Fundamentals of Information Systems, Seventh EditionFundamentals of Information Systems, Seventh...

FundamentalsofInformationSystems,SeventhEdition

FundamentalsofInformationSystems,SeventhEdition 1

Chapter 9The Personal and Social

Impact of Computers

PrinciplesandLearningObjectives(continued)

• Computercrimeisaseriousandrapidlygrowingareaofconcernrequiringmanagementattention– Explainthetypesofcomputercrimeandtheireffects

– Identifyspecificmeasurestopreventcomputercrime

• Jobs,equipment,andworkingconditionsmustbedesignedtoavoidnegativehealtheffectsfromcomputers– Listtheimportantnegativeeffectsofcomputersontheworkenvironment

– Identifyspecificactionsthatmustbetakentoensurethehealthandsafetyofemployees

• Practitionersinmanyprofessionssubscribetoacodeofethicsthatstatestheprinciplesandcorevaluesthatareessentialtotheirwork– Outlinecriteriafortheethicaluseofinformationsystems

WhyLearnAboutthePersonalandSocialImpactoftheInternet?

• Bothopportunitiesandthreats:– SurroundawiderangeofnontechnicalissuesassociatedwiththeuseofinformationsystemsandtheInternet

• Youneedtoknowaboutthetopicsinthischapter:– Tohelpavoidbecomingavictimofcrime,fraud,privacyinvasion,andotherpotentialproblem

ComputerCrime

• 300,000crimesreportedtoTheInternetCrimeComputerCenterin2010

• Twomostcommononlinecomputercrimes:– Undeliveredmerchandiseornonpayment– IdentitytheftusingnamesandphotosofU.S.governmentofficials

TheComputerasaTooltoCommitCrime

• Computercriminalneedstwocapabilitiestocommitcrime:– Howtogainaccesstothecomputersystem– Howtomanipulatethesystemtogetthedesiredresult

• Socialengineering:– Usingsocialskillstogetcomputeruserstoprovideinformationtoaccessaninformationsystem

• Dumpsterdiving:– Goingthroughtrashcanstofindsecretorconfidentialinformation

Cyberterrorism• HomelandSecurityDepartment’sInformationAnalysisandInfrastructureProtection-Directorate:– Servesasafocalpointforthreatassessment,warning,investigation,andresponseforthreatsorattacksagainstthecountry’scriticalinfrastructure

• Cyberterrorist:– Intimidatesorcoercesagovernmentororganizationtoadvancehisorherpoliticalorsocialobjectives

IdentityTheft

• Imposterobtainspersonalidentificationinformationinordertoimpersonatesomeoneelse:– Toobtaincredit,merchandise,andservicesinthenameofthevictim

– Tohavefalsecredentials

InternetGambling

• Globalonlinegamblingmarketover$30billion

• Lawsregardinglegalityofonlinegamblingquiteconfusing

• RevenuesgeneratedbyInternetgamblingrepresentamajoruntappedsourceofincomeforstateandfederalgovernments

TheComputerasaTooltoFightCrime

• Informationsystemscanbeusedtofightcrimeinmanyways:

• LeadsOnlineWeb-basedservicesystem:– Usedbylawenforcementtorecoverstolenproperty

– Containshundredsofmillionsofrecordsinitsdatabase

– Allowslawenforcementofficerstosearchthedatabasebyitemserialnumberorbyindividual

MonitoringCriminals• JusticeXchange:–Web-baseddatasharingsystem– ProvidesinformationaboutoffendersheldinparticipatingjailsacrosstheUnitedStates

• OffenderWatch:–Web-basedsystemusedtotrackregisteredsexoffenders

– Storestheregisteredoffender’saddress,physicaldescription,andvehicleinformation

– PubliccanaccessdatabaseFundamentalsofInformationSystems,

SeventhEdition 12

AssessingCrimeRiskforaGivenArea

• CAPIndexprovidesquickoverviewofcrimeriskatagivenaddress

• OthercommonGISsystemsinclude:– TheNationalEquipmentRegistry– TheCompStatprogram– CargoNet

TheComputerastheObjectofCrime

• Crimesfallintoseveralcategories:– Illegalaccessanduse– Dataalterationanddestruction– Informationandequipmenttheft– SoftwareandInternetpiracy– Computer-relatedscams– Internationalcomputercrime

