Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information System Security and Ethical Challenges

Published byあおい こけい Modified over 5 years ago

Similar presentations

Presentation on theme: "Information System Security and Ethical Challenges"— Presentation transcript:

1 Information System Security and Ethical Challenges
CHAPTER 7 Information System Security and Ethical Challenges

2 Chapter 7: Security and Ethical Challenges
Learning Objectives Identify several ethical issues in how the use of information technologies in business affects: employment, individuality, working conditions, Privacy, crime, health, etc. Identify several types of security management strategies and defenses, and explain how they can be used to ensure the security of business applications of information technology Propose several ways that business managers and professionals can help to lessen the harmful effects and increase the beneficial effects of the use of IT Chapter 7: Security and Ethical Challenges

3 Threats of IS What are the threats of IS on: Organisations Society
Individuals

4 Impact of information systems on Organizations and society
Impact on organizations Information system is one of the resources’ of an organization which poses a major resource management challenge. affects operational efficiency, employee productivity, and customer service & satisfaction. is a major source of information & support needed for effective decision making . affects organizational structure because it can reduce the layers & numbers of middle level management. Middle level management act as a bridge between operational level and top level; and information systems will break such bridge. The main challenge for organizations is IS management and IS security.

5 Impact of Information systems on society:
Advantages a shift on employment - employment is increasing in information sector because the economy is heavily dependent on the creation, management & distribution of information. usage of internet services:-the number of services available to home users is growing. Electronic mail, education service & video games, home banking, etc. Change on life style - individuals can do their jobs independent of their workplace. Information systems have created the opportunity for high standard of living and increasing leisure time.

6 Problems: A growing gap between “ information rich” and “information poor”. A threat to privacy - the incremental gathering of data by many organizations has made individuals to lose control over the use of their own data. The computer Viruses: are created by computer gangsters to steal, distort or destroy the data resources of business organisations and individuals. using Internets to disseminate wrong information and pornographic films to abuse and spoil the minds of children and young people.

7 IT Security, Ethics, and Society
IT has both beneficial and detrimental effects on society and people Objective: Manage work activities to minimize the detrimental effects of IT and Optimize the beneficial effects Chapter 7: Security and Ethical Challenges

8 Chapter 7: Security and Ethical Challenges
Business Ethics Ethics questions that managers confront as part of their daily business decision making include: Equity Rights Honesty Exercise of corporate power It is all about rational use of information and information system. Is the information system designed to be equitably offer information, in a way that doesn’t violate the right of employees to get employees, appropriate use of information. Chapter 7: Security and Ethical Challenges

9 Chapter 7: Security and Ethical Challenges
I. Computer Crime Is a growing threat caused by irresponsible actions of a small minority of computer professional and end users who are taking advantage of the widespread use of computers and IT in our society. Computer crime includes Unauthorized use, access, modification, or destruction of hardware, software, data, or network resources The unauthorized release of information. E.g. the case of Edward Swoden The unauthorized copying of software (copy right) Denying an end user access to his/her own hardware, software, data, or network resources Using or conspiring to use computer or network resources illegally to obtain information or tangible property Conspire: make secret plan to commit unlawful things. Chapter 7: Security and Ethical Challenges

10 Computer Crime (Cont’d)
Hacking Unauthorized Use at work Cyber Theft Piracy Computer Viruses Computer crime is a growing threat to today’s e-business. It is defined as the unauthorized use, access, modification, and destruction of information, hardware, software or network resources, and the unauthorized release of information. There are several major categories of computer crime that include: Hacking. The unauthorized access and use of networked computers. Examples of common hacking tactics include Spoofing, Trojan Horses, Logic Bombs, Denial of Service, War Dialing, and Scans. These tactics can be used to retrieve passwords, access or steal network files, overload computer systems, or damage data and programs. Cyber Theft. Electronic breaking and entering involving the theft of money. More recent examples involve using the Internet to access major banks’ computer systems. Unauthorized Use at Work. Unauthorized use of computer systems and networks by employees. Recent surveys suggest 90% of U.S workers admit to using work resources for personal use. Piracy. Software piracy is the unauthorized copying of software and is a violation of federal copyright laws. Such piracy results in millions of dollars of lost profits by software publishers. Computer Viruses. A virus is a program that once inserted into another program can spread destructive program routines that can result in destroying the contents of memory, hard disks, and other storage devices. The use of antivirus programs can reduce the risk of receiving a virus. © 2002 McGraw-Hill Companies

11 Chapter 7: Security and Ethical Challenges
1.1. Hacking Hacking: The unauthorized access and use of networked computer systems and reading files, but neither stealing nor damaging anything Cracker: is a hacker with criminal intent of gaining unauthorized access by finding weaknesses in the security protections employed by Web sites and computer systems, often taking advantage of various features of the Internet Hackers and crackers try to retrieve passwords, access or steal network files, overload computer systems, or damage data and programs. Chapter 7: Security and Ethical Challenges

