Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER.

Published byLinda Floyd Modified over 9 years ago

Similar presentations

Presentation on theme: "1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER."— Presentation transcript:

1 1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI MIS

2 2 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Risks Associated with Information Technologies Misuses of information technology –Invade users’ privacy –Commit computer crimes Minimize or prevent by: –Installing operating system updates regularly –Using antivirus software –Using e-mail security features

3 3 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Cookies –Small text files with a unique ID tag –Embedded in a Web browser –Saved on the user’s hard drive Can be useful or intrusive Many users disable cookies –By installing a cookie manager –Or using Web browser options

4 4 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Spyware and Adware Spyware –Software that secretly gathers information about users while they browse the Web –Can be used maliciously Install antivirus or antispyware software Adware –Form of spyware –Collects information about the user to display advertisements in the Web browser

5 5 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Phishing –Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites –To capture private information

6 6 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Keyloggers –Monitor and record keystrokes –Can be software or hardware devices –Sometimes used by companies to track employees’ use of e-mail and the Internet –Can be used for malicious purposes Some antivirus and antispyware programs protect against software keyloggers

7 7 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Sniffing and Spoofing Sniffing –Capturing and recording network traffic –Often used by hackers to intercept information Spoofing –Attempt to gain access to a network by posing as an authorized user to find sensitive information

8 8 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Privacy Issues Concerns about privacy in the workplace –Employers search social networking sites –Employee monitoring systems Misuse and abuse of information gathered by: –Healthcare organizations –Financial institutions –Legal firms Defining privacy is difficult –Information technologies have increased ease of access to information

9 9 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Privacy Issues (cont’d.) Number of databases is increasing rapidly Enforcement of federal laws has been lax Index and link databases using Social Security numbers –Direct marketing companies are major users of this information U.S. government began linking large databases to find information

10 10 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Privacy Issues (cont’d.) Federal laws now regulate collecting and using information on people and corporations –1970 Fair Credit Reporting Act Acceptable use policies Accountability Nonrepudiation Hardware or software controls –Determine what personal information is provided on the Web

11 11 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Data Collection on the Internet Number of people shopping online is increasing Some customers are reluctant to make online purchases –Concerns about hackers getting access to their credit card numbers –Many credit card companies reimburse fraudulent charges Other electronic payment systems are being developed

12 12 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Data Collection on the Internet (cont’d.) Concerned about computers’ contents being searched while they’re connected to the Internet Information users provide on the Web –Combined with other information and technologies to produce new information Log files –Generated by Web server software –Record a user’s actions on a Web site Data collected on the Internet must be used and interpreted with caution

13 13 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Ethical Issues of Information Technologies Ethics and ethical decision making –Moral guidelines people or organizations follow in dealing with others –More difficult to determine than legal versus illegal

14 14 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Ethical Issues of Information Technologies (cont’d.) Information technology offers many opportunities for unethical behavior –Cybercrime, cyberfraud, identity theft, and intellectual property theft Many associations promote ethically responsible use of information systems and technologies –Codes of ethics Quick ethics test

15 15 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Intellectual Property Intellectual property –Protections that involve copyrights, trademarks, trade secrets, and patents for “creations of the mind” developed by people or businesses Industrial property –Inventions, trademarks, logos, industrial designs Copyrighted material –Literary and artistic works –May apply to online materials –Exceptions under Fair Use Doctrine

16 16 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Intellectual Property (cont’d.) Trademark –Protects product names and identifying marks Patent –Protects new processes –Advantages of patents Software piracy Laws –Telecommunications Act of 1996 –Communications Decency Act (CDA) –Laws against spamming

17 17 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Intellectual Property (cont’d.) Internet use policy –Guard against legal issues and avoid the risks Cybersquatting –Registering, selling, or using a domain name to profit from someone else’s trademark

18 18 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Social Divisions and the Digital Divide Digital divide –Computers still aren’t affordable for many people –Haves and have-nots –Companies installing cables for Internet connections might subject their communities to a type of economic “red-lining” Children are often victims of this divide –Funding for computers at schools and libraries –Loaner programs

19 19 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems The Impact of Information Technology in the Workplace New jobs for: –Programmers –Systems analysts –Database and network administrators –Network engineers –Webmasters –Web page developers –e-commerce specialists –Chief information officers (CIOs) –Technicians

20 20 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems The Impact of Information Technology in the Workplace (cont’d.) Web designers Java programmers Web troubleshooters Telecommuting and virtual work Job deskilling –Skilled labor eliminated by introducing high technology –Job downgraded from a skilled to a semiskilled or unskilled position

21 21 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Advantages and Disadvantages of Telecommuting

22 22 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS

23 23 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Exhibit 5.1 The McCumber Cube

24 24 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Intentional Threats Viruses Worms Trojan programs Logic bombs Backdoors Blended threats (e.g., worm launched by Trojan) Rootkits Denial-of-service attacks Social engineering

25 25 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Viruses Type of malware In 2008, the number of computer viruses in existence exceeded one million Estimating the dollar amount of damage viruses cause can be difficult Usually given names –I Love You, Michelangelo Consists of self-propagating program code that’s triggered by a specified time or event

