security and ethical challenges chapter 11 copyright © 2010 by the mcgraw-hill companies, inc. all...
TRANSCRIPT
![Page 1: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/1.jpg)
Security and Ethical Challenges
Chapter 11
Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin
![Page 2: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/2.jpg)
11-2
Learning Objectives
Identify several ethical issues regarding how the use of information technologies in business affects– Employment– Individuality– Working conditions– Privacy– Crime– Health– Solutions to societal problems
![Page 3: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/3.jpg)
11-3
Learning Objectives
Identify several types of security management strategies and defenses– Explain how they can be used to ensure the
security of business applications of information technology
Propose ways that business managers and professionals can help lessen the harmful effects, and increase the beneficial effects, of the use of information technology
![Page 4: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/4.jpg)
11-4
IT Security, Ethics, and Society
Information technology has both beneficial and detrimental effects on society and people
Information technology has both beneficial and detrimental effects on society and people
Manage work activitiesto minimize the detrimental effects
Strive tooptimize the beneficial effects
![Page 5: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/5.jpg)
11-5
Business Ethics
Ethical responsibilities of business professionals
Promote ethical uses of information technology
Accept the ethical responsibilities of your job
Properly perform your role as a human resource
Consider the ethical dimensionsof activities and decisions
![Page 6: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/6.jpg)
11-6
IT Security, Ethics, and Society
![Page 7: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/7.jpg)
11-7
Categories of Ethical Business Issues
![Page 8: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/8.jpg)
11-8
Corporate Social Responsibility Theories
Stockholder Theory
Stockholder Theory
Social Contract Theory
Social Contract Theory
Stakeholder Theory
Stakeholder Theory
Managers are agents of
stockholders. Their ethical
responsibility is to increase
profits without violating laws or
engaging in fraud
Companies have an ethical
responsibility to all members of
society
Managers have an ethical
responsibility to manage a firm for the benefit
of all its stakeholders
![Page 9: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/9.jpg)
11-9
Principles of Technology Ethics
![Page 10: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/10.jpg)
11-10
Ethical Guidelines of the AITP
![Page 11: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/11.jpg)
11-11
Responsible Professional Guidelines
A responsible professional
Acts with integrity
Increases personal competence
Sets high standards of personal performance
Accepts responsibility for his/her work
Advances the health, privacy, and general welfare of the public
![Page 12: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/12.jpg)
11-12
Computer Crime
– Unauthorized use, access, modification, or destruction of hardware, software, data, or network resources
– The unauthorized release of information– The unauthorized copying of software– Denying an end user access to his/her own
hardware, software, data, or network resources
– Using or conspiring to use computer or network resources illegally to obtain information or tangible property
![Page 13: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/13.jpg)
11-13
Corporate Protection Mechanisms
![Page 14: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/14.jpg)
11-14
Hacking
Hacking
The obsessive use of computers
Unauthorized access/use of networked computers
Breaking and Entering
Hacking into a computer system and reading files, but neither stealing nor damaging anything
Cracker
A malicious or criminal hacker who maintainsknowledge of vulnerabilities found for private advantage
![Page 15: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/15.jpg)
11-15
Common Hacking Tactics
![Page 16: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/16.jpg)
11-16
Cyber Theft
Many computer crimes involve theft of moneyMany computer crimes involve theft of money
Most are “inside jobs” that involve unauthorized network entry and alteration of databases to cover
the tracks of the employees involved
Many attacks occur through the Internet
Most companies don’t reveal that they have been targets or victims of cyber crime
![Page 17: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/17.jpg)
11-17
Cyberterrorism
The leveraging of an organization’s or government’s computers and information– Particularly through the Internet
– To cause physical, real-world harm or severe disruption of infrastructure
Can have serious, large-scale influence– Can weaken a country’s economy
– Can affect Internet-based businesses
![Page 18: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/18.jpg)
11-18
Cyberterrorism
Life-support at Antarctic research station turned off
Release of untreated sewage into waterways
Examples of Cyberterrorism
Nonessential systems shut down in nuclear power plants
Estonian government ministry and banks knocked offline
No successful attacks reported yet in the U.S.
