Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fundamentals of Information Systems Fourth Edition

Published byAusten Dennis Modified over 6 years ago

Similar presentations

Presentation on theme: "Fundamentals of Information Systems Fourth Edition"— Presentation transcript:

1 Fundamentals of Information Systems Fourth Edition
Chapter 9 The Personal and Social Impact of Computers

2 Principles and Learning Objectives
Policies and procedures must be established to avoid computer waste and mistakes Describe some examples of waste and mistakes in an IS environment, their causes, and possible solutions Identify policies and procedures useful in eliminating waste and mistakes Discuss the principles and limits of an individual’s right to privacy Fundamentals of Information Systems, Fourth Edition

3 Principles and Learning Objectives (continued)
Computer crime is a serious and rapidly growing area of concern requiring management attention Explain the types and effects of computer crime Identify specific measures to prevent computer crime Fundamentals of Information Systems, Fourth Edition

4 Principles and Learning Objectives (continued)
Jobs, equipment, and working conditions must be designed to avoid negative health effects List the important effects of computers on the work environment Identify specific actions that must be taken to ensure the health and safety of employees Outline criteria for the ethical use of information systems Fundamentals of Information Systems, Fourth Edition

5 Why Learn About Security, Privacy, and Ethical Issues in Information Systems and the Internet?
Many nontechnical issues associated with ISs Human Resource employees need to: Prevent computer waste and mistakes Avoid privacy violations Comply with laws about: Collecting customer data Monitoring employees Employees, IS users, and Internet users need to: Avoid crime, fraud, privacy invasion Fundamentals of Information Systems, Fourth Edition

6 Computer Waste and Mistakes
Inappropriate use of computer technology and resources Computer-related mistakes Errors, failures, and other computer problems that make computer output incorrect or not useful Fundamentals of Information Systems, Fourth Edition

7 Computer Waste Cause: improper management of information systems and resources Discarding old software and even complete computer systems when they still have value Building and maintaining complex systems that are never used to their fullest extent Using corporate time and technology for personal use Spam Fundamentals of Information Systems, Fourth Edition

8 Computer-Related Mistakes
Causes Failure by users to follow proper procedures Unclear expectations and a lack of feedback Program development that contains errors Incorrect data entry by data-entry clerk Fundamentals of Information Systems, Fourth Edition

9 Preventing Computer-Related Waste and Mistakes
Preventing waste and mistakes involves: Establishing policies and procedures Implementing policies and procedures Monitoring policies and procedures Reviewing policies and procedures Fundamentals of Information Systems, Fourth Edition

10 Establishing Policies and Procedures
Establish policies and procedures regarding efficient acquisition, use, and disposal of systems and devices Training programs for individuals and workgroups Manuals and documents on how computer systems are to be maintained and used Approval of certain systems and applications to ensure compatibility and cost-effectiveness Fundamentals of Information Systems, Fourth Edition

11 Implementing Policies and Procedures
Policies often focus on: Implementation of source data automation and the use of data editing to ensure data accuracy and completeness Assignment of clear responsibility for data accuracy within each information system Training is often the key to acceptance and implementation of policies and procedures Fundamentals of Information Systems, Fourth Edition

12 Monitoring Policies and Procedures
Monitor routine practices and take corrective action if necessary Implement internal audits to measure actual results against established goals Follow requirements in Sarbanes-Oxley Act Fundamentals of Information Systems, Fourth Edition

13 Reviewing Policies and Procedures
During review, people should ask the following questions: Do current policies cover existing practices adequately? Were any problems or opportunities uncovered during monitoring? Does the organization plan any new activities in the future? If so, does it need new policies or procedures on who will handle them and what must be done? Are contingencies and disasters covered? Fundamentals of Information Systems, Fourth Edition

14 Computer Crime Often defies detection
Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents is increasing dramatically Computer crime is now global Fundamentals of Information Systems, Fourth Edition

15 The Computer as a Tool to Commit Crime
Criminals need two capabilities to commit most computer crimes Knowing how to gain access to the computer system Knowing how to manipulate the system to produce the desired result Examples Social engineering Dumpster diving Counterfeit and banking fraud using sophisticated desktop publishing programs and high-quality printers Fundamentals of Information Systems, Fourth Edition

16 Cyberterrorism Cyberterrorist
Someone who intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attacks against computers, networks, and the information stored on them Homeland Security Department’s Information Analysis and Infrastructure Protection Directorate Serves as governmental focal point for fighting cyberterrorism Fundamentals of Information Systems, Fourth Edition

