© , David Gadish, Ph.D.1 Management Information Systems CIS 301 Spring 2006 Week 9 Lectures Dr. David Gadish

© , David Gadish, Ph.D.2 Week 8 Review  More student introductions  IT Infrastructures - Business-Driven Technology (Chap 7)  Computer Crime and Forensics (ELM-H)

© , David Gadish, Ph.D.3 Week 9 Overview  More student introductions  Protecting People and Information – threats and Safeguards (Chap 8)  Building an e-Portfolio (ELM-I)

4 Protecting People and information – Threats and Safeguards Chapter 8

© , David Gadish, Ph.D.5 Presentation  Ethics  Privacy  Information  Security

© , David Gadish, Ph.D.6  To handle information in a responsible way you must understand: –The importance of ethics in the ownership and use of information. –The importance to people of personal privacy and the ways in which it can be compromised. –The value of information to an organization. –Threats to information and how to protect against them (security). Introduction

© , David Gadish, Ph.D.7 Introduction

© , David Gadish, Ph.D.8 Ethics  Ethics - the principles and standards that guide our behavior toward other people.

© , David Gadish, Ph.D.9 Ethics Two Factors That Determine How You Decide Ethical Issues 1. Your basic ethical structure, which you developed as you grew up. 2. The set of practical circumstances involved in the decision that you’re trying to make — that is, all the shades of gray in what are rarely black or white decisions.

© , David Gadish, Ph.D.10 Ethics Two Factors That Determine How You Decide Ethical Issues

© , David Gadish, Ph.D.11 Ethics Two Factors That Determine How You Decide Ethical Issues  The practical circumstances surrounding decisions include: 1.Consequences - how much or how little benefit or harm will come from a particular decision? 2.Society’s opinion - what is your perception of what society really thinks of your intended action? 3.Likelihood of effect - what is the probability of the harm or benefit that will occur if you take the action?

© , David Gadish, Ph.D.12 Ethics Two Factors That Determine How You Decide Ethical Issues 4.Time to consequences - what length of time will it take for the benefit or harm to take effect? 5.Relatedness - how much do you identify with the person or persons who will receive the benefit or suffer the harm? 6.Reach of result - how many people will be affected by your action?

© , David Gadish, Ph.D.13 Ethics Guidelines for Ethical Computer System Use  The four quadrants of ethical and legal behavior.  Try to stay in quadrant I.

© , David Gadish, Ph.D.14 Ethics Intellectual Property  Intellectual property - intangible creative work that is embodied in physical form.  Copyright - the legal protection afforded an expression of an idea, such as a song, video game, and some types of proprietary documents.

© , David Gadish, Ph.D.15 Ethics Intellectual Property  Fair Use Doctrine - says that you may use copyrighted material in certain situations — for example, in the creation of new work or, within certain limits, for teaching purposes.  Pirated software - the unauthorized use, duplication, distribution or sale of copyrighted software.

© , David Gadish, Ph.D.16 Ethics Intellectual Property  Counterfeit software - software that is manufactured to look like the real thing and sold as such.

© , David Gadish, Ph.D.17 Privacy  Privacy - the right to: –be left alone when you want to be –have control over your own personal possessions –not to be observed without your consent

© , David Gadish, Ph.D.18 Privacy Privacy and Other Individuals  Key logger, or key trapper, software, -a program, when installed on a computer, records every keystroke and mouse click.

© , David Gadish, Ph.D.19 Privacy Privacy and Other Individuals  is completely insecure.  Each you send results in at least 3 or 4 copies being stored on different computers.  You can take measures to protect your e- mail.

© , David Gadish, Ph.D.20 Privacy Privacy and Other Individuals

© , David Gadish, Ph.D.21 Privacy Privacy and Employees  Companies need information about their employees and customers to be effective in the marketplace.  In 2001, 63% of companies monitored employee Internet connections including about two-thirds of the 60 billion electronic messages sent by 40 million users.

