Viruses in attachments or links Added to other spam lists by responding Slows systems by taking up resources, disk space Cookies These files stored on a computer do have legitimate uses but they also can: Store and transmit information about online habits including, sites visited, purchases made, etc. Prevent accessing sites when cookies are refused Collect and combine information with other information to build a personal profile to be sold FromSubjectReceivedSize 1(484) Hollie ****SPAM**** Fw: Re: GET YOURU NIVERSITY{} DIPLOMA6/19/20079 KB

9-10 I NFORMATION P ROPERTY – G ATHERING AND U SES Spyware These stealth computer applications are installed and then collect information about individuals without their knowledge. Currently this technology is not illegal Spyware These stealth computer applications are installed and then collect information about individuals without their knowledge. Currently this technology is not illegal Spyware Issues Spyware applications collect and transmit, or use, this information locally in several ways, including: Sale of information to online marketers (spammers) Illegal uses such as identity theft Modify user experience to market to the user by presenting ad banners, pop- ups, etc. (Adware) Spyware Issues Spyware applications collect and transmit, or use, this information locally in several ways, including: Sale of information to online marketers (spammers) Illegal uses such as identity theft Modify user experience to market to the user by presenting ad banners, pop- ups, etc. (Adware)

9-11 I NFORMATION A CCESSIBILITY Information Accessibility Concerned with defining what information a person or organization has the right to obtain about others and how that information is used Information Accessibility Concerned with defining what information a person or organization has the right to obtain about others and how that information is used Who has access? Besides personal access, other parties have the legal right to access and view private information including: Government – using advanced software packages (e.g Carnivore), traffic and all online activity can be monitored in real-time or after the fact Employers – they can legally limit, monitor or access activities on company- owned computers or networks as long as policy has been distributed to employees

9-12 I NFORMATION A CCESS – E XAMPLE OF C ARNIVORE

9-13 T HE N EED FOR E THICAL B EHAVIOUR Ethical Behaviour Illegal versus unethical behaviour is an information age concern. Though activities are not explicitly illegal, questions exist of whether they are unethical, such as: Photograph manipulation/modification – in this circumstance, the photograph not longer reflects absolute reality Unauthorized use of computers – at work or at school, “stealing time” for personal business or use Information collection – by companies compiling information to sell for profit Ethical Behaviour Illegal versus unethical behaviour is an information age concern. Though activities are not explicitly illegal, questions exist of whether they are unethical, such as: Photograph manipulation/modification – in this circumstance, the photograph not longer reflects absolute reality Unauthorized use of computers – at work or at school, “stealing time” for personal business or use Information collection – by companies compiling information to sell for profit

9-14 R ESPONSIBLE C OMPUTER U SE The Computer Ethics Institute developed these guidelines for ethical computer use that prohibit the following behaviors: Using a computer to harm others Interfering with other people’s computer work Snooping in other people’s files Using a computer to steal Using a computer to bear false witness Copying or using proprietary software without paying for it Using other people’s computer resources without authorization or compensation Appropriating other people’s intellectual output The Computer Ethics Institute developed these guidelines for ethical computer use that prohibit the following behaviors: Using a computer to harm others Interfering with other people’s computer work Snooping in other people’s files Using a computer to steal Using a computer to bear false witness Copying or using proprietary software without paying for it Using other people’s computer resources without authorization or compensation Appropriating other people’s intellectual output Guidelines In area of ethics, we rely on guidelines to guide behaviour. These guidelines can come from many organizations Guidelines In area of ethics, we rely on guidelines to guide behaviour. These guidelines can come from many organizations Pirates

9-15 C OMPUTER C RIMES Computer Crime The act of using a computer to commit an illegal act. The broad definition of computer crime can include the following: Targeting a computer while committing an offense Using a computer to commit and offense Using computers to support criminal activity Computer Crime The act of using a computer to commit an illegal act. The broad definition of computer crime can include the following: Targeting a computer while committing an offense Using a computer to commit and offense Using computers to support criminal activity

9-16 C OMPUTER C RIME – U NAUTHORIZED A CCESS Unauthorized Access A person gaining entry to a computer system for which they have no authority to use such access THIS IS A COMPUTER CRIME! Unauthorized Access A person gaining entry to a computer system for which they have no authority to use such access THIS IS A COMPUTER CRIME! 82% come from inside the organization (employees)

9-17 C OMPUTER C RIME – V ARIOUS T YPES 1 ST H ALF

9-18 C OMPUTER C RIME – V ARIOUS T YPES 2 ND H ALF

9-19 C OMPUTER C RIMES - H ACKING AND C RACKING Hackers A term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. Hackers A term to describe unauthorized access to computers based entirely on a curiosity to learn as much as possible about computers. Crackers A term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers Crackers A term to describe those who break into computer systems with the intention of doing damage or committing crimes. This term was created because of protests by true hackers Phishing

9-20 C OMPUTER C RIME – S OFTWARE P IRACY Software Piracy This practice of buying one copy and making multiple copies for personal and commercial use, or for resale is illegal in most countries while others offer weak or nonexistent protections. This has become and international problem as shown below

9-21 D ESTRUCTIVE C ODE THAT R EPLICATES Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types: Boot Sector File Infector – Combination – Attachment Viruses These programs disrupt the normal function of a computer system through harmless pranks or by destroying files on the infected computer. They come in several types: Boot Sector File Infector – Combination – Attachment Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files Worms This destructive code also replicates and spreads through networked computers but does damage by clogging up memory to slow the computer versus destroying files

9-22 D ESTRUCTIVE C ODE THAT D OESN ’ T R EPLICATES Trojan Horses These programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access) Trojan Horses These programs do not replicate but can do damage as they run hidden programs on the infected computer that appears to be running normally (i.e. a game program that creates an account on the unsuspecting user’s computer for unauthorized access) Logic or Time Bombs A variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company) Time Bombs – are set off by dates (e.g. a birthday) Logic Bombs – are set off by certain operations (e.g. a certain password) Logic or Time Bombs A variation of a Trojan Horse that also do not replicate and are hidden but are designed to lie in wait for a triggering operation. (i.e. a disgruntled employee that sets a program to go off after they leave the company) Time Bombs – are set off by dates (e.g. a birthday) Logic Bombs – are set off by certain operations (e.g. a certain password)

9-23 C YBERWAR AND C YBERTERRORISM Cyberterrorism The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals Cyberwar An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country. Cyberterrorism The use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals Cyberwar An organized attempt by a country’s military to disrupt or destroy the information and communications systems of another country.