17 Identity Theft Imposter obtains key pieces of personal identification information, such as Social Security or driver’s license numbers, in order to impersonate someone else Information is then used to obtain credit, merchandise, and/or services in the name of the victim or to provide the thief with false credentials Identity Theft and Assumption Deterrence Act of 1998 passed to fight identity theft 9 million victims in 2005 Fundamentals of Information Systems, Fourth Edition

18 The Computer as the Object of Crime
Crimes fall into several categories such as: Illegal access and use Data alteration and destruction Information and equipment theft Software and Internet piracy Computer-related scams International computer crime Fundamentals of Information Systems, Fourth Edition

19 Illegal Access and Use Hacker: learns about and uses computer systems
Criminal hacker (also called a cracker): gains unauthorized use or illegal access to computer systems Script bunnies: automate the job of crackers Insider: employee who compromises corporate systems Malware: software programs that destroy or damage processing Fundamentals of Information Systems, Fourth Edition

20 Illegal Access and Use (continued)
Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without the user’s knowledge or permission Worm: parasitic computer program that can create copies of itself on the infected computer or send copies to other computers via a network Fundamentals of Information Systems, Fourth Edition

21 Illegal Access and Use (continued)
Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect Logic bomb: type of Trojan horse that executes when specific conditions occur Triggers for logic bombs can include a change in a file by a particular series of keystrokes or at a specific time or date Fundamentals of Information Systems, Fourth Edition

22 Illegal Access and Use (continued)
Tips for avoiding viruses and worms Install antivirus software on your computer and configure it to scan all downloads, , and disks Update your antivirus software regularly Back up your files regularly Do not open any files attached to an from an unknown, suspicious, or untrustworthy source Fundamentals of Information Systems, Fourth Edition

23 Illegal Access and Use (continued)
Tips for avoiding viruses and worms (continued): Do not open any files attached to an unless you know what it is, even if it appears to come from a friend or someone you know Exercise caution when downloading files from the Internet Ensure that the source is legitimate and reputable Fundamentals of Information Systems, Fourth Edition

24 Using Antivirus Programs
Antivirus program: software that runs in the background to protect your computer from dangers lurking on the Internet and other possible sources of infected files Tips on using antivirus software Run and update antivirus software often Scan all diskettes and CDs before using them Install software only from a sealed package or secure, well-known Web site Follow careful downloading practices If you detect a virus, take immediate action Fundamentals of Information Systems, Fourth Edition

25 Using Antivirus Programs (continued)
Table 9.2: Antivirus Software Fundamentals of Information Systems, Fourth Edition

26 Information and Equipment Theft
Obtaining identification numbers and passwords to steal information or disrupt systems Trial and error, password sniffer program Software theft Computer systems and equipment theft Data on equipment is valuable Fundamentals of Information Systems, Fourth Edition

27 Software and Internet Software Piracy
Software piracy: act of illegally duplicating software Internet software piracy: illegally downloading software from the Internet Most rapidly expanding type of software piracy Most difficult form to combat Examples: pirate Web sites, auction sites that offer counterfeit software, peer-to-peer networks Penalties can be severe Fundamentals of Information Systems, Fourth Edition

28 Computer-Related Scams
Examples of Internet scams Get-rich-quick schemes involving bogus real estate deals “Free” vacations with huge hidden costs Bank fraud Fake telephone lotteries Phishing Gaining access to personal information by redirecting user to fake site Fundamentals of Information Systems, Fourth Edition

29 International Computer Crime
Computer crime is an international issue Software industry loses about $9 billion in revenue annually to software piracy occurring outside the United States Terrorists, international drug dealers, and other criminals might use information systems to launder illegally obtained funds Fundamentals of Information Systems, Fourth Edition

30 Preventing Computer-Related Crime
All states have passed computer crime legislation Some believe that these laws are not effective because: Companies do not always actively detect and pursue computer crime Security is inadequate Convicted criminals are not severely punished Individual and group efforts are being made to curb computer crime, and recent efforts have met with some success Fundamentals of Information Systems, Fourth Edition

31 Crime Prevention by State and Federal Agencies
State and federal agencies have begun aggressive attacks on computer criminals Computer Fraud and Abuse Act, 1986 Computer Emergency Response Team (CERT) Many states are now passing new, comprehensive bills to help eliminate computer crimes Fundamentals of Information Systems, Fourth Edition

32 Crime Prevention by Corporations
Public key infrastructure (PKI): enables users of an unsecured public network such as the Internet to securely and privately exchange data Uses a public and a private cryptographic key pair that is obtained and shared through a trusted authority Biometrics: measurement of one of a person’s traits, whether physical or behavioral Fundamentals of Information Systems, Fourth Edition