12 Chapter 7: Security and Ethical Challenges
1.2. Cyber Theft Many computer crimes involve the theft of money that occur through the Internet The majority are “inside jobs” that involve unauthorized network entry and alteration of computer databases to cover the tracks of the employees involved in the theft. More recent examples involve using the Internet to access major banks’ computer systems. Most companies don’t reveal that they have been targets or victims of cybercrime for fear of loss of customer confidence. Chapter 7: Security and Ethical Challenges

13 Chapter 7: Security and Ethical Challenges
1.3. Unauthorized Use at Work (Service theft) time and resource theft through unauthorized use of computer systems and networks by employees This may include: Doing private consulting Doing personal finances Playing video games Unauthorized use of the Internet or company networks 1.4. Software Piracy Unauthorized copying of computer programs, which is intellectual property protected by copy right law. Such piracy results in millions of dollars of lost profits by software publishers. Chapter 7: Security and Ethical Challenges

14 Chapter 7: Security and Ethical Challenges
1.5. Computer viruses A virus is a program that spreads destructive program routines to destroy the contents of memory, hard disks, and other storage devices. Commonly transmitted through The Internet and online services and file attachments Disks from contaminated computers Chapter 7: Security and Ethical Challenges

15 Chapter 7: Security and Ethical Challenges
2. Privacy Issues information technology can have a negative effect on every individual’s right to privacy. Violation of Privacy Accessing individuals’ private conversations and computer records Collecting and sharing information about individuals gained from their visits to Internet websites Unauthorized Access of Personal Files Computer Monitoring: Tracking where a person is, especially as mobile and paging services are becoming more closely associated with people rather than places. Chapter 7: Security and Ethical Challenges

16 3. Computer Libel and Censorship
Releasing something that is wrong; just to attack others The opposite side of the privacy debate… Freedom of information, speech, and press Biggest battlegrounds - bulletin boards, boxes, and online files of Internet and public networks Weapons used in this battle – spamming, flame mail, libel (defamation), and censorship Spamming - Indiscriminate sending of unsolicited messages to many Internet users Flaming: The practice of sending extremely critical, offensive, and often improper messages or newsgroup posting to other users on the Internet or online services Censorship: suppression of free speech, forcibly publish something wrong. For example in unstable political situations where the public is rioting on government, speaking on side of government based on its good sides will be abused and censored. Chapter 7: Security and Ethical Challenges

17 Chapter 7: Security and Ethical Challenges
Cyberlaw Cyber law only began to emerge in 1996 Laws intended to regulate activities over the Internet or via electronic communication devices Encompasses a wide variety of legal and political issues Includes intellectual property, privacy, freedom of expression, and jurisdiction Debate continues regarding the applicability of legal principles to the use of internet technology Chapter 7: Security and Ethical Challenges

18 5. Employment Challenges of IT
Lost Job Opportunities Security Management Lost Individuality Health Issues Working Conditions The impact of information technologies on employment is a major ethical concern to managers of today’s e-business. Lost Job Opportunities. Information technology has created new jobs and increased productivity, while also causing a significant reduction in some types of job opportunities. Individuality. A frequent criticism of e-business systems concerns their negative effect on the individuality of people. Computerized systems can depersonalize human transactions, forcing people to confront and respond to impersonal programmed logic. Information systems also often require strict adherence to detailed procedures. Such regimentation is incompatible with human ideals of flexibility and empathy. However, widespread use of personal computers and the Internet has dramatically improved the development of people-oriented and personalized systems. Working Conditions. Many others suggest that while computers have eliminated monotonous or obnoxious tasks in the office place, thereby improving the quality of work, they have also made some jobs both repetitive and routine. Computer Monitoring. Computer monitoring is used by many employers to collect productivity data about their employees. However, many argue that such technology can be used to monitor individuals, not just their work, thus, violating their privacy. Moreover, such ‘Big Brotherism’ increases stress in the workplace. Political pressure is building to outlaw or regulate computer monitoring in the workplace. Stress is not the only health-related issue raised by the use of information technology. Heavy use of computers is linked to eyestrain, damaged arm and neck muscles, and radiation exposure. Solutions to some of these health problems are based on the science of ergonomics. The goal of ergonomics is to design healthy work environments that are safe, comfortable, and pleasant for people to work in, thus increasing employee morale and productivity. Ergonomics examines three major factors in the workplace: The tools used by the worker; e.g. computer screens, computer human interfaces, etc.; The work environment, e.g. lighting, work surfaces, climate etc.; and The job content and context, e.g. characteristics of the task, shift work, rest breaks etc. Teaching Tips This slide relates to the material on pp © 2002 McGraw-Hill Companies

19 Employment Challenges
The impact of information technologies on employment is a major ethical concern to managers of today’s e-business. Why? Information technology has created new jobs and increased productivity; While it has caused a significant reduction in some types of job opportunities. Computer Monitoring: Using computers to monitor the productivity and behavior of employees as they work Criticized as unethical because it monitors individuals, not just work, and is done constantly Criticized as invasion of privacy because many employees do not know they are being monitored Chapter 7: Security and Ethical Challenges

