Presentation is loading. Please wait.

Presentation is loading. Please wait.

10 PRIVACY AND SECURITY CHAPTER

Published byMagdalen Lee Modified over 6 years ago

Similar presentations

Presentation on theme: "10 PRIVACY AND SECURITY CHAPTER"— Presentation transcript:

1 10 PRIVACY AND SECURITY CHAPTER
Just because something is on a computer doesn’t mean it’s safe from fire, theft, or disaster. Every time a person interacts with a computer, information is exchanged; at a checkout line, getting a license, etc. How can you protect your information? There are ethical questions raised by the incorporation of computers into our society: Environmental consequences Health risks Business ethics Privacy Copyright violation

2 Competencies (Page 1 of 2)
Discuss the privacy issues related to the presence of large databases, private networks, the Internet, and the Web Describe the major privacy laws and the Code of Fair Information Practice Describe the security threats posted by computer criminals, computer crime, and other hazards Page 270

3 Competencies (Page 2 of 2)
Discuss ways that individuals and organizations protect their security Describe the common types of physical and mental risks associated with computer use and ways to protect yourself against these risks Discuss what the computer industry is doing, and what you can do to protect the environment Page 270

4 Information Systems hardware data connectivity people procedures
software Page 272

5 Information Systems Concerns for People
Privacy – What are the threats to personal privacy and how can we protect our selves? Security – How can access to sensitive information be controlled and how can we secure hardware and software? Ergonomics – What are the physical and mental risks to technology and how can these risks be eliminated or controlled? Environment – What can individuals and organizations do to minimize the impact of technology? Privacy – What are the threats to personal privacy and how can we protect ourselves? Security – How can access to sensitive information be controlled and how can we secure hardware and software? Ergonomics – What are the physical and mental risks to technology and how can these risks be eliminated or controlled? Environment – What can individuals and organizations do to minimize the impact of technology on our environment? Let’s look at the definition of computer ethics and privacy first Page 272

6 Computer Ethics and Privacy
Computer ethics provide guidelines for computer use Ethics issues include: Privacy Accuracy Property Access Privacy relates to the collection and use of personal information; concerns include: Large databases Private networks Internet/Web Privacy laws exist, but privacy remains primarily an ethical issue Every computer user should be aware of ethical matters, including how databases and networks are used and the major privacy laws Ethics defined: standards of moral conduct Computer ethics: guidelines for morally acceptable use of computers including privacy Standards or guidelines are important in this industry because technology changes are outstripping the legal system’s ability to keep up Emphasize that ethics is a standard or moral conduct – it is what is morally right and what is morally wrong – not what a court says or whether others do or do not do it! Four primary issues: Privacy – collection and use of data about individuals Accuracy – responsibility of those who collect data Secure Correct Property – who owns data and who has rights to software Access – responsibility of those who control data and use of data Technology moving faster than law can adapt Page 273

7 Large Databases Data collected daily Data gatherers
Information resellers or information brokers Electronic profiles are created Concerns Spreading information without consent Identify theft Spreading inaccurate information Mistaken identity Freedom of Information Act Data collected and stored on citizens every day Collectors include Government agencies – Federal government has 2,000 databases; businesses Social security numbers are often used as key fields in databases related to our employment, tax and credit activities This is being changed– already in education system, can’t use SS number as student ID in many colleges and universities throughout US. What other steps are being taken to ensure privacy? Data information has value – hence the rise of the information reseller: information resellers provide this gathered data to others for a fee Concerns include: Spreading information without consent – example: collecting your shopping habits and sharing; or medical records, or driver’s license number Last year over 10 million people were victimized by identity theft (illegal assumption of someone’s identity for economic gain) Spreading inaccurate information – Mistakes happen, but when those mistakes are recorded and your financial position is affected it becomes a problem Mistaken Identity – an electronic profile of one person is switched with another Under the Freedom of Information Act you are entitled to look at your records held by government agencies. Return Page 274