![Page 19: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/19.jpg)
11-19
Unauthorized Use at Work
Unauthorized use of computer systems and networks is time and resource theft– Doing private consulting– Doing personal finances– Playing video games– Unauthorized use of Internet or company
networks
Sniffers– Monitor network traffic or capacity to find
evidence of improper use
![Page 20: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/20.jpg)
11-20
Internet Abuses in the Workplace
General emailabuses
Plagiarism
Unauthorizeduse and access
Newsgrouppostings
Copyrightinfringement
Transmission ofconfidential data
Moonlighting
Hacking
Use ofexternal ISPs
Pornography
Leisure useof Internet
Non-work-relateddownloads or
upload
![Page 21: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/21.jpg)
11-21
Software Piracy
Software Piracy– Unauthorized copying of computer programs
Licensing– Purchasing software is really a payment
for a license for fair use
– Site license allows a certain number of copies
– Public domain software is not copyrighted
A third of the software industry’s revenues are lost to piracy
![Page 22: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/22.jpg)
11-22
Theft of Intellectual Property
Intellectual Property– Copyrighted material– Includes music, videos, images, articles, books,
and software
Copyright Infringement is Illegal– Peer-to-peer networking techniques have made
it easy to trade pirated intellectual property
Publishers Offer Inexpensive Online Music– Illegal downloading of music and video is
down and continues to drop
![Page 23: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/23.jpg)
11-23
Viruses and Worms
A virus is a program that cannot work without being inserted into another program– A worm is a distinct program that can run unaided
These programs copy annoying or destructive routines into networked computers– Copy routines spread the virus
Commonly transmitted through– The Internet and online services– Email and file attachments– Disks from contaminated computers– Shareware
![Page 24: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/24.jpg)
11-24
Top Five Virus Families of all Time
My Doom, 2004– Spread via email and over Kazaa file-sharing
network– Installs a back door on infected computers– Infected email poses as returned message
or one that can’t be opened correctly, urging recipient to click on attachment
– Opens up TCP ports that stay open even after termination of the worm
– Upon execution, Notepad is opened, filled with nonsense characters
![Page 25: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/25.jpg)
11-25
Top Five Virus Families of all Time
Netsky, 2004– Mass-mailing worm that spreads by emailing
itself to all email addresses found on infected computers
– Tries to spread via peer-to-peer file sharing by copying itself into the shared folder
– Renames itself to pose as one of 26 other common files along the way
![Page 26: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/26.jpg)
11-26
Top Five Virus Families of all Time
SoBig, 2003– Mass-mailing email worm that arrives as
an attachmentExamples: Movie_0074.mpg.pif, Document003.pif
– Scans all .WAB, .WBX, .HTML, .EML, and .TXT files looking for email addresses to which it can send itself
– Also attempts to download updates for itself
![Page 27: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/27.jpg)
11-27
Top Five Virus Families of all Time
Klez, 2002– Mass-mailing email worm that arrives
with a randomly named attachment– Exploits a known vulnerability in MS
Outlook to auto-execute on unpatched clients– Tries to disable virus scanners and then copy
itself to all local and networked drives with a random file name
– Deletes all files on the infected machine and any mapped network drives on the 13th of all even-numbered months
![Page 28: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/28.jpg)
11-28
Top Five Virus Families of all Time
Sasser, 2004– Exploits a Microsoft vulnerability to spread
from computer to computer with no user intervention
– Spawns multiple threads that scan local subnets for vulnerabilities
![Page 29: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/29.jpg)
11-29
The Cost of Viruses, Trojans, Worms
Cost of the Top Five Virus Families
115 million computers in 200 countries infected in 2004
Up to 11 million computers permanently infected
Total economic damage was $166 to $202 billion in 2004
Average damage per computer is $277 to $366
![Page 30: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/30.jpg)
11-30
Adware and Spyware
AdwareAdware
1. Software that purports to serve a useful purpose, and often does
2. Allows advertisers to display pop-up and banner ads without the consent of the computer user
1. Software that purports to serve a useful purpose, and often does
2. Allows advertisers to display pop-up and banner ads without the consent of the computer user
SpywareSpyware
1. Adware that uses an Internet connection in the background, without the user’s permission or knowledge
2. Captures information about the user and sends it over the Internet
1. Adware that uses an Internet connection in the background, without the user’s permission or knowledge
2. Captures information about the user and sends it over the Internet
![Page 31: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/31.jpg)
11-31
Spyware Problems
Spyware can steal private information and…– Add advertising links to Web pages– Redirect affiliate payments– Change a users home page and search
settings– Make a modem randomly call premium-rate
phone numbers– Leave security holes that let Trojans in– Degrade system performance
Spyware often can’t be eliminated
![Page 32: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/32.jpg)
11-32
Privacy Issues
The power of information technology to store and retrieve information can have a negative effect on every individual’s right to privacy– Personal information is collected with every
visit to a Web site– Confidential information stored by credit
bureaus, credit card companies, and the government has been stolen or misused
![Page 33: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/33.jpg)
11-33
Opt-in Versus Opt-out
Opt-In
You must explicitly consent to allow data to be compiled about you
This is the default in Europe
Opt-Out
Data can be compiled about you unless you specifically request that it not be
This is the default in the U.S.