20 Employment Challenges (Cont’d)
Working Conditions computers have eliminated monotonous or unpleasant tasks in the office place, thereby improving the quality of work as they have made some jobs repetitive and routine. Computerized systems can depersonalize human transactions, forcing people to confront and respond to impersonal programmed logic which lessens the importance of empathy Information systems also often require strict adherence to detailed procedures, which is incompatible with human ideals of flexibility. However, widespread use of personal computers and the Internet has dramatically improved the development of people-oriented and personalized systems. Personalized systems like mobile banking. Chapter 7: Security and Ethical Challenges

21 Chapter 7: Security and Ethical Challenges
Health Issues Heavy use of computers is linked to eyestrain, damaged arm, neck muscles, and radiation exposure. Ergonomics (Also called human factors engineering) is the science that seeks Solutions to some of these health problems The Goal of ergonomics is to design healthy work environments that are Safe, comfortable, and pleasant for people to work Chapter 7: Security and Ethical Challenges

22 Chapter 7: Security and Ethical Challenges
Ergonomics (Cont’d) Ergonomics examines three major factors in the workplace: The tools used by the worker; e.g. computer screens, computer human interfaces, etc.; The work environment, e.g. lighting, work surfaces, climate etc.; and The job content and context, e.g. characteristics of the task, shift work, rest breaks etc. Chapter 7: Security and Ethical Challenges

23 Security Management of IT
Business managers and professionals are responsible to adhere to the goal of security management, which is to ensure the accuracy, integrity, Quality and safety of all information system resources (Hardware, software, networks, and data resources). Chapter 7: Security and Ethical Challenges

24 Internetworked Security Defenses
Encryption: uses to protect data that is transmitted via the Internet, intranets, or extranets. Installing multiple intrusion-detection systems e.g. firewalls, and multiple routers to control incoming traffic in order to reduce choke points. Centralizing, distribution and updating of antivirus software to Build defenses against the spread of computer viruses Setting and enforcing security policies such as monitoring policy to prevent the infiltration of destructive programs like Trojan Horses. Intrusion: unauthorized trial of access of information. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text. Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (cipher text). Decryption is the process of converting cipher text (which means secret message) back to plaintext. To encrypt more than a small amount of data, symmetric encryption is used. An Intruder is a person who attempts to gain unauthorized access to a system, to damage that system, or to disturb data on that system. In summary, this person attempts to violate Security by interfering with system Availability, data Integrity or data Confidentiality. Chapter 7: Security and Ethical Challenges

25 Internet and Intranet Firewalls
Chapter 7: Security and Ethical Challenges

26 Other Security Measures (Cont’d)
Security Codes. The use of passwords to control access to information assets. Backup Files. Such files may be stored off-premises and can be a key component in disaster recovery. Security Monitors. are programs that Monitor the use of hardware, software, and data resources of a computer. collect statistics on any attempt of misuse. Biometric Security Controls: include such detection devices as voice recognition and fingerprinting, which must correspond to the authorized person before admitting personnel to the system. Chapter 7: Security and Ethical Challenges

27 Security and control issues
Three major areas of control Information System Controls Methods and devices that ensures the accuracy, validity, and propriety of information system activities Procedural controls Include: Separation of duties Standard procedures and documentation Authorization requirements Auditing Physical control Include: Physical protection Computer failure controls Telecommunications controls Insurance Chapter 7: Security and Ethical Challenges

28 Chapter 7: Security and Ethical Challenges
Discussions What is the business value of IS security and control? What management, organization, and technology factors are responsible for IS security problem? What was the business impact of this IS security problem, both for organizations and its stakeholders? What do you think should be done in the business organizations to avoid similar problems? 9/17/2018 Chapter 7: Security and Ethical Challenges

29 The End

Download ppt "Information System Security and Ethical Challenges"

Similar presentations

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.

By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.
9 99 CHAPTER Privacy and Security. 9 © The McGraw-Hill Companies, Inc. 2002 Objectives 1.Privacy 2.Security 3.Ergonomics 4.Environment.

9 99 CHAPTER Privacy and Security. 9 © The McGraw-Hill Companies, Inc Objectives 1.Privacy 2.Security 3.Ergonomics 4.Environment.
1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 10-2 Competencies Describe concerns associated with computer.

1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved Competencies Describe concerns associated with computer.
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Security and Ethical Challenges

Security and Ethical Challenges
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.

Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
Discovering Computers 2010

Discovering Computers 2010
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.

1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.
Cyber Crime & Security Raghunath M D BSNL Mobile Services,

Cyber Crime & Security Raghunath M D BSNL Mobile Services,
McGraw-Hill Technology Education © 2006 by the McGraw-Hill Companies, Inc. All rights reserved. 1010 CHAPTER PRIVACY AND SECURITY.

McGraw-Hill Technology Education © 2006 by the McGraw-Hill Companies, Inc. All rights reserved CHAPTER PRIVACY AND SECURITY.

Similar presentations

Ads by Google