Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fundamentals & Ethics of Information Systems IS 201

Published byBrent Cummings Modified over 6 years ago

Similar presentations

Presentation on theme: "Fundamentals & Ethics of Information Systems IS 201"— Presentation transcript:

1 Fundamentals & Ethics of Information Systems IS 201
Chapter 6 Ethical and Security Issues in Information Systems Chapter 6 – Ethics in Information Systems Slide 1

2 Chapter 6 – Ethics in Information Systems Slide 2
Learning Objectives Describe the major ethical issues related to information technology and identify situations in which they occur. Describe the many threats to information security. Understand the various defense mechanisms used to protect information systems. Explain threats related to Provide an appreciation of the law as it relates to computing Chapter 6 – Ethics in Information Systems Slide 2

3 Chapter 6 – Ethics in Information Systems Slide 3
Chapter Overview Ethics in the Digital World The Ten Commandments of Computer Ethics The Four Categories of Ethical Issues Privacy and Security Ethical Issues Computer Law Summary Chapter 6 – Ethics in Information Systems Slide 3

4 1. Ethics in the Digital World
A set of principles of right conduct The rules or standards governing the conduct of a person or the members of a profession Ethics in the digital world are confusing. Ethical is not always the same as legal. Legal system has not kept pace with the technology developments. Chapter 6 – Ethics in Information Systems Slide 4

5 Examples of ethical cases
Is your hard drive full of great music and films? Where did you get it? Copyright violation Have you given a friend a copy of your Microsoft Project software? Software piracy سرقة أدبية Did you read the confidential company file that was accidentally attached to your ? Computer abuse, security issue Did you gain access to the network and invade other workers s and files? You formatted your hard drive prior to leaving your company because you were angry about leaving. Destruction of property Chapter 6 – Ethics in Information Systems Slide 5

6 Chapter 6 – Ethics in Information Systems Slide 6
Ethical or Unethical? Judging behaviors in the digital world is not straightforward A student finds the teacher’s password to the school’s information system and uses it to change his grades and the grades of other students. A student uses the copy and paste commands to place large parts of an electronic article into an assigned paper. He turns the paper in as her own work A student makes a copy of a software program borrowed from another student to use on his computer at home. A student downloads a graphic file from the web to place on his own webpage. However, he does provide a link to the author’s site. A student copies a previous published story in his own handwriting and submits it as his own work. For many of us this is not difficult to figure out that these are not ethical decisions Perhaps even without technology the same or similar activity may have occurred. Because of the implementation of technology these activities are easier execute perhaps don’t seem as bad. Technology is actual the catalyst or the enabler to clouding our understanding and choices Chapter 6 – Ethics in Information Systems Slide 6

7 Chapter 6 – Ethics in Information Systems Slide 7
Virtual Vs. Real Worlds Some users view their computing actions as less serious than their actions in the “real world” Stealing software from a store – no way! …. However, SW piracy costs businesses billions of dollars per year Most of us would not pick a lock to someone’s house. However, guessing passwords to gain access to a website, information, or programs is common Sometimes the technology is not well understood. Chapter 6 – Ethics in Information Systems Slide 7

8 2. The Ten Commandments of Computer Ethics
Computer Ethics Institute Chapter 6 – Ethics in Information Systems Slide 8

9 Chapter 6 – Ethics in Information Systems Slide 9

10 3. The Four Categories of Ethical Issues
Privacy Issues involves collecting, storing and disseminating information about individuals. Accuracy Issues involves the authenticity, fidelity and accuracy of information that is collected and processed. Property Issues involves the ownership and value of information. Accessibility Issues revolve around who should have access to information and whether they should have to pay for this access. Chapter 6 – Ethics in Information Systems Slide 10

11 Chapter 6 – Ethics in Information Systems Slide 11
4. Privacy and Security Privacy - the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent. Two rules have been followed fairly closely in past court decision in many countries: The right of privacy is not absolute. Privacy must be balanced against the needs of society The public’s right to know is superior to the individual’s right of privacy. Chapter 6 – Ethics in Information Systems Slide 11