![Page 34: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/34.jpg)
11-34
Additional Privacy Issues
Violation of Privacy– Accessing individuals’ private email
conversations and computer records– Collecting and sharing information about
individuals gained from their visits to Internet websites
Computer Monitoring– Always knowing where a person is– Mobile and paging services are becoming
more closely associated with people than with places
![Page 35: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/35.jpg)
11-35
Privacy Issues
Computer Matching– Using customer information gained from many
sources to market additional business services
Unauthorized Access of Personal Files– Collecting telephone numbers, email
addresses, credit card numbers, and other information to build customer profiles
![Page 36: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/36.jpg)
11-36
Protecting Your Privacy on the Internet
Ways to protect your privacy– Encrypt email– Send newsgroup postings through anonymous
remailers– Ask your ISP not to sell your name and
information to mailing list providers and other marketers
– Don’t reveal personal data and interests on online service and website user profiles
![Page 37: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/37.jpg)
11-37
Computer Matching and Profiling
Unauthorized information about you sold to information brokers or other companies
Barrage of unsolicited promotionalmaterial and sales contacts
Individuals mistakenly arrested and jailed
Problems caused by mistakes in profiling and computer matching of personal data
Privacy violations
![Page 38: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/38.jpg)
11-38
Privacy Laws
Electronic Communications Privacy Act and Computer Fraud and Abuse Act– Prohibit intercepting data communications
messages, stealing or destroying data, or trespassing in federal computer systems
U.S. Computer Matching and Privacy Act– Regulates the matching of data held in
federal agency files to verify eligibility for federal programs
![Page 39: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/39.jpg)
11-39
Privacy Laws
Other laws impacting privacy and howmuch a company spends on compliance
Sarbanes-Oxley
Health Insurance Portability & Accountability Act (HIPAA)
Gramm-Leach-Bliley
USA PATRIOT Act
California Security Breach Law
Securities and Exchange Commission rule 17a-4
![Page 40: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/40.jpg)
11-40
Computer Libel and Censorship
The opposite side of the privacy debate… – Freedom of information, speech, and press
Biggest battlegrounds– Bulletin boards– Email boxes– Online files of Internet and public networks
Weapons used in this battle– Spamming– Flame mail– Libel laws– Censorship
![Page 41: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/41.jpg)
11-41
Computer Libel and Censorship
Spamming
Indiscriminate sending of unsolicited email messages to many Internet users
Flaming
Sending extremely critical, derogatory, and often vulgar email messages or newsgroup postings to other Internet users or online services
Especially prevalent on special-interest newsgroups
![Page 42: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/42.jpg)
11-42
Cyberlaw
Laws intended to regulate activities over the Internet via electronic communication devices
Encompasses a wide varietyof legal and political issues
Includes intellectual property, privacy,freedom of expression, and jurisdiction
![Page 43: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/43.jpg)
11-43
Cyberlaw
The intersection of technology and the law is controversial– Some feel the Internet should not be regulated– Encryption and cryptography make traditional
form of regulation difficult– The Internet treats censorship as damage and
simply routes around it
Cyberlaw only began to emerge in 1996– Debate continues regarding the applicability
of legal principles derived from issues that had nothing to do with cyberspace
![Page 44: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/44.jpg)
11-44
Other Challenges
Employment– IT creates new jobs and increases productivity
– It can also cause significant reductions in job opportunities, as well as requiring new job skills
Computer Monitoring– Using computers to monitor the productivity
and behavior of employees as they work
– Criticized as unethical; it monitors individuals, not just work, and is done constantly
– Criticized as invasion of privacy because many employees do not know they are being monitored
![Page 45: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/45.jpg)
11-45
Other Challenges
IT has eliminated monotonous or obnoxious tasks
Working Conditions
But, some skilled craftsperson jobs have been replaced by jobs requiring routine, repetitive tasks or standby roles
Dehumanizes and depersonalizes activities because computers eliminate human relationships
Inflexible systems
Individuality
![Page 46: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/46.jpg)
11-46
Health Issues
Cumulative Trauma Disorders (CTDs)
Disorders suffered by people who sit at a PC or terminal and do fast-paced repetitive keystroke jobs
Painful, crippling ailment of the hand and wrist
Typically requires surgery to cure
Carpal Tunnel Syndrome
![Page 47: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/47.jpg)
11-47
Ergonomics
Designing healthy work environments
Safe, comfortable,
pleasant place for
people to work
Safe, comfortable,
pleasant place for
people to work
Increases employee
morale and productivity
Increases employee
morale and productivity
Also called human factors
engineering
Also called human factors
engineering
