Presentation is loading. Please wait.

Presentation is loading. Please wait.

Issues Information Systems and Management. Issues Privacy Ethics Health Computer Crime Security.

Published byJocelyn Gallagher Modified over 9 years ago

Similar presentations

Presentation on theme: "Issues Information Systems and Management. Issues Privacy Ethics Health Computer Crime Security."— Presentation transcript:

1 Issues Information Systems and Management

2 Issues Privacy Ethics Health Computer Crime Security

3 Privacy  The right to be left alone when you want to be, to have control over your personal possessions and not to be observed without your consent  The power of IT to store and retrieve information can have a negative affect on the “right of privacy” of every individual Monitor e-mail Collect data from website visits

4 Privacy and the Internet There are few rules about what is private and what you can store Censorship: Freedom of Information/Speech/The Press Spamming: mass unsolicited e-mail Flaming: critical, derogatory, vulgar e-mail

5 Privacy and Employees Monitoring technology scans both incoming and outgoing e-mail Eastman Kodak has a monitoring policy Computer matching –Mistaken identity –Stolen identity Terrorists use UNSENT e-mail as a virtual drop box

6 Privacy and Consumers Consumers want businesses to know who they are, provide them with what they want, and tell them about their products – BUT leave them alone. Cookies Spyware

7 Privacy and Government Canadians have the right to see all data held by the Federal Government about them –There is a database on who has made a request –Soviet Union 1974

8 Privacy and International Trade Which countries’ laws apply? –Buy –Ship –Destination

9 Ethics  The principles and standards that guide our behaviours toward other people. Technology has created many new ethical dilemmas Intellectual property: intangible Copyright: songs Fair use Doctrine: can legally use copyright material for education Pirated Software: unauthorized duplication or sale of copyright software Counterfeit Software: software manufactured to look real.

10

11 Developing Information Management Policies Ethical Computer Use Information Privacy Acceptable Use Email Privacy Internet Use Anti-Spam

12 Health Issues Repetitive Stress Injury (RSI) Carpal Tunnel Syndrome (CTS) Computer Vision Syndrome (CVS) Techno-stress Response: Ergonomics »Human factors engineering

13 You and Ethical Responsibility As a managerial end user, you have a responsibility to do something about some of the abuses of information and technology in the workplace. As IS Professionals there should be a code of ethics to follow –One that is generally accepted like other professions

14 Computer Crime The commission of illegal acts through the use of a computer or against a computer system

15 Computer Crime Money theft Service theft Software theft Data alteration or theft Computer Viruses Malicious Access – Hacking Crimes against the computer SWP Internal Audit Seminar, 1975-1980

16 Outside the Organization Viruses: destructive software written with the intent to cause annoyance or damage Benign Viruses Malignant Viruses Macro Viruses Worm Denial-of-service (single or distributed) Combinations Hoaxes Stand-alone Viruses Trojan Horse Viruses

17 The Players Hackers White-hat hackers Black-hat hackers Crackers Social Engineering Hactivists Cyber-terrorists Script Kiddies

18 Inside the Company Be careful who you hire and how you investigate potential problems

19 Computer Forensics The gathering, authentication, examination, and analysis of electronic information stored on any type of computer media, such as hard drives, floppy disks, or CD’s.

20 Recovery and Interpretation Places to look for stray information –Deleted files and slack space –Unused space Ways of hiding information –Rename the file –Make the information invisible –Use Windows to hide files –Protect the file with a password –Encrypt the file –Use Steganography –Compress the file

21 Information Security The protection of information from accidental or intentional misuse by persons inside or outside an organization The First Line of Defence –People –Develop and enforce policies –Ontario Hydro – “Can I help you?”

22

23 Social Engineering Using one’s social skills to trick people into revealing access credentials or other information valuable to the attackers.

24 The Second Line of Defence - Technology Authentication –Confirm user’s identity ID and password Smart card Fingerprint or voice signature Prevention and Resistance Firewalls Encryption Content filters Detection and Response Anti-virus software

25 Risk Management Identify Threats Assess Consequences Select Countermeasures Prepare contingency plans Monitor and review

26 Effective Controls Provide Quality Assurance Keep the information system free from errors and fraud Data Accuracy System Integrity Scan on data integrity within a database

27 Information System Controls 1.Input Controls 2.Processing Controls 3.Output Controls 4.Storage Controls

28 Information Systems Controls Input Controls –Control totals: record count, batch total, hash total –Ensure a valid transaction Processing Controls –Hardware controls: special checks built into the hardware to verify the accuracy of computer processing Parity Re-calculation –Software controls: check internal file labels, check points, audit trails; edits in application programs

29 Information Systems Controls Output Controls –Ensure that information products are correct and complete and are transmitted to authorized users in a timely manner Storage Controls –Program and database library –File back-up and retention

30 Facility Controls 1.Network Security 2.Physical Protection Controls 3.Biometric Controls 4.Computer Failure Controls

31 Facility Controls Network Security –Monitor the use of networks –Protect networks from unauthorized use –Give authorized users access through ID and passwords –Encryption Physical Protection –Security doors –ID badges –Alarms –Closed-circuit TV

32 Facility Controls Biometric Controls –Measure unique physical traits of individuals Signature, retinal scanning Computer Failure Controls –Fault tolerant: multiple CPU, peripherals and system software –Fail Safe: capability to operate at the same level –Fail Soft: capability to operate at a reduced but acceptable level

33 Procedural Controls Methods that specify how the information services organization should be operated for maximum security to facilitate the accuracy and integrity of computer operation and system development activities.

34 Procedural Controls Separation of Duties Standard Operating Procedures Authorization Requirements Disaster Recovery Auditing Information Systems

35 Procedural Controls Disaster Recovery (Business Continuity Planning) –Specifies duties of employees, what hardware, software, and facilities will be used, and the priority of applications that will be processed.

36 Procedural Controls Auditing Information Systems –Auditing around the computer: verify accuracy of output given specific input –Auditing through the computer: detailed verification of the logic of computer programs –Audit trail The presence of documentation that allows a transaction to be traced through all the stages of its information processing RCMP Auditor

37 Issues Information Systems and Management

Download ppt "Issues Information Systems and Management. Issues Privacy Ethics Health Computer Crime Security."

Similar presentations

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Security Issues and Ethics in Education

Security Issues and Ethics in Education
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS

ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
Chapter 10 Privacy and Security.

Chapter 10 Privacy and Security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.
4-1 Chapter Four Overview SECTION 4.1 - ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.

4-1 Chapter Four Overview SECTION ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

Similar presentations

Ads by Google