8 Private Networks Employers monitor e-mail
Legally done Snoopware Software Online services right to censor content Screen and reject messages Terminate user accounts Currently legal for employers to monitor electronic mail; survey reported 75% do so using snoopware Snoopware records virtually everything you do on your computer Most online services reserve the right to censor content; libel, obscenity, or offensive material Can terminate your account for unacceptable “behavior” towards company Return Page 276

9 Internet and Web Illusion of anonymity
Not concerned about privacy when surfing the Internet Not concerned about privacy when sending History file Cookies – two basic types Traditional Ad network or adware cookies Cookie-cutter programs Spyware Spy removal programs Illusion of anonymity is that if you are on the Internet and selective about disclosing names or other personal information that no one knows who you are or how to “find” you - false Recent cases of people tracing other people through Internet activity When you browse the Web your activity is monitored; when you visit a Web site your browser stores critical information onto your hard disk – usually without your permission or knowledge; a history file includes the locations of sites visited by your computer system Traditional cookies – monitor your activities at a single site Ad network cookies – monitors your activities across all sites visited; once deposited onto a hard drive, they continue to actively collect information on Web activities; form of spyware Most browsers can control many types of cookies called cookie-cutter programs – which allow users to selectively filter or block the most intrusive cookies while allowing selective traditional cookies to operate Spyware – wide range of programs that are designed to secretly record and report an individual’s activities on the Internet; in addition to Internet Ad cookies, there are also Web bugs – small programs typically hidden within the HTML code for a Web page or message and can be used to secretly read message or work with cookies to collect and report information back to a predefined server on the Web Computer monitoring software – invasive and dangerous type of spyware; programs record every activity and keystroke made on a computer system including credit card numbers, bank account numbers, and messages Sniffer programs and keystroke loggers – can be deposited on a hard drive without detection from the Web or by someone installing programs directly onto a computer New category of programs known as spry removal programs – designed to detect Web bugs and monitoring software The next slide provides a look at the major privacy laws; and the slide following the privacy laws displays a chart with the Principles of the Code of Fair Information Practice Page 276

10 Major Privacy Laws Page 279

11 Code of Fair Information Practice
Principle Description No secret databases No personal data that is secret Right of individual access Individuals have a right to see information about them Right of consent Information for one purpose cannot be used again Right to correct Ability to correct errors Assurance of reliability Data must not be misused Spreading inaccurate information is easy: mistakes in one computer file can easily migrate to others; inaccurate data may linger for years without your knowing it Laws help individuals with correcting credit data and finding out what personal information is being maintained by government agencies Return Page 279

12 Security and Computer Criminals
Threats to computer security are criminals, computer crime, and hazards Computer criminals are of five types: Employees Outside users Hackers and crackers Organized crime Terrorists Computer crime – illegal action in which the perpetrator uses special knowledge of computer technology Computer criminals – those using computer technology to engage in illegal action, five types Employees – the largest category; may be trying to steal hardware, software, proprietary information and could be doing this out of resentment and trying to get back at the company Outside users – could include employees and clients or suppliers having access to a company’s computer system; could obtain confidential passwords “Hackers” and “crackers” – hackers gain unauthorized access to computer systems “for fun” but crackers have malicious intent including stealing information or introducing a “bomb,” a destructive computer program Organized crime – tracking illegal enterprises, forgery, counterfeiting Terrorists – could potentially crash satellites and wage economic warfare by disrupting navigation and communication systems Concerned with security – on and off the Internet Most people don’t realize that security involves theft by employees as well as deliberate thefts from viruses, electronic break-ins, etc. Re-emphasize ethics as an integral part of security – what belongs to the company, belongs to the company (computer time, software, floppies, getting into area in computer where you don’t need to be) If you do happen to go somewhere in network or Internet you really didn’t intend to go, back out right away Tell your supervisor of the error and document what happened (how you got there, whom you told, and when you told the person) Page 282