IllegalAccessandUse

• Hacker:– Learnsaboutandusescomputersystems

• Criminalhacker:– Gainsunauthorizeduseorillegalaccesstocomputersystems

• Scriptbunny:– Automatesthejobofcrackers

• Insider:– Employeewhocomprisescorporatesystems

IllegalAccessandUse(continued)• Virus:– Programfilecapableofattachingtodisksorotherfilesandreplicatingitselfrepeatedly

• Worm:– Parasiticcomputerprogramsthatreplicatebut,unlikeviruses,donotinfectothercomputerprogramfiles

• Trojanhorse:– Maliciousprogramthatdisguisesitselfasausefulapplicationorgameandpurposefullydoessomethingtheuserdoesnotexpect

IllegalAccessandUse(continued)• Rootkit:– Setofprogramsthatenableitsusertogainadministratorlevelaccesstoacomputerornetwork

• Logicbomb:– TypeofTrojanhorsethatexecuteswhenspecificconditionsoccur

• Variant:–Modifiedversionofavirusthatisproducedbyvirus’sauthororanotherperson

Spyware

• Softwareinstalledonapersonalcomputerto:– Interceptortakepartialcontroloveruser’sinteractionwiththecomputerwithoutknowledgeorpermissionoftheuser

• SimilartoaTrojanhorseinthat:– UsersunknowinglyinstallitwhentheydownloadfreewareorsharewarefromtheInternet

InformationandEquipmentTheft

• Passwordsniffer:– Smallprogramhiddeninanetworkthatrecordsidentificationnumbersandpasswords

• Portablecomputerssuchaslaptopsandportablestoragedevicesareespeciallyeasyforthievestotake:– Dataandinformationstoredinthesesystemsaremorevaluablethantheequipment

PatentandCopyrightViolations

• Softwarepiracy:– Actofunauthorizedcopyingordistributionofcopyrightedsoftware

– Penaltiescanbesevere• Digitalrightsmanagement:– Theuseofanyofseveraltechnologiestoenforcepoliciesforcontrollingaccesstodigitalmedia

PatentandCopyrightViolations(continued)

• Patentinfringement:– Occurswhensomeonemakesunauthorizeduseofanother’spatent

– Penaltyisuptothreetimesthedamagesclaimedbythepatentholder

Computer-RelatedScams

• Phishing:– Perpetratorsendemailthatlooksasifitcamefromalegitimateinstitution

– Recipientaskedtoprovidepersonalidentificationinformationsuchapinnumberandpassword

• Overthepastfewyears:– Creditcardcustomersofvariousbankshavebeentargetedbyscamartiststryingtogetpersonalinformationusingphishing

Computer-RelatedScams(continued)

• Vishing:– Similartophishing– Insteadofusingthevictim’scomputer,itusesthevictim’sphone

InternationalComputerCrime

• Computercrimebecomesmorecomplexwhenitcrossesborders

• Moneylaundering:– Disguisingillegallygainedfundssothattheyseemlegal

PreventingComputer-RelatedCrime

• Greateremphasisplacedonpreventionanddetectionofcomputercrimeby:– Privateusers– Companies– Employees– Publicofficials

CrimePreventionbyStateandFederalAgencies

• Stateandfederalagenciesaggressivelyattackingcomputercriminals

• ComputerFraudandAbuseActof1986:–Mandatespunishmentbasedonthevictim’sdollarloss

• ComputerEmergencyResponseTeam(CERT):– Respondstonetworksecuritybreaches–Monitorssystemsforemergingthreats

CrimePreventionbyCorporations

• Companiestakingcomputercrimeseriously– Encryptionusedtoencodedata– Role-basedsystemaccessliststocontrolsystemaccess

– Separationofdutiestopreventcollusion– Useoffingerprintauthenticationdevicestogainaccess

CrimePreventionbyCorporations(continued)

• Guidelinestoprotectyourcomputerfromcriminalhackers:– Installstronguserauthenticationandencryptioncapabilitiesonyourfirewall

– Installthelatestsecuritypatches– Disableguestaccountsandnulluseraccounts– Turnaudittrailson– ConsiderinstallingcallerID– InstallacorporatefirewallbetweenyourcorporatenetworkandtheInternet

UsingIntrusionDetectionSoftware

• Usingintrusiondetectionsoftware:– Intrusiondetectionsystem(IDS):• Monitorssystemandnetworkresources• Notifiesnetworksecuritypersonnelwhenitsensesapossibleintrusion• Canprovidefalsealarms

