Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senn’s Information Technology, 3 rd Edition Chapter 14 Issues in Information.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senn’s Information Technology, 3 rd Edition Chapter 14 Issues in Information."— Presentation transcript:

1 1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senn’s Information Technology, 3 rd Edition Chapter 14 Issues in Information Technology

2 2 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Objectives Identify the types of security breaches an enterprise should protect against and describe the five results that might occur if it does not. Describe the most likely sources of security breaches. Describe 10 ways to protect a system against intrusion.

3 3 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Objectives (Continued) Describe the six categories of security measures and identify those most effective in protecting against intrusion. Identify the two methods of virus detection used by virus detection software. Explain the IT professional’s obligation to provide continued access to computers and networks, and describe the four methods used to ensure IT reliability.

4 4 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Objectives (Continued) Explain how the term privacy applies to information technology and why privacy is an important issue today. Describe the importance of ethics in the use of information technology, and identify seven ethical issues associated with the use of IT in business. Discuss the legal issues surrounding software piracy and three methods that have been used to prevent software piracy.

5 5 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Objectives (Continued) Describe the concern over piracy of digital content.

6 6 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security What is Security? Breach: A breakdown in security. Security: Safeguarding and protecting an enterprise’s information technology assets. –Site Security –Resource Security –Network Security –Service Security

7 7 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Definition Security Program: The policies and protective measures that will be used, the responsibilities of individuals involved in maintaining security, as well as the responsibilities of those who abide by established security policies. Harden: Designing a security program to a potential IT target, making the level of effort greater than the value of breaking into a system, network, or facility.

8 8 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Types of Security Breach Intrusion: Forced and unauthorized entry into a system. Interception: Aimed at preventing the capture of data and information transmitted over an enterprise network or other communications link.

9 9 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Results of Security Breach Destruction of Resources Corruption of Data and Applications Denial of Services Theft of Services Theft of Resources

10 10 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Results of Security Breach (Continued) Denial-of-Services Attack: Depriving, usually intentionally and temporarily, an enterprise or its users of the services they would normally expect to have, usually involving a network service (such as e-mail) or access to a location on the network (such as a Web site).

11 11 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Sources of Security Breach Employees –Identify Theft: Loss of personal identity through a security breach. Hacker: A person who gains access to a system illegally.

12 12 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Sources of Security Breach (Continued) Terrorist: Someone who conducts a “premeditated, politically motivated attack against information, computer systems, computer programs, and data, which results in violence against non-combatant targets by sub-national groups or clandestine agent.” –Cyberterrorism: Terrorist attack on computer facilities in companies that rely on IT to produce their services.

13 13 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Sources of Security Breach (Continued) Computer Viruses Virus: A hidden program that alters without the user’s knowledge, the way a computer operates or that modifies the data and programs stored on the computer.

14 14 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Sources of Security Breach (Continued)

15 15 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures General Security Policies and Procedures –Change access passwords frequently –Restrict system use –Limit access to data –Set up physical access controls –Partition responsibilities –Encrypt data –Establish procedural controls –Institute educational programs –Audit system activities –Log all transactions and user activities

16 16 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures (Continued)

17 17 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures (Continued) Virus Protection Software Digital Signatures –Digital Signature Encryption: Relies on a mathematical coding scheme designed to foil a virus’s attempt to attack programs and data. Encryption

18 18 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures (Continued)

19 19 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Methods of Encryption Public Key Infrastructure (PKI): A public key is made available in a directory that all parties can search. Thus a sender wishing to transmit a secured message searches a digital certificate directory to find the recipient’s public key, using it to encrypt the message. –Secure Electronic Transaction (SET): An adaptation of public key encryption and the digital certificate (which the industry calls an electronic wallet) for securing financial transactions over the Internet.

20 20 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Methods of Encryption (Continued) Pretty Good Privacy (PGP): A program used to encrypt and decrypt e-mail and to encrypt digital signatures, so the recipient knows the transmission was not changed along the way. Virtual Private Network (VPN): A way to use a public telecommunication infrastructure, such as the Internet, to provide secure communication between individuals or client computers at remote locations and an enterprise network.

21 21 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Methods of Encryption (Continued) Virtual Private Network –Tunneling Protocols: By encrypting data at the sending end and decrypting it at the receiving end, the protocols send the data (and if an enterprise chooses, the originating and receiving network addresses as well) through a tunnel that cannot be entered by data that is not properly encrypted.

22 22 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures Firewall: A special-purpose software program located at a network gateway server. Proxy Server: Act as an intermediary between a PC and the Internet, separating an enterprise network from an outside network.

23 23 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures

24 24 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures

25 25 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures

26 26 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Security Security Measures

27 27 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Reliability Definition Reliability: The assurance that computers and communications systems will do what they should when they should.

28 28 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Reliability Ensuring IT Service Reliability Fault-tolerant Computer: A computer designed with duplicate components to ensure reliability. Uninterruptible Power Supply (UPS) System: A system that ensures the continued flow of electricity when the primary source of power fails. Disaster Recovery Plan: A procedure for restoring data lost when a system stops functioning.

29 29 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Reliability Ensuring IT Service Reliability Off-site Backup Facility: A backup computer center located away from a company’s main facility. –Hot Site: A fully equipped backup computer center to which a company can take its backup copies of data and software and resume processing. –Cold Site: A backup facility outfitted with electrical power and environmental controls so that it is ready for a company to install a computer system.

30 30 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Reliability Ensuring IT Service Reliability

31 31 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Privacy What is Privacy? Privacy: In IT, the term used to refer to how personal information is collected, used, and protected.

32 32 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Privacy Spam and Privacy Spam: Unsolicited e-mail. Opt-in E-mail/Permission-based E-mail: If customers check a box agreeing to receive postings about the company’s products, they have actually given approval for the mailing.

33 33 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Ethics Definition Ethics: The standards of conduct and moral behavior that people are expected to follow.

34 34 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Ethics Ethics and IT Usage in Business E-mail Privacy Software Licenses Software Copyrights Hardware Access Intellectual Property Ownership

35 35 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Ethics Ethics and IT Usage in Business File Access Data Ownership

36 36 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Ethics An Ethics Challenge Developing a Code of Ethics –Informed Consent –The Higher Ethic –Most Restrictive Action –Kantian Universality Rule –Descartes’ Change in Rule –The Owner’s Conservative Rule –The User’s Conservative Rule

37 37 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Ethics An Ethics Challenge Social Responsibility: The concept that businesses need to balance their commitments to investors, employees, customers, other businesses, and the communities in which they operate.

38 38 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Digital Piracy Definition Digital Piracy: The making of illegal copies of copyrighted information.

39 39 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Digital Piracy Protecting Against Software Piracy Software Piracy: The making of illegal copies of software. Software Copyright Protection –Copyright: Legal protection of original works against unauthorized use, including duplication. Copy Protection: A software protection scheme that defeats attempts to copy a program or makes the copies software unreliable.

40 40 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Digital Piracy Protecting Against Software Piracy Software Site Licensing –Site License: An agreement under which a software purchaser pays a fee to the manufacturer to make a specified number of copies of a particular program.

41 41 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall Digital Piracy Public Domain Software Public Domain Software: Any noncopyrighted software that can be used by the general public. Shareware: Software that is given away and freely distributed. The developer retains ownership, asks users to register with the owner, and requests a nominal fee for using the program.

Download ppt "1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senn’s Information Technology, 3 rd Edition Chapter 14 Issues in Information."

Similar presentations

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.

1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Similar presentations

Ads by Google