33 Crime Prevention by Corporations (continued)
Table 9.3: Common Methods Used to Commit Computer Crimes Fundamentals of Information Systems, Fourth Edition

34 Crime Prevention by Corporations (continued)
Table 9.3: Common Methods Used to Commit Computer Crimes (continued) Fundamentals of Information Systems, Fourth Edition

35 Crime Prevention by Corporations (continued)
Companies are joining together to fight crime Software and Information Industry Alliance (SIIA): original antipiracy organization Microsoft financed the formation of a second antipiracy organization, the Business Software Alliance (BSA) Other software companies, including Apple, Adobe, Hewlett-Packard, and IBM, now contribute to the BSA Fundamentals of Information Systems, Fourth Edition

36 Using Intrusion Detection Software
Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion Suspicious activities: failed login attempts, attempts to download program to server, accessing a system at unusual hours Can provide false alarms or voice message alerts may be missed Fundamentals of Information Systems, Fourth Edition

37 Using Managed Security Service Providers (MSSPs)
Managed security service provider (MSSP): organization that monitors, manages, and maintains network security for both hardware and software for its client companies Sifts through alarms and alerts from all monitoring systems May provide scanning, blocking, and filtering capabilities Fundamentals of Information Systems, Fourth Edition

38 Internet Laws for Libel and Protection of Decency
Filtering software helps screen Internet content Also prevents children from sending personal information over or through chat groups Internet Content Rating Association (ICRA) Rates Web sites based on authors’ responses from questionnaire Children’s Internet Protection Act (CIPA), 2000 Required filters in federally funded libraries Libel is an important legal issue on the Internet Publishing Internet content to the world can subject companies to different countries’ laws Fundamentals of Information Systems, Fourth Edition

39 Preventing Crime on the Internet
Develop effective Internet usage and security policies for all employees Use a stand-alone firewall (hardware and software) with network monitoring capabilities Deploy intrusion detection systems, monitor them, and follow up on their alarms Fundamentals of Information Systems, Fourth Edition

40 Preventing Crime on the Internet (continued)
Monitor managers and employees to make sure that they are using the Internet for business purposes Use Internet security specialists to perform audits of all Internet and network activities Fundamentals of Information Systems, Fourth Edition

41 Privacy Issues With information systems, privacy deals with the collection and use or misuse of data More data and information are produced and used today than ever before Data is constantly being collected and stored on each of us This data is often distributed over easily accessed networks and without our knowledge or consent Concerns of privacy regarding this data must be addressed Fundamentals of Information Systems, Fourth Edition

42 Privacy and the Federal Government
U.S. federal government is perhaps the largest collector of data Over 4 billion records exist on citizens, collected by about 100 federal agencies U.S. National Security Agency (NSA) had secretly collected phone call records of tens of millions of U.S. citizens after the September 11, 2001 terrorist attacks Ruled unconstitutional and illegal by a federal judge in August 2006 Fundamentals of Information Systems, Fourth Edition

43 Privacy at Work There is conflict between rights of workers who want their privacy and the interests of companies that demand to know more about their employees Workers might be monitored via computer technology that can: Track every keystroke made by a worker Know when the worker is not using the keyboard or computer system Estimate how many breaks he or she is taking Many workers consider monitoring dehumanizing Fundamentals of Information Systems, Fourth Edition

44 Privacy Federal law permits employers to monitor sent and received by employees messages that have been erased from hard disks can be retrieved and used in lawsuits Use of among public officials might violate “open meeting” laws Fundamentals of Information Systems, Fourth Edition

45 Privacy and the Internet
Huge potential for privacy invasion on the Internet is a prime target Platform for Privacy Preferences (P3P): screening technology that shields users from Web sites that do not provide the level of privacy protection they desire Children’s Online Privacy Protection Act (COPPA), 1998: require privacy policies and parental consent Potential dangers on social networking Web sites Fundamentals of Information Systems, Fourth Edition

46 Fairness in Information Use
Table 9.4: The Right to Know and the Ability to Decide Fundamentals of Information Systems, Fourth Edition

47 Fairness in Information Use (continued)
The Privacy Act of 1974: provides privacy protection from federal agencies Gramm-Leach-Bliley Act: requires financial institutions to protect customers’ nonpublic data USA Patriot Act: allows law enforcement and intelligence agencies to gather private information Other laws regulate fax advertisements, credit card bureaus, the IRS, video rental store, telemarketers, etc. Fundamentals of Information Systems, Fourth Edition