SecurityDashboard

• SecurityDashboard:– Providescomprehensivedisplayonasinglecomputerscreenof:• Allthevitaldatarelatedtoanorganization’ssecuritydefenses,includingthreats,exposures,policycompliance,andincidentalerts

UsingManagedSecurityServiceProviders

• Usingmanagedsecurityserviceproviders(MSSPs):–Manyorganizationsareoutsourcingtheirnetworksecurityoperations

GuardingAgainstTheftofEquipmentandData

• Organizationsneedtotakestrongmeasurestoguardagainstthetheftofcomputerhardwareandthedatastoredsuchas:– Setguidelinesonwhatkindofdatacanbestoredonlaptops

– Encryptdataonlaptops– Securelaptops– Providetrainingonsafehandlingoflaptops– Installtrackingsoftware

CrimePreventionforIndividualsandEmployees

• Identitytheft:– Toprotectyourself,regularlycheckcreditreportswithmajorcreditbureaus

• Malwareattacks:– Antivirusprogramsruninthebackgroundtoprotectyourcomputer

–Manye-mailservicesandISPprovidersofferfreeantivirusprotection

CrimePreventionforIndividualsandEmployees(continued)

• Computerscams:– Tipstohelpyouavoidbecomingavictim:• Don’tagreetoanythinginahigh-pressuremeetingorseminar• Don’tjudgeacompanybasedonappearances• Avoidanyplanthatpayscommissionssimplyforrecruitingadditionaldistributors• Bewareofshills• Bewareofacompany’sclaimthatitcansetyouupinaprofitablehome-basedbusiness

PrivacyIssues

• Issueofprivacy:– Dealswiththerighttobeleftaloneortobewithdrawnfrompublicview

• Dataisconstantlybeingcollectedandstoredoneachofus

• Thisdataisoftendistributedovereasilyaccessednetworksandwithoutourknowledgeorconsent

• Whoownsthisinformationandknowledge?FundamentalsofInformationSystems,

SeventhEdition 37

PrivacyandtheFederalGovernment

• Thefederalgovernment:– Hasimplementedanumberoflawsaddressingpersonalprivacy

• EuropeanUnion:– Hasdata-protectiondirectivethatrequiresfirmstransportingdataacrossnationalboundariestohavecertainprivacyproceduresinplace

PrivacyatWork

• EmployersusingtechnologyandcorporatepoliciestomanageworkerproductivityandprotecttheuseofISresources.

• EmployersconcernedaboutinappropriateWebsurfing,withoverhalfofemployersmonitoringWebactivityoftheiremployees.

• Organizationsalsomonitoremployees’e-mail,withmorethanhalfretainingandreviewingmessages.

PrivacyatWork(continued)

• Mostemployerstodayhaveapolicythatexplicitlyeliminatesanyexpectationofprivacywhenanemployeeusesanycompany-ownedcomputer,server,ore-mailsystem.

• Thecourtshaveruledthat,withoutareasonableexpectationofprivacy,thereisnoFourthAmendmentprotectionfortheemployee.

PrivacyandE-Mail

• Federallawpermitsemployerstomonitore-mailsentandreceivedbyemployees

• E-mailmessagesthathavebeenerasedfromharddiskscanberetrievedandusedinlawsuits

• Useofe-mailamongpublicofficialsmightviolate“openmeeting”laws

PrivacyandInstantMessaging

• Toprotectyourprivacyandyouremployer’sproperty:– DonotsendpersonalorprivateIMsatwork– Chooseanonrevealing,nongender-specific,unprovocativeIMscreenname

– Donotopenfilesorclicklinksinmessagesfrompeopleyoudonotknow

– NeversendsensitivepersonaldatasuchascreditcardnumbersviaIM

PrivacyandPersonalSensingDevices

• RFIDtags:–Microchipswithantenna– Embeddedinmanyoftheproductswebuy:• Medicinecontainers,clothing,computerprinters,carkeys,librarybooks,tires

– Generateradiotransmissionsthat,ifappropriatemeasuresarenottaken,canleadtopotentialprivacyconcerns

PrivacyandtheInternet• HugepotentialforprivacyinvasionontheInternet:– E-mailmessages– VisitingaWebsite– BuyingproductsovertheInternet