![Page 48: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/48.jpg)
11-48
Ergonomic Factors
![Page 49: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/49.jpg)
11-49
Societal Solutions
Using information technologies to
solve human and social problems
Medical diagnosis
Computer-assisted instruction
Government program planning
Environmental quality control
Law enforcement
Job placement
![Page 50: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/50.jpg)
11-50
Societal Solutions
Detrimental effects of information technology– Often caused by individuals or organizations
not accepting ethical responsibility for their actions
![Page 51: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/51.jpg)
11-51
Security Management of IT
The Internet was developed for inter-operability, not impenetrability– Business managers and professionals alike are
responsible for the security, quality, and performance of business information systems
– Hardware, software, networks, and data resources must be protected by a variety of security measures
![Page 52: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/52.jpg)
11-52
Security Management
The goal of securitymanagement is the accuracy, integrity, and safety of allinformation system processes and resources
![Page 53: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/53.jpg)
11-53
Internetworked Security Defenses
Encryption– Data is transmitted in scrambled form– It is unscrambled by computer systems for
authorized users only– The most widely used method uses a pair
of public and private keys unique to each individual
![Page 54: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/54.jpg)
11-54
Public/Private Key Encryption
![Page 55: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/55.jpg)
11-55
Internetworked Security Defenses
Firewalls
Gatekeeper system that protects a company’s intranets and other computer networks
from intrusion
Provides a filter and safe transfer point for access to/from the Internet and other networks
Important for individuals who connect to the Internet with DSL or cable modems
Can deter hacking, but can’t prevent it
![Page 56: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/56.jpg)
11-56
Internet and Intranet Firewalls
![Page 57: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/57.jpg)
11-57
Denial of Service Attacks
The victim’s ISPThe victim’s ISP
The victim’s websiteThe victim’s website
Zombie or slave computers commandeered by
cyber criminals
Zombie or slave computers commandeered by
cyber criminals
Denial of service attacks
depend on three layers
of networked computer systems
Denial of service attacks
depend on three layers
of networked computer systems
![Page 58: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/58.jpg)
11-58
Defending Against Denial of Service
At victim’s Website Create backup servers and network connections
At the ISP Monitor & block traffic spikes
At Zombie machines Set/enforce security policies
Scan for vulnerabilities
![Page 59: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/59.jpg)
11-59
Internetworked Security Defenses
Email Monitoring– Use content monitoring software to scan
for troublesome words
Virus Defenses– Centralize the updating and distribution of
antivirus software– Use a security suite that integrates virus
protection with firewalls, Web security, and content blocking features
![Page 60: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/60.jpg)
11-60
Other Security Measures
Security Codes– Multilevel password system– Encrypted passwords– Smart cards with microprocessors
Backup Files– Duplicate files of data or programs
Security Monitors– Monitor the use of computers and networks– Protects them from unauthorized use, fraud,
and destruction
![Page 61: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/61.jpg)
11-61
Other Security Measures
Computer devices measure physical traits that make each individual unique
Voice recognition, fingerprints, retina scan
Biometrics
Prevents computer failures or minimizes its effects
Preventive maintenance
Computer Failure Controls
Arrange backups with a disaster recover organization
![Page 62: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/62.jpg)
11-62
Other Security Measures
In the event of a system failure, fault-tolerant systems have redundant processors, peripherals, and software– Fail-over: shifts to back up components– Fail-safe: the system continues to operate at
the same level– Fail-soft: the system continues to operate at
a reduced but acceptable level
![Page 63: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/63.jpg)
11-63
Other Security Measures
A disaster recovery plan contains formalizedprocedures to follow in the event of a disaster
Which employees will participate
What their duties will be
What hardware, software, and facilities will be used
Priority of applications that will be processed
Use of alternative facilities
Offsite storage of databases
![Page 64: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/64.jpg)
11-64
Information System Controls
![Page 65: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/65.jpg)
11-65
Auditing IT Security
IT Security Audits– Performed by internal or external auditors– Review and evaluation of security measures
and management policies– Goal is to ensure that that proper and
adequate measures and policies are in place
![Page 66: Security and Ethical Challenges Chapter 11 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin](https://reader034.vdocuments.us/reader034/viewer/2022051618/56649f435503460f94c62bb4/html5/thumbnails/66.jpg)
11-66
Protecting Yourself from Cyber Crime