26 26 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Viruses (cont’d.) Seriousness of viruses varies Transmitted through a network and e-mail attachments –Bulletin or message boards Virus hoaxes –Can cause as much damage as real viruses Indications of a computer infected by a virus Best measure against viruses –Installing and updating antivirus programs

27 27 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Worms Travel from computer to computer in a network –Do not usually erase data Independent programs that can spread themselves without having to be attached to a host program Replicate into a full-blown version that eats up computing resources Well-known worms –Code Red, Melissa, and Sasser

28 28 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Trojan Programs Named after the Trojan horse the Greeks used to enter Troy during the Trojan Wars Contains code intended to disrupt a computer, network, or Web site Usually hidden inside a popular program

29 29 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Logic Bombs Type of Trojan program used to release a virus, worm, or other destructive code Triggered at a certain time or by an event

30 30 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Backdoors Programming routine built into a system by its designer or programmer Enable the designer or programmer to bypass system security and sneak back into the system later to access programs or files System users aren’t aware a backdoor has been activated

31 31 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Blended Threats Combine the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks Main goal is not just to start and transmit an attack, but also to spread it Multi-layer security system could guard against blended threats

32 32 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Denial-of-Service Attacks Flood a network or server with service requests –Prevent legitimate users’ access to the system Target Internet servers Distributed denial-of-service (DDoS) attack –Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period –Difficult to trace

33 33 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Social Engineering Using “people skills” to trick others into revealing private information –Takes advantage of the human element of security systems Use the private information they’ve gathered to break into servers and networks and steal data Commonly used social-engineering techniques –“Dumpster diving” and “shoulder surfing”

34 34 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Biometric Security Measures Use a physiological element to enhance security measures Devices and measures –Facial recognition –Fingerprints –Hand geometry –Iris analysis –Palmprints –Retinal scanning –Signature analysis – Vein analysis – Voice recognition

35 35 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Callback Modems Verify whether a user’s access is valid by: –Logging the user off –Calling the user back at a predetermined number Useful in organizations with many employees who work off-site

36 36 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Firewalls Combination of hardware and software Act as a filter or barrier between a private network and external computers or networks Network administrator defines rules for access Examine data passing into or out of a private network –Decide whether to allow the transmission based on users’ IDs, the transmission’s origin and destination, and the transmission’s contents

37 37 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Exhibit 5.3 A Basic Firewall Configuration

38 38 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Firewalls (cont’d.) Possible actions after examining packet –Reject the incoming packet –Send a warning to the network administrator –Send a message to the packet’s sender that the attempt failed –Allow the packet to enter (or leave) the private network

39 39 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Firewalls (cont’d.) Main types of firewalls –Packet-filtering firewalls –Application-filtering firewalls –Proxy servers

40 40 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Exhibit 5.4 A Proxy Server

41 41 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Intrusion Detection Systems Protect against both external and internal access Placed in front of a firewall Prevent against DoS attacks Monitor network traffic “Prevent, detect, and react” approach Require a lot of processing power and can affect network performance

42 42 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Physical Security Measures Primarily control access to computers and networks Include: –Cable shielding –Corner bolts –Electronic trackers –Identification (ID) badges –Proximity-release door openers –Room shielding –Steel encasements

43 43 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Access Controls Terminal resource security –Software feature that erases the screen and signs the user off automatically after a specified length of inactivity Password –Combination of numbers, characters, and symbols that’s entered to allow access to a system –Length and complexity determine its vulnerability to discovery –Guidelines for strong passwords

44 44 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Virtual Private Networks Provide a secure “tunnel” through the Internet –For transmitting messages and data via a private network Remote users have a secure connection to the organization’s network Low cost Slow transmission speeds

45 45 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Data Encryption Transforms data, called “plaintext” or “cleartext,” into a scrambled form called “ciphertext” Rules for encryption determine how simple or complex the transformation process should be –Known as the “encryption algorithm” Protocols: –Secure Sockets Layer (SSL) –Transport Layer Security (TLS)

46 46 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Exhibit 5.7 Using Encryption

47 47 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems E-commerce Transaction Security Measures Three factors are critical for security: –Authentication –Confirmation –Nonrepudiation Transaction security –Confidentiality –Authentication –Integrity –Nonrepudiation of origin –Nonrepudiation of receipt

48 48 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning Chapter 4 Personal, Legal, Ethical, and Organizational Issues of Information Systems Business Continuity Planning Outlines procedures for keeping an organization operational Prepare for disaster Plan steps for resuming normal operations as soon as possible

Download ppt "1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER."

Similar presentations

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 MIS, Chapter 5 ©2011 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS.

1 MIS, Chapter 5 ©2011 Course Technology, a part of Cengage Learning PROTECTING INFORMATION RESOURCES CHAPTER 5 Hossein BIDGOLI MIS.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Cookies Are small text filer with or unique ID tag that are embedded in a Web browser and saved on the user hard drive. Cookies also make it possible.

Cookies Are small text filer with or unique ID tag that are embedded in a Web browser and saved on the user hard drive. Cookies also make it possible.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
MIS PROTECTING INFORMATION RESOURCES Biometrics Identity theft

MIS PROTECTING INFORMATION RESOURCES Biometrics Identity theft
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER.

1 MIS, Chapter 4 ©2011 Course Technology, a part of Cengage Learning PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER.

Similar presentations

Ads by Google