Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور

Published byAllison Elliott Modified over 8 years ago

Similar presentations

Presentation on theme: "INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور"— Presentation transcript:

1 INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور ashour.ghadeer@gmail.com

2 Ethical Responsibility of Business Professionals 2  Business Ethics  Technology Ethics

3 Ethical Responsibility of Business Professionals 3  Business Ethics  Basic categories of ethical issues Employee privacy Security of company records Workplace safety

4 Ethical Responsibility (continued) 4  Technology Ethics  Four Principles Proportionality Informed Consent Justice Minimized Risk

5 Ethical Responsibility (continued) 5  Technology Ethics  Proportionality Good achieved by the technology must outweigh the harm or risk There must be no alternative that achieves the same or comparable benefits with less harm or risk

6 Ethical Responsibility (continued) 6  Technology Ethics (continued)  Informed consent Those affected by the technology should understand and accept the risks  Justice The benefits of the technology should be distributed fairly. Those who benefit should bear their fair share of the risks, and those who do not benefit should not suffer a significant increase in risk

7 Ethical Responsibility (continued) 7  Technology Ethics (continued)  Minimized Risk Even if judged acceptable by the other three guidelines, the technology must be implemented so as to avoid all unnecessary risk

8 Computer Crime 8  Association of Information Technology Professionals (AITP) definition of Computer Crime includes  The unauthorized use, access, modification, and destruction of hardware, software, data, or network resources  Unauthorized release of information  Unauthorized copying of software  Denying an end user access to his or her own hardware, software, data, or network resources  Using computer or network resources to obtain information or tangible property illegally

9 Computer Crime  Hacking  The obsessive use of computers, or the unauthorized access and use of networked computer systems  Cyber Theft  Involves unauthorized network entry and the fraudulent alteration of computer databases 9 Who commits computer crime?

10 Computer Crime (continued) 10  Unauthorized use at work  Also called time and resource theft  May range from doing private consulting or personal finances, to playing video games, to unauthorized use of the Internet on company networks

11 Computer Crime (continued)  Piracy of intellectual property  Other forms of intellectual property covered by copyright laws Music Videos Images Articles Books Other written works  Software Piracy  Unauthorized copying of software Software is intellectual property protected by copyright law and user licensing agreements 11

12 Computer Crime (continued) 12  Computer viruses and worms  Virus A program that cannot work without being inserted into another program  Worm A distinct program that can run unaided

13 Virus and Worms(continued) 13  Virus or worms copy annoying or destructive routines into the networked computer systems of anyone who accesses infected computers or who uses copies of magnetic disks taken from infected computers.  They can spread destruction among many users.  They often destroy the content of memory, hard disks, and other storage devices

14 Virus and Worms (continued) 14  They typically enter a computer system through e- mail and file attachments via the Internet and online services or through illegal or borrowed copies of software.  Copies of shareware can be another source of viruses.

15 Virus and Worms (continued) 15  How does virus work?  A virus usually copies itself into the files of a computer’s operating system  Then the virus spreads to the main memory and copies itself onto the computer’s hard disk and any inserted floppy disks  The virus spreads to other computers through e-mail, file transfers, other telecommunications activities, or floppy disks from infected computers

16 Virus and Worms (continued) 16  Good Practice:  Avoid using software from questionable sources without checking for viruses  Should regularly use antivirus program that can help to diagnose and remove computer viruses from infected files on your hard disk

17 SECTION II Security Management

18 Tools of Security Management 18  Goal  Accuracy, integrity, and safety of all information system processes and resources  Thus it is able to minimize errors, fraud, and losses in the e-business systems that interconnect businesses with their customers, suppliers, and other stakeholders

19 Internetworked Security Defenses 19  Encryption  Passwords, messages, files, and other data is transmitted in scrambled form and unscrambled for authorized users  Involves using special mathematical algorithms to transform digital data in scrambled code  Most widely used method uses a pair of public and private keys unique to each individual For example, e-mail could be scrambled and encoded using a unique public key for the recipient that is known to the sender. After the e-mail is transmitted, only the recipient’s secret private key could unscrambled the message

20 Internetworked Security Defenses (continued) 20  Firewalls  It can be a communications processor, typically a router, or a dedicated server, along with firewall software.  Serves as a “gatekeeper” system that protects a company’s intranets and other computer networks from intrusion by Providing a filter and safe transfer point for access to and from the Internet and other networks Screening all network traffic for proper passwords or other security codes and only allows authorized transmission in and out of the network

21 Internetworked Security Defenses (firewall continued) 21  Can deter, but not completely prevent, unauthorized (hacking) access into computer networks  In some cases, it may allow access only from trusted locations on the Internet to particular computers inside the firewall, or it may allow only “safe” information to pass

22 Internetworked Security Defenses (continued) 22  Denial of Service Attacks  These attacks depend on three layers of networked computer systems Victim’s website Victim’s Internet Service Provider (ISP) Sites of “zombie” or slave computers that the cyber criminal controls

23 Continued 23 Defensive measures and security precautions must be taken at all three levels  At the ISP: Monitor and block traffic spikes. Filter spoofed IP addresses. Coordinate security with network providers

24 Continued 24  At the victim’s Web site: create backup servers and network connections. Limit connections to each server. Install multiple intrusion-detection systems and multiple routers for incoming traffic to reduce choke points  At the zombie machines: Set and enforce security policies. Scan regularly for Trojan horse programs and vulnerabilities. Close unused ports. Remind the user to not open.exe mail attachments

25 Internetworked Security Defenses (continued) 25  E-mail Monitoring  “Spot checks just aren’t good enough anymore. The tide is turning toward systematic monitoring of corporate e-mail traffic using content-monitoring software that scans for troublesome words that might compromise corporate security.”

26 Internetworked Security Defenses (continued) 26  Virus Defenses The antivirus software runs in the background.  The trend right now is to automate the entire process  Protection may accomplished through Centralized distribution and updating of antivirus software Outsourcing the virus protection responsibility to ISPs or to telecommunications or security management companies

27 Other Security Measures 27  Security codes  Multilevel password system  Backup Files  Duplicate files of data or programs  Security Monitors  Programs that monitor the use of computer systems and networks and protect them from unauthorized use, fraud, and destruction

28 Other Security Measures 28  Biometric Security  Security measures provided by computer devices that measure physical traits that make each individual unique  Computer Failure Controls  Preventive maintenance of hardware and management of software updates  Backup computer system

29 Other Security Measures 29  Fault Tolerant Systems  Computer systems that have redundant processors, peripherals, and software that provide different type of fail-recovery capability  Disaster Recovery  Disaster recovery plan that is used in any organization Which employees will participate in disaster recovery and what their duties will be What hardware, software, and facilities will be used

30 ANY QUESTION 30  For more information:  Refer to chapter 11 of the book for further reading  Next week preparation:  Study for revision and bring all your question with you  Thanks and good luck

Download ppt "INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور"

Similar presentations

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Security and Ethical Challenges

Security and Ethical Challenges
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.

Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.

1 Tonga Institute of Higher Education IT 245 Management Information Systems Lecture 11 Security, and Ethical Challenges of E- Business.
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.

Similar presentations

Ads by Google