0176503943_312407[1]
TRANSCRIPT
-
7/28/2019 0176503943_312407[1]
1/37
Chapter 2
The Personal and
Social Impact of ComputersCopyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
2/37
Discuss:
What are some of the problems that IS can create
What do companies need to do to avert problems
What do individuals need to do to protect identity
In April 2011, Sony had aproblem. What was the problem? Who was impacted?
Tyler Olson/Shutterstock.com
Barone Firenze/Shutterstock.com
2-2Copyright 2012 Nelson Education Ltd.
Principles and Learning Objectives
-
7/28/2019 0176503943_312407[1]
3/37
What You Will Learn
How to avoid waste and mistakes
Establishing policies and procedures for prevention
Need for security to prevent computer crime
How to avoid negative health effects Designing positive working conditions
Why a code of ethics is essential
2-3Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
4/37
Why Learn About thePersonal and Social Impact?
To understand that IS issues are both technicalandnon-technical
To recognize socially responsible IS
To avoid becoming a victim of computer crime
To prevent identity theft
2-4Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
5/37
Computer Waste and Mistakes
Computer waste:
Poor system design
Output not needed
Computer-related mistakes: System does not work properly
Incorrect results
Wasted hw and sw investment
PozitivStudija/Shutterstock.com
2-5Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
6/37
LawrenceCruciana/Shutte
rstock.com
2-6Copyright 2012 Nelson Education Ltd.
Origin of spam
SPiced hAM (canned luncheon meat)
Applied to unwanted items; from Monty Python
sketch Spam filter:
Blocks spam
95% of e-mail is spam
Another Waste Of Resources = Spam
-
7/28/2019 0176503943_312407[1]
7/37
Good Policies and Procedures
Input of data checked for errors
Only authorized users allowed to access system
User manual easy to read and accessible
Computer programs thoroughly tested Procedures for malfunctioning equipment
Procedures for environmental issues
Assurance that computing capacity is sufficient
Data current and up-to-date
Program changes tightly controlled
2-7Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
8/37
Monitoring Policies and Procedures
Check routine practices
Take corrective action ifnecessary
Implement internal audits Measure actual results against
established goals
Ensure that users are authorized
Copyright 2012 Nelson Education Ltd. 2-8
Kletr/Shutterstock.com
-
7/28/2019 0176503943_312407[1]
9/37
Reviewing Policies and Procedures
AugustoCabral/Shutterstock.com
2-9Copyright 2012 Nelson Education Ltd.
Are current policies adequate?
What new activities areplanned in the future?
Are contingencies anddisasters covered?
-
7/28/2019 0176503943_312407[1]
10/37
Computer Crime
Copyright 2012 Nelson Education Ltd. 2-10
Tyler Olson/Shutterstock.com
Undelivered merchandise or non-payment
Identity theft
Credit card fraud
Auction fraud
-
7/28/2019 0176503943_312407[1]
11/37
The Computer as a Toolto Commit Crime
Dumpster diving:
Looking for confidential waste
in trash
Slavoljub Pantelic/Shutterstock.com
LarryPowell/Shutterstock.com
2-11Copyright 2012 Nelson Education Ltd.
Social engineering:
Cleverly asking users for information
Phishing
-
7/28/2019 0176503943_312407[1]
12/37
Cyberterrorism
CCIRC Canadian Cyber Incident Response Centre
IMPACT International Multilateral Partnership Against Cyber Terrorism
Threats: From other states
Targets
Infrastructure Communications
Network
Major installations
hornyak/Shutterstock.com
2-12Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
13/37
Identity Theft
Personal information compromised
Phishing (asking by e-mail)
Vishing (asking by phone)
Stolen from a company Example: Sony Playstation
Purpose
Steal from bank account
Use of credit card
Access to personal services
2-13Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
14/37
2-14Copyright 2012 Nelson Education Ltd.
$21 billion in 2010
20% per annum growth rate
Source of income for governments
BUTwhat will happen if governments start taxinggambling in their jurisdiction?
Internet Gambling
-
7/28/2019 0176503943_312407[1]
15/37
The Computer as aTool to Fight Crime
Leads Online Web-basedservice system:
Database of stolen property
More than 250 million records
Search by item serial number or by individual Monitoring Sex Offenders
Web-based system
Database of offenders address, description, and car
GPS tracking devices and special software
Tracks movement of offenders
2-15Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
16/37
Use of GeographicInformation Systems
Used by law enforcement agencies
Analysis of patterns
Identification of areas at risk
2-16Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
17/37
Common Methods Usedto Commit Computer Crimes
2-17Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
18/37
Illegal Access and Use
Hacker:
Unauthorized access for the fun of it
Criminal hacker (cracker):
Unauthorized access to steal or harm
Script bunny:
Automates the job of crackers
Insider: Employee who comprises corporate systems
Photomak/Shutterstock.com
2-18Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
19/37
Type of Malware Description
Logic bomb Trojan horse which triggers when a specificcondition occurs
Rootkit Enables hacker to gain administrator-level