• PlatformforPrivacyPreferences(P3P):– Screeningtechnology

• Socialnetworkservices:– Parentsshoulddiscusspotentialdangers,checktheirchildren’sprofiles,andmonitortheiractivities

PrivacyandtheInternet(continued)

• Children’sOnlinePrivacyProtectionAct(COPPA)– DirectedatWebsitescateringtochildren– Requiressiteownerstopostcomprehensiveprivacypoliciesandtoobtainparentalconsentbeforetheycollectanypersonalinformationfromchildrenunder13yearsofage

• Websiteoperatorsareliableforcivilpenaltiesofupto$11,000perviolation

InternetLibelConcerns

• Libel:– Publishinganintentionallyfalsewrittenstatementthatisdamagingtoaperson’sororganization’sreputation

• Individuals:– CanpostinformationtotheInternetusinganonymouse-mailaccountsorscreennames

–MustbecarefulwhattheypostontheInternettoavoidlibelcharges

PrivacyandFairnessinInformationUse

• Sellinginformationtoothercompaniescanbesolucrativethatmanycompanieswillstoreandsellthedatatheycollectoncustomers,employees,andothers–Whenisthisinformationstorageandusefairandreasonabletothepeoplewhosedataisstoredandsold?

– Dopeoplehavearighttoknowaboutdatastoredaboutthemandtodecidewhatdataisstoredandused?

FilteringandClassifyingInternetContent

• Filteringsoftware:– HelpscreenInternetcontent

• Children’sInternetProtectionAct(CIPA)– SchoolsandlibrariessubjecttoCIPAdonotreceivethediscountsofferedbythe“E-Rate”programunlesstheycertifythattheyhavecertainInternetsafetymeasuresinplacetoblockorfilter“visualdepictionsthatareobscene,childpornography,orareharmfultominors”

PrivacyActof1974

• Providesprivacyprotectionfromfederalagencies

• AppliestoallfederalagenciesexcepttheCIAandlawenforcementagencies

• Requirestrainingforallfederalemployeeswhointeractwitha“systemofrecords”undertheact

ElectronicCommunicationsPrivacyAct

• Dealswiththreemainissues– Protectionofcommunicationswhileintransitfromsendertoreceiver– Protectionofcommunicationsheldinelectronicstorage– Prohibitionofdevicestorecorddialing,routing,addressing,and

signalinginformationwithoutasearchwarrant– Prohibitsgovernmentfrominterceptingelectronicmessagesunlessit

obtainsacourtorderbasedonprobablecause.– Prohibitsaccesstowireandelectroniccommunicationsforstored

communicationsnotreadilyaccessibletothegeneralpublic

Gramm-Leach-BlileyAct

– Requiresfinancialinstitutionstoprotectcustomers’nonpublicdata

– Assumesthatallcustomersapproveofthefinancialinstitutions’collectingandstoringtheirpersonalinformation.

USAPatriotAct

– PassedinresponsetotheSeptember11terrorismacts

– Proponentsarguethatitgivesnecessarynewpowerstobothdomesticlawenforcementandinternationalintelligenceagencies.

– Criticsarguethatthelawremovesmanyofthechecksandbalancesthatpreviouslyallowedthecourtstoensurethatlawenforcementagenciesdidnotabusetheirpowers.

CorporatePrivacyPolicies

–Mostorganizationsrealizethatinvasionsofprivacycanhurttheirbusiness,turnawaycustomers,anddramaticallyreducerevenuesandprofits

–Mostorganizationsmaintainprivacypolicies,eventhoughtheyarenotrequiredbylaw

– Policiesshouldaddressacustomer’sknowledge,control,notice,andconsentoverthestorageanduseofinformation

IndividualEffortstoProtectPrivacy

• Toprotectpersonalprivacy:– Findoutwhatisstoredaboutyouinexistingdatabases

– Becarefulwhenyoushareinformationaboutyourself

– Beproactivetoprotectyourprivacy– TakeextracarewhenpurchasinganythingfromaWebsite

TheWorkEnvironment

• Useofcomputer-basedinformationsystemshaschangedtheworkforce:– JobsthatrequireISliteracyhaveincreased– Less-skilledpositionshavedecreased

• Enhancedtelecommunications:– Hasbeentheimpetusfornewtypesofbusiness– Hascreatedglobalmarketsinindustriesoncelimitedtodomesticmarkets