© , David Gadish, Ph.D.22 Privacy Privacy and Employees  Good reasons for seeking and storing personal information on employees. –Hire the best people possible and avoid being sued for failing to adequately investigate backgrounds. –Ensure staff members are conducting themselves appropriately. –Held liable for the actions of employees.

© , David Gadish, Ph.D.23 Privacy Privacy and Employees  Hardware key logger - a hardware device that captures keystrokes on their journey from the keyboard to the motherboard.

© , David Gadish, Ph.D.24 Privacy Privacy and Consumers  Customers want businesses to: –Know who they are, but they want them to leave them alone. –Provide what they want, but they don’t want businesses knowing too much about their habits and preferences. –Tell them about products and services they might like to have, but don’t want to be inundated with ads.

© , David Gadish, Ph.D.25 Privacy Privacy and Consumers  Cookie - a small record deposited on your hard disk by a Web site containing information about you and your Web activities.  Adware - software to generate ads that installs itself on your computer when you download some other (usually free) program from the Web.  Trojan-horse software - software you don’t want, hidden inside software you do want.

© , David Gadish, Ph.D.26 Privacy Privacy and Consumers Adware

© , David Gadish, Ph.D.27 Privacy Privacy and Consumers  Spyware (also called sneakware or stealthware) - software that comes hidden in free downloadable software and tracks your online movements, mines the information stored on your computer, or uses your computer’s CPU and storage for some task you know nothing about.

© , David Gadish, Ph.D.28 Privacy Privacy and Consumers  Web log - consists of one line of information for every visitor to a Web site and is usually stored on a Web server.  Clickstream - records information about you during a Web surfing session such as what Web sites you visited, how long you were there, what ads you looked at, and what you bought.  Anonymous Web browsing (AWB) services - hides your identity from the Web sites you visit.

© , David Gadish, Ph.D.29 Privacy Privacy and Government Agencies  Government agencies have about 2,000 databases containing personal information on individuals (…much much more…).  The various branches of government need information to administer entitlement programs, such as social security, welfare, student loans, law enforcement, and so on.

© , David Gadish, Ph.D.30 Privacy Privacy and Government Agencies  Law enforcement –NCIC (National Crime Information Center) –FBI’s Carnivore or DCS-1000 Magic Lantern (software key logger) –NSA (National Security Agency) Echelon

© , David Gadish, Ph.D.31 Privacy Privacy and Government Agencies  Other Federal agencies –IRS –Census bureau –Student loan services –Social security –Welfare records

© , David Gadish, Ph.D.32 Privacy Privacy and International Trade  Safe-harbor principles - a set of rules to which U.S. businesses that want to trade with the European Union (EU) must adhere.

© , David Gadish, Ph.D.33 Privacy Privacy and International Trade  The rights granted to EU citizens include the consumer’s right to: –Know the marketer’s source of information. –Check personal identifiable information for accuracy. –Correct any incorrect information. –Specify that information can’t be transferred to a third party without the consumer’s consent. –Know the purpose for which the information is being collected.

© , David Gadish, Ph.D.34 Privacy Laws on Privacy  The Health Insurance Portability and Accountability (HIPAA) act seeks to: –Limit release and use of health information. –Right to access your medical records. –Specify circumstances of access. –Disclosure if recipient signs protection agreement.

© , David Gadish, Ph.D.35 Privacy Laws on Privacy

© , David Gadish, Ph.D.36 Information

© , David Gadish, Ph.D.37 Information Information as Raw Material  Raw materials are the components from which a product is made.  Wood, glue, and screws are raw materials for a chair.  Almost everything you buy has information as part of the product.  The most successful companies place the highest value on information.

© , David Gadish, Ph.D.38 Information Information as Capital  Capital is the asset you use to produce a product or service.  Buildings, trucks, and machinery are assets.  Information is capital since it is used by companies to provide products and services.

© , David Gadish, Ph.D.39 Security Security and Employees  Most of the press reports are about outside attacks on computer systems, but actually, companies are in far more danger of losing money from employee misconduct than they are from outsiders.  White-collar crime accounts for about $400 billion in losses every year.