12 Chapter 6 – Ethics in Information Systems Slide 12
4.1 Privacy Violation Electronic Surveillance. مراقبة الإلكترونية The tracking of people’s activities, online or offline, with the aid of computers. Personal Information in Databases. Information about individuals is being kept in many databases: banks, utilities co., govt. agencies, …etc.; the most visible locations are credit-reporting agencies. Chapter 6 – Ethics in Information Systems Slide 12

13 Privacy violation (Cont.)
Information on Internet Bulletin Boards and Newsgroups. Electronic discussions such as chat rooms Blogs (Weblog) المدونات is an informal, personal journal that is frequently updated and intended for general public reading. Chapter 6 – Ethics in Information Systems Slide 13

14 Chapter 6 – Ethics in Information Systems
4.2 Information Security Information Security is the practice of defending information from unauthorized access, use, exposure or disclosure, disruption, modification, inspection, recording or destruction A threat to an information resource is any danger to which a system may be exposed. Chapter 6 – Ethics in Information Systems

15 Protection of Information
confidentiality, ضمان السرية integrity, ضمان سلامة البيانات authenticity, موثوقية access control, التحكم في الوصول non-repudiation, عدم التنصل availability, متاحية accountability, المساءلة authorization ترخيص/تصريح Slide 15

16 Information Security Terminology
A system’s vulnerability قابلية الإصابة is the possibility that the system will suffer harm by a threat. Risk is the likelihood that a threat will occur. Information system controls are the procedures, devices, or software aimed at preventing a compromise to the system. Chapter 6 – Ethics in Information Systems Slide 16

17 Information Security Terminology (cont.)
Cybercrimes جرائم الإنترنت are fraudulent activities committed using computers and communications networks, particularly the Internet. Chapter 6 – Ethics in Information Systems Slide 17

18 Information Security Terminology (cont.)
Hackers. القراصنة An outside person who has penetrated a computer system, usually with no criminal intent. Cracker. A malicious hacker. Social engineering. Computer criminals or corporate spies get around security systems by building an inappropriate trust relationship with insiders. Chapter 6 – Ethics in Information Systems Slide 18

19 Chapter 6 – Ethics in Information Systems Slide 19
Espionage (Spying) Espionage is the act of gaining access to the information an organization is trying to protect by an unauthorized individual. Industrial espionage occurs in areas where researching information about the competition goes beyond the legal limits. Shoulder surfing is looking at a computer monitor or ATM screen over another person’s shoulder. Chapter 6 – Ethics in Information Systems Slide 19

20 Information Extortionابتزاز
When an attacker or formerly trusted employee steal information from a computer system and then demands compensation for its return or an agreement not to disclose it. Chapter 6 – Ethics in Information Systems Slide 20

21 Chapter 6 – Ethics in Information Systems Slide 21
Cyberterrorism Cyberterrorism is a planned, politically motivated attack against information, computer systems, computer programs, and data that results in violence against civilian targets by subnational groups or secret agents. Cyberwar. الحرب الإلكترونية War in which a country’s information systems could be paralyzed from a massive attack by destructive software. Chapter 6 – Ethics in Information Systems Slide 21

22 Chapter 6 – Ethics in Information Systems Slide 22
Identity Theft Crime in which someone uses the personal information of others, usually obtained from the Internet, to create a false identity and then commits fraud. Fastest growing crime. 9 million victims in 2005. Chapter 6 – Ethics in Information Systems Slide 22

23 Chapter 6 – Ethics in Information Systems Slide 23
Software Attacks Malicious software (malware) designed to damage, destroy, or deny service to the targeted systems. Most common types of software attacks are viruses, worms, Trojan horses, logic bombs, back doors, denial-of-service, alien software, phishing and pharming. Chapter 6 – Ethics in Information Systems Slide 23