13 Computer Crime Number of Computers Crimes Going Up
Malicious Programs Viruses Worms Trojan horse Denial of service (DoS) Internet Scams Theft Hardware or software Data Computer time Data Manipulation Computer Fraud and Abuse Act of 1986 $1.5 trillion estimated to be lost in the past year from computer crime Computer crime can take various forms: Creation of malicious programs – called malware which is short for malicious software Viruses – (**Use link to show table of common viruses when talking about viruses) migrate through networks and operating systems and most attach themselves to different programs and databases; can alter and/or delete files; can damage system components Worms – (**Use link to show table of common worm types when talking about worms) a special type of virus Doesn’t attach to a program Fills the computer with self-replicating information or can be a carrier of a more traditional virus Trojan house – programs that are disguised as something else; like worms they are carriers of viruses; can be innocently downloaded from the Internet Denial of service attacks – denies service from ISPs by flooding a computer or network with requests for information and data Internet scams – a fraudulent or deceptive act or operation to trick someone into spending money Theft – hardware, software, data, computer time Data manipulation – unauthorized use of data – law states that it’s a crime for an unauthorized person to even view data using any computer across state lines Page 283

14 Commonly Encountered Viruses
Return Page 286

15 Commonly Encountered Worms
Return Page 286

16 Other Hazards Natural hazards Civil strife and terrorism
Fires & floods Winds Hurricanes Tornadoes Earthquakes Civil strife and terrorism Wars Riots Terrorist acts Technological failures Voltage surge Use surge protector Human errors There are plenty of other hazards to computer systems besides criminals Natural hazards include fires, floods, winds, hurricanes, etc. Civil strife – wars, riots, etc. are real risks Technological failures – voltage surges or spikes Human errors – data entry are commonplace mistakes; programming, faulty design mistakes Page 287

17 Measures to Protect Computer Security
Encrypting messages Restricting access Anticipating disasters Backing up data Encrypted Security involves protecting information, hardware, and software from unauthorized use, damage from intrusions, sabotage, and natural disasters Security growing field; currently have courses on Network security as well as Encryption – coding messages to prevent people from reading your messages Restricting access through passwords and firewalls Anticipating disasters – companies and individuals should prepare Physical security – protecting hardware Data security – protecting software and data from unauthorized tampering or damage And have a disaster recovery plan – describing ways to continue operating until normal computer operations can be restored; can create special emergency facilities called hot sites which are fully equipped backup computer centers or cold sites if hardware must be installed to be utilized Use physical backups – off-site storage using tapes or disks in case of loss of equipment (World Trade Center; Mississippi floods for example; hurricanes in Gulf states; fires in California and national parks) Return Page 287

18 Restricting Access Biometric scanning Assigning passwords Firewalls
Fingerprint scanners Retinal (eye) scanners Assigning passwords Firewalls Special hardware and software Controls access to internal networks Computers should be protected from unauthorized access Biometric scanning Fingerprint scanners Retinal scanners Passwords Firewalls – a security buffer between a corporation’s private network and all external networks Anticipate disasters Physical security Data security Most organizations have a disaster recovery plan Hot sites – centers equipped as backup operations Cold site – empty shells where hardware can be installed and the backup data processed Backing up Data Routinely copy data and store it at a remote location Return Page 238

19 Ergonomics (Page 1 of 3) Study of human factors related to things people use Physical Health Eyestrain and headache Back and neck pain Repetitive strain injury The study of human factors related to things people use; concerned with fitting job to worker rather than worker to job Take regular breaks (like every hour or two) from computer monitor to avoid eye strain, back strain, or even vibrations from the system. Avoid monitors that flicker; ensure adequate monitor brightness By keeping all objects on which you are working at the same distance, you avoid eye strain, neck strain or arm/wrist injury Keep equipment (keyboard and monitor) at comfortable level – get a chair that adjusts or rearrange your equipment Avoid repetitive strain injury (RSI) by again having your equipment comfortable to ease the stress on tendons and muscles in your arms, wrists, back, and neck Billions of dollars in claims and productivity losses every year Page 238