© , David Gadish, Ph.D.40 Security Security and Employees

© , David Gadish, Ph.D.41 Security Security and Collaboration Partners  If you use collaboration systems, representatives of other companies can gain access to your systems.  Grid computing - harnesses far-flung computers together by way of the Internet or a virtual private network to share CPU power, databases, and database storage.

© , David Gadish, Ph.D.42 Security Security and Outside Threats  85% of large companies and governmental agencies were broken into during  Hackers - very knowledgeable computer users who use their knowledge to invade other people’s computers.

© , David Gadish, Ph.D.43 Security Security and Outside Threats

© , David Gadish, Ph.D.44 Security Security and Outside Threats  Computer virus (or simply a virus) - is software that is written with malicious intent to cause annoyance or damage.  Worm - a type of virus that spreads itself, not just from file to file, but from computer to computer via and other Internet traffic.  Denial-of-service attack (DoS) - floods a Web site with so many requests for service that it slows down or crashes.

© , David Gadish, Ph.D.45 Security Security and Outside Threats

© , David Gadish, Ph.D.46 Security Security and Outside Threats  Computer viruses can’t: –Hurt your hardware (i.e. monitors, printers, or processor.) –Hurt any files they weren’t designed to attack. –Infect files on write-protected disks.

© , David Gadish, Ph.D.47 Security Security Precautions  Risk management - consists of the identification of risks or threats, the implementation of security measures, and the monitoring of those measures for effectiveness.

© , David Gadish, Ph.D.48 Security Security Precautions  Risk assessment - the process of evaluating IT assets, their importance to the organization, and their susceptibility to threats, to measure the risk exposure of these assets.  Risk assessment asks: –What can go wrong? –How likely is it to go wrong? –What are the possible consequences if it does go wrong?

© , David Gadish, Ph.D.49 Security Security Precautions  Backup - the process of making a copy of the information stored on a computer.  Anti-virus software - detects and removes or quarantines computer viruses.  Firewall - hardware and/or software that protects computers from intruders.

© , David Gadish, Ph.D.50 Security Security Precautions  Biometrics - the use of physical characteristics — such as your fingerprint, the blood vessels in the retina of your eye, the sound of your voice, or perhaps even your breath — to provide identification.

© , David Gadish, Ph.D.51 Security Security Precautions  Encryption – scrambles the contents of a file so that you can’t read it without having the right decryption key.  Public key encryption (PKE) - an encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient.

© , David Gadish, Ph.D.52 Security Security Precautions  Intrusion-detection software - looks for people on the network who shouldn’t be there or who are acting suspiciously.  Security auditing software - checks out your computer or network for potential weaknesses.

53 Building and e-Portfolio ELM - I

© , David Gadish, Ph.D.54 Presentation Overview  The Electronic Job Market  Preparations Before You Write  Writing Targeted Resume Content  Developing e-Portfolio Content  Web Design Considerations  Preparing Web Content

© , David Gadish, Ph.D.55 The Electronic Job Market  Electronic job market - makes use of Internet technologies to recruit employees and is growing by leaps and bounds.

© , David Gadish, Ph.D.56 The Electronic Job Market

© , David Gadish, Ph.D.57 The Electronic Job Market

© , David Gadish, Ph.D.58 Preparations Before You Write  Hidden job market – the collective term used to describe jobs that are not advertised.  Up to 80 percent of new jobs fall into this category.

© , David Gadish, Ph.D.59 Preparations Before You Write Start to Network  Phone  Face-to-face  Mailing lists - discussion groups organized by area of interest.

© , David Gadish, Ph.D.60 Preparations Before You Write Perform Self-Assessment  Skill words – nouns and adjectives used by organizations to describe job skills which should be woven into the text of applicants’ resumes.  There are many good tools for self-assessment including: –Personality profiles –Checklists –Strength identification –Achievement lists –Writing and projection exercises

© , David Gadish, Ph.D.61 Preparations Before You Write Research Careers, Industries, and Companies  Directory search engine - organizes listings of Web sites into hierarchical lists. –Yahoo! is the most popular and well-known of these.  True search engine - uses software agent technologies to search the Internet for key words and then places them into indexes. –Ask Jeeves is the most popular and well-known true search engine.