24 Software Attacks (Continued)
Viruses. Segments of computer code that performs malicious actions ranging from merely annoying to destructive. Worms. Destructive programs that replicate themselves without requiring another program to provide a safe environment for replication. Trojan horses. Software programs that hide in other computer programs and reveal their designed behavior only when they are activated. Chapter 6 – Ethics in Information Systems Slide 24

25 Software Attacks (Continued)
Logic bombs. Designed to activate and perform a destructive action at a certain time. Back doors or trap doors. Typically a password, known only to the attacker, that allows access to the system without having to go through any security. Denial-of-service. An attacker sends so many information requests to a target system that the target cannot handle them successfully and can crash the entire system. Chapter 6 – Ethics in Information Systems Slide 25

26 Chapter 6 – Ethics in Information Systems Slide 26
Alien أجنبي Software Pestware. Secret software that uses up valuable system resources and can report on your Web surfing habits and other personal information. Adware. Designed to help popup advertisements appear on your screen. Spyware. Software that gathers user information through the user’s Internet connection without their knowledge (i.e. keylogger, password capture). Chapter 6 – Ethics in Information Systems Slide 26

27 Alien Software (Continued)
Spam. Unsolicited غير المرغوب فيها , usually for purposes of advertising. Spamware. البريد المزعج Designed to use your computer as a launch pad منصة الاطلاق for spammers. Chapter 6 – Ethics in Information Systems Slide 27

28 Alien Software (Continued)
Web bugs. Small, usually invisible, graphic images that are added to a Web page or . Phishing. التصيد Uses deception to fraudulently acquire sensitive personal information such as account numbers and passwords disguised متنكر as an official-looking . Pharming. تزوير العناوين Fraudulently acquires the Domain Name for a company’s Web site and when people type in the Web site url they are redirected to a fake Web site. Chapter 6 – Ethics in Information Systems Slide 28

29 Compromises to Intellectual Property
Intellectual property. Property created by individuals or corporations which is protected under trade secret, patent, and copyright laws. Trade secret. Intellectual work, such as a business plan, that is a company secret and is not based on public information. Patent. Document that grants the holder exclusive rights on an invention or process for 20 years. Chapter 6 – Ethics in Information Systems Slide 29

30 Compromises to Intellectual Property (Cont.)
Copyright. Legal grant that provides creators of intellectual property with ownership of the property for life of the creator plus 70 years. Piracy. Copying a software program without making payment to the owner. Chapter 6 – Ethics in Information Systems Slide 30

31 Chapter 6 – Ethics in Information Systems Slide 31
Controls General controls. Established to protect the system regardless of their application. Physical controls. Physical protection of computer facilities and resources. Access controls. Restriction of unauthorized user access to computer resources; use biometrics and passwords controls for user identification. Chapter 6 – Ethics in Information Systems Slide 31

32 Chapter 6 – Ethics in Information Systems Slide 32
Controls (Continued) Communications (networks) controls. To protect the movement of data across networks and include border security controls, authentication and authorization. Firewalls. System that enforces access-control policy between two networks. Encryption. Process of converting an original message into a form that cannot be read by anyone except the intended receiver. Chapter 6 – Ethics in Information Systems Slide 32

33 Chapter 6 – Ethics in Information Systems Slide 33
Controls (Continued) Information systems auditing. Independent or unbiased observers task to ensure that information systems work properly. Audit. Examination of information systems, their inputs, outputs and processing. Types of Auditors and Audits Internal. Performed by corporate internal auditors. External. Reviews internal audit as well as the inputs, processing and outputs of information systems. Chapter 6 – Ethics in Information Systems Slide 33

34 Chapter 6 – Ethics in Information Systems Slide 34
5. Ethical Issues is completely insecure. Each you send results in at least 3 or 4 copies being stored on different computers. You can take measures to protect your . Chapter 6 – Ethics in Information Systems Slide 34