48 Corporate Privacy Policies
Should address a customer’s knowledge, control, notice, and consent over the storage and use of information May cover who has access to private data and when it may be used A good database design practice is to assign a single unique identifier to each customer Single record describing all relationships with the company across all its business units Can apply customer privacy preferences consistently throughout all databases Fundamentals of Information Systems, Fourth Edition

49 Individual Efforts to Protect Privacy
Find out what is stored about you in existing databases Be careful when you share information about yourself Be proactive to protect your privacy When purchasing anything from a Web site, make sure that you safeguard your credit card numbers, passwords, and personal information Fundamentals of Information Systems, Fourth Edition

50 The Work Environment Computer technology and information systems have opened up numerous avenues to professionals and nonprofessionals Enhanced telecommunications has: Been the impetus for new types of business Created global markets in industries once limited to domestic markets Despite increasing productivity and efficiency, computers and information systems can raise other concerns Fundamentals of Information Systems, Fourth Edition

51 Health Concerns Working with computers can cause occupational stress
Training and counseling can often help the employee and deter problems Computer use can affect physical health as well Strains, sprains, tendonitis, repetitive motion disorder, carpal tunnel syndrome Concerns about emissions from improperly maintained and used equipment, display screens, and cell phones Fundamentals of Information Systems, Fourth Edition

52 Avoiding Health and Environmental Problems
Many computer-related health problems are caused by a poorly designed work environment Ergonomics: science of designing machines, products, and systems to maximize the safety, comfort, and efficiency of the people who use them Fundamentals of Information Systems, Fourth Edition

53 Ethical Issues in Information Systems
Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behavior Fundamentals of Information Systems, Fourth Edition

54 Ethical Issues in Information Systems (continued)
ACM code of ethics and professional conduct Contribute to society and human well-being Avoid harm to others Be honest and trustworthy Be fair and take action not to discriminate Honor property rights including copyrights and patents Fundamentals of Information Systems, Fourth Edition

55 Ethical Issues in Information Systems (continued)
ACM code of ethics and professional conduct (continued) Give proper credit for intellectual property Respect the privacy of others Honor confidentiality Fundamentals of Information Systems, Fourth Edition

56 Summary Preventing computer-related waste and mistakes requires establishing, implementing, monitoring, and reviewing policies and procedures Criminals need two capabilities to commit most computer crimes: knowing how to gain access to the computer system and knowing how to manipulate the system to produce the desired result Fundamentals of Information Systems, Fourth Edition

57 Summary (continued) Categories of crimes in which the computer is the object of crime: illegal access and use, data alteration and destruction, information and equipment theft, software and Internet piracy, computer-related scams, and international computer crime Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion Fundamentals of Information Systems, Fourth Edition

58 Summary (continued) With information systems, privacy deals with the collection and use or misuse of data Ergonomics: science of designing machines, products, and systems to maximize the safety, comfort, and efficiency of the people who use them Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behavior Fundamentals of Information Systems, Fourth Edition

Download ppt "Fundamentals of Information Systems Fourth Edition"

Similar presentations

Deter, Detect, Defend: The FTC’s Program on Identity Theft.

Deter, Detect, Defend: The FTC’s Program on Identity Theft.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.

Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.
Computer Crime The Internet has opened the door to new kinds of crime and new ways of carrying out traditional crimes. Computer crime is any act that violates.

Computer Crime The Internet has opened the door to new kinds of crime and new ways of carrying out traditional crimes. Computer crime is any act that violates.
Fundamentals of Information Systems, Third Edition2 Principles and Learning Objectives Policies and procedures must be established to avoid computer waste.

Fundamentals of Information Systems, Third Edition2 Principles and Learning Objectives Policies and procedures must be established to avoid computer waste.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Now What?. MIS 300, Chapter 92 Basic Concepts Waste and mistakes: Is it possible?   Computers and crime: Aiding, abetting?   Ethical behavior: Are.

Now What?. MIS 300, Chapter 92 Basic Concepts Waste and mistakes: Is it possible?   Computers and crime: Aiding, abetting?   Ethical behavior: Are.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.
By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.

By Connie Lopez. Main Points 1. Computer Technology Arises Concerns 2. Computer Ethics & Guidelines that Govern the morally acceptable use of Computers.
Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Policies and procedures must be established to avoid computer waste and mistakes

Policies and procedures must be established to avoid computer waste and mistakes
Management Information Systems

Management Information Systems
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.
Computer Waste and Security Privacy Computer Health.

Computer Waste and Security Privacy Computer Health.

Similar presentations

Ads by Google