20 Ergonomics (Page 2 of 3) Recommendations for the ideal microcomputer work environment Page 291

21 Ergonomics (Page 3 of 3) Computer technology offers ways of improving productivity but can create irritants other than physical Noise Electronic monitoring Technostress Stress associated with computer use Computers tend to emit very low frequency noise that can be stressful and/or damaging to some people. Some printers emit considerable noise. Networking of peripherals (requiring fewer printers) and the advances in technology have helped cut out a lot of this; however, still a factor to be considered. Workers electronically monitored have more health problems Recently researchers have discovered what a common sense manager already knew: human monitoring yields more productivity than electronic monitoring Capabilities of microprocessor stimulate manufacturers to load on the features, which often results in a product that is difficult to use. Trend is towards including fewer features and only those that are needed for particular job Technostress – tension that arises when trying to adapt to computers Return Page 292

22 The Environment Microcomputers use most of the electricity in work environment. Turn off when not using (like evenings or weekends) They account for 5% of the electricity used Most systems now come with energy-saving screens that go into “sleep mode” when not used for period of time The EPA (Environmental Protection Agency) has created the Energy Star program to discourage waste in the microcomputer industry Goal to reduce power required Organized the Green PC concept Look for energy star that indicates PC is working to follow guidelines established by EPA. What are characteristics of “Green PC”? The Green PC System Unit –energy saving microprocessor, eliminates cooling fan, has sleep mode Display – flat panels, power-down monitors, screen-saver software that clears the display when not in use Manufacturing – use of fewer harmful chemicals Page 293

23 Personal Responsibility to Help Protect the Environment
What can you do? Conserve Recycle Educate What can you do to protect the environment as a computer user? Page 294

24 A Look to the Future Presence Technology
Presence technology alerts you that someone is trying to reach you People can locate you People can tell which device is best to contact you Could become a standard feature of new cars, phones, and appliances Ask students to discuss the advantages and disadvantages of presence technology Is it always good to be found? Page 295

25 Discussion Questions Discuss the relationship between databases and privacy. Discuss the Code of Fair Information Act. Why has this act not been made into law? Discuss the various kinds of computer criminals. What are the principal measures used to protect computer security? What is encryption? How is it used by corporations and individuals What is ergonomics? How does computer use impact mental health? Physical health? Have students turn to the end of Chapter 10 in their textbooks to view the same “Open-Ended” questions/statements Page 302

Download ppt "10 PRIVACY AND SECURITY CHAPTER"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
Chapter 10 Privacy and Security.

Chapter 10 Privacy and Security.
By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.

By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.
McGraw-Hill/Irwin Copyright © 2008 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 10 Privacy and Security.

McGraw-Hill/Irwin Copyright © 2008 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 10 Privacy and Security.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
9 99 CHAPTER Privacy and Security. 9 © The McGraw-Hill Companies, Inc. 2002 Objectives 1.Privacy 2.Security 3.Ergonomics 4.Environment.

9 99 CHAPTER Privacy and Security. 9 © The McGraw-Hill Companies, Inc Objectives 1.Privacy 2.Security 3.Ergonomics 4.Environment.
1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 10-2 Competencies Describe concerns associated with computer.

1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved Competencies Describe concerns associated with computer.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
Issues Raised by ICT.

Issues Raised by ICT.
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.
Computing ESSENTIALS     CHAPTER 1 1010 Privacy and Security computing ESSENTIALS.

Computing ESSENTIALS     CHAPTER Privacy and Security computing ESSENTIALS.
McGraw-Hill Technology Education © 2006 by the McGraw-Hill Companies, Inc. All rights reserved. 1010 CHAPTER PRIVACY AND SECURITY.

McGraw-Hill Technology Education © 2006 by the McGraw-Hill Companies, Inc. All rights reserved CHAPTER PRIVACY AND SECURITY.
C OMPUTING E SSENTIALS 1999 2000 1999 2000 1999 2000 Presentations by: Fred Bounds Timothy J. O’Leary Linda I. O’Leary.

C OMPUTING E SSENTIALS Presentations by: Fred Bounds Timothy J. O’Leary Linda I. O’Leary.

Similar presentations

Ads by Google