35 Email Ethical Issues (Cont.)
Be responsible enough not to waste other people’s time or bandwidth by posting unnecessarily long messages or unimportant messages and sending large attachments Promote civility. Be pleasant and polite. Although the Internet advocates freedom of speech, it does not give anyone the right to write anything he wants without minding how it will affect others. Chapter 6 – Ethics in Information Systems Slide 35

36 Email Ethical Issues (Cont.)
Use descriptive subject lines for your messages as a courtesy to your reader - to help people organize and prioritize their messages. Let the recipient know who is sending the message. From: or end your messages with your name Signature Chapter 6 – Ethics in Information Systems Slide 36

37 Email Ethical Issues (Cont.)
When forwarding messages: Check the reliability of the source of a forwarded message and the accuracy of the message or story before passing it on. Do not unnecessarily alarm people, waste their precious time, and clog (block) the network. Clean up your messages before you forward them. Take out unnecessary header information and forwarding symbols (usually the > sign). Retain only those that are important to your recipient. Choose the recipients of your forwarded message. Chapter 6 – Ethics in Information Systems Slide 37

38 6. Computer Law In most countries there is a considerable body of law that can apply to computer professionals Contract Law Intellectual Property Law Data Protection Law Computer Misuse Law Computer Evidence Chapter 6 – Ethics in Information Systems

39 Contract Law Contractors versus employees Contractual duties
Intellectual property Package licensing versus specially made software Contractual duties Fidelity (loyalty) Confidence You CANNOT contract out of “reasonable” liabilities التزامات Chapter 6 – Ethics in Information Systems

40 Intellectual Property Law
Moral rights Right of integrity (honesty) Copyright Protects original works, sound recordings, typographical layouts Patents Protect ideas which are novel and not obvious Design rights Protect designs such as circuit board layout Chapter 6 – Ethics in Information Systems

41 Data Protection Law The subject of personal data has the right to view and correct that data Personal data should be accurate, adequate, relevant and kept up to date Personal data should not be kept for longer than is necessary Appropriate technical and organisational measures should be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of personal data Chapter 6 – Ethics in Information Systems

42 Computer Misuse Law Unauthorised access Unauthorised modification
Systems Networks Programs Data Unauthorised modification Editing Deleting Chapter 6 – Ethics in Information Systems

43 Computer Evidence Rules govern what evidence is permissible in courts of law Viewing log files with an editor after an intrusion will invalidate the logs as evidence They might have been altered after the event Following audit trails back to the place of origin of an attack is a task for specialists Amateurs هواة could invalidate evidence Chapter 6 – Ethics in Information Systems

44 Some Comments The law is constantly changing and never as simple as it seems You should try to be familiar with the law to protect yourself Even so, you DO need the help of someone with formal training when dealing with legal issues Chapter 6 – Ethics in Information Systems

45 Chapter 6 – Ethics in Information Systems Slide 45
7. Summary Ethics in the Digital World The Ten Commandments of Computer Ethics Privacy Compromises to Intellectual Property Ethical Issues Computer Law Chapter 6 – Ethics in Information Systems Slide 45

Download ppt "Fundamentals & Ethics of Information Systems IS 201"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Pertemuan -26 Matakuliah: M0304/Corporate Information System Management Tahun: 2008.

Pertemuan -26 Matakuliah: M0304/Corporate Information System Management Tahun: 2008.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.

Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
CHAPTER 3 Ethics, Privacy and Information Security.

CHAPTER 3 Ethics, Privacy and Information Security.
Mata Kuliah: M0014 / Konsep Sistem Informasi Tahun : 2008 Pertemuan 14 Chapter 03 : Ethics, Privacy, and Information Security.

Mata Kuliah: M0014 / Konsep Sistem Informasi Tahun : 2008 Pertemuan 14 Chapter 03 : Ethics, Privacy, and Information Security.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Wonga example Register Question- What risks do you think businesses face due to IT developments?

Wonga example Register Question- What risks do you think businesses face due to IT developments?
Discovering Computers 2010

Discovering Computers 2010
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
Issues Raised by ICT.

Issues Raised by ICT.
Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.

Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Similar presentations

Ads by Google