HealthConcerns

• Occupationalstress• Seatedimmobilitythromboembolism(SIT)• Carpaltunnelsyndrome(CTS)• Videodisplayterminal(VDT)bill:– Employeeswhospendatleastfourhoursadayworkingwithcomputerscreensshouldbegiven15-minutebreakseverytwohours

AvoidingHealthandEnvironmentProblems

• Workstressors:– Hazardousactivitiesassociatedwithunfavorableconditionsofapoorlydesignedworkenvironment

• Ergonomics:– Scienceofdesigningmachines,products,andsystemstomaximizesafety,comfort,andefficiencyofpeoplewhousethem

EthicalIssuesinInformationSystems

• Codeofethics:– Statestheprinciplesandcorevaluesessentialtoasetofpeopleand,therefore,governtheirbehavior

– Canbecomeareferencepointforweighingwhatislegalandwhatisethical

EthicalIssuesinInformationSystems(continued)

–Mishandlingofthesocialissuesdiscussedinthischapter—includingwasteandmistakes,crime,privacy,health,andethics—candevastateanorganization

– Preventionoftheseproblemsandrecoveryfromthemareimportantaspectsofmanaginginformationandinformationsystemsascriticalcorporateassets

Summary• Somecrimesusecomputersastools• Cyberterrorist:– Intimidatesorcoercesagovernmentororganizationtoadvancehisorherpoliticalorsocialobjectives

Summary(continued)• Todetectandpreventcomputercrimeuse:– Antivirussoftware– Intrusiondetectionsystems(IDSs)

• Privacyissues:– Aconcernwithgovernmentagencies,e-mailuse,corporations,andtheInternet

• Businesses:– Shoulddevelopaclearandthoroughpolicyaboutprivacyrightsforcustomers,includingdatabaseaccess

Summary(continued)• Computer-relatedscams:– Havecostpeopleandcompaniesthousandsofdollars

• Ergonomics:– Thestudyofdesigningandpositioningcomputerequipment

• Codeofethics:– Statestheprinciplesandcorevaluesthatareessentialtothemembersofaprofessionororganization

Fundamentals of Information Systems, Seventh EditionFundamentals of Information Systems, Seventh...

Documents

Fundamentals of Navigation Systems

Fundamentals of Management - testbanklive.com · Instructor’s Manual Fundamentals of Management SEVENTH EDITION Ricky W. Griffin Texas A&M University Ramachandran Subramanian Montclair

Fundamentals of Control Systems

Fundamentals of Information Systems, Seventh Edition · PDF fileFundamentals of Information Systems, Seventh Edition 1 Fundamentals of Information Systems, Seventh Edition Chapter

Accounting Information Systems (Seventh Edition).pdf

SPACE SYSTEMS FUNDAMENTALS - NPS

Fundamentals of Information Systems, Seventh Editionhome.ku.edu.tr/.../indr481_fall2015/indr481_fall2015_chapter7.pdf · Fundamentals of Information Systems, ... Seventh Edition 14

Fundamentals of Multiagent Systems

Fundamentals of Teleprotection Systems

Fundamentals of Information Systems, Seventh Edition Chapter 5 Electronic and Mobile Commerce and Enterprise Systems 1Fundamentals of Information Systems,

Fundamentals of Information Systems, Seventh Editionlogistics and warehouse and storage, production and manufacturing, finished product storage, outbound logistics, marketing and sales,

Understanding Operating Systems Seventh Edition Chapter 15 Linux Operating Systems

Fundamentals of Information Systems, Seventh Editionhome.ku.edu.tr/~mehmetgonen/indr481_fall2015/indr481_fall2015... · • Manufacturing, repair, and operations (MRO): ... bartering

Fundamentals of Distribution Systems

Cooling Water Systems Fundamentals

Embedded Systems Fundamentals

Systems & Control Fundamentals

Fundamentals of Business Information Systems · 2019-10-18 · Fundamentals of BIS; Intro to Operations Management Nr. 1 Fundamentals of Business Information Systems Information Systems

Fundamentals of Database Systems - HPKClasses.irhpkclasses.ir/.../PDF/FundamentalsofDatabaseSystemsElmasriNavat… · Fundamentals of Database Systems . ... 2.2 DBMS Architecture

Power Systems Fundamentals