© , David Gadish, Ph.D.62 Preparations Before You Write Research Careers, Industries, and Companies

© , David Gadish, Ph.D.63 Writing Targeted Resume Content Powerful Objective Statements  A well-developed objective statement is a powerful tool for getting employers to look more deeply into your potential.  Typical objective statements are short - between one and three sentences and appear below the contact information.

© , David Gadish, Ph.D.64 Writing Targeted Resume Content Important Contact Information  You should dedicate the first section of your resume to your name and how you can be contacted.  Contact information must be complete, correct, and permanent.  If your resume is pulled for consideration six months from now, the contact information should still be valid.

© , David Gadish, Ph.D.65 Writing Targeted Resume Content Other Valuable Resume Sections  The other sections included in your resume are determined by what you need to communicate.  Ideally all other content would directly support your objectives and skills.

© , David Gadish, Ph.D.66 Developing e-Portfolio Content  Electronic portfolio (e-portfolio) - a collection of Web documents used to support a stated purpose such as demonstrating writing or photography skills.

© , David Gadish, Ph.D.67 Developing e-Portfolio Content Gallery  An e-portfolio provides you with the opportunity to demonstrate your skills through a gallery of works.  The gallery should include: –Writing samples. –Spreadsheets or other applications of business tools. –Demonstrations of analytical, tracking, planning, or management skills. –Presentations that you’ve developed.

© , David Gadish, Ph.D.68 Developing e-Portfolio Content Gallery

© , David Gadish, Ph.D.69 Web Design Considerations Basic Web Design Principles 1. Define the site audience and purpose 2. Some of the questions you can ask yourself to help gain insight into your target audience are: –What is the average age of managers and employees? –How conservative is this industry? –Are employees expected to be artistic? –How do employees dress?

© , David Gadish, Ph.D.70 Web Design Considerations Basic Web Design Principles  Keep in mind that good printed layout does not translate effectively to the Web. –Web pages are designed to be browsed. –Web pages are not the same size. –Web page layout varies depending on the Web browser, screen resolution, operating system, and monitor being used.

© , David Gadish, Ph.D.71 Web Design Considerations Basic Web Design Principles

© , David Gadish, Ph.D.72 Web Design Considerations Basic Web Design Principles

© , David Gadish, Ph.D.73 Web Design Considerations Basic Web Design Principles Site structure  The structure of a Web site is how the various pages of the site are linked together.  There are a number of schools of thought when it comes to Web page length, scrolling or clicking.

© , David Gadish, Ph.D.74 Web Design Considerations Basic Web Design Principles

© , David Gadish, Ph.D.75 Web Design Considerations Design Your Home Page  When designing a group of Web pages that are structured to work together, such as an e-Portfolio site, it’s critical that each page contain common color, font, navigation, and layout design elements.  It should be obvious to a user who has clicked on a link to another site page that he or she is still in your e-portfolio site.

© , David Gadish, Ph.D.76 Web Design Considerations Design Your Home Page Color  There are four colors to select for your Web site - text, link, visited link, and background.  It’s important that the colors match your audience preferences and work well together.

© , David Gadish, Ph.D.77 Web Design Considerations Design Your Home Page

© , David Gadish, Ph.D.78 Web Design Considerations Design Your Home Page 5. Document the site design –After designing your home page, you should have a good idea of how to segment and link (organize) your remaining e-portfolio content. –Ideally, you should create logical groupings of content so that you have no more than eight links on your home page.

© , David Gadish, Ph.D.79 Web Design Considerations Design Your Home Page

© , David Gadish, Ph.D.80 Questions?

© , David Gadish, Ph.D.81 Next Week’s Agenda  Implementing a Database with MSAccess (ELM-J)  Protecting People and Information - Threats and Safeguards (Chap 9)  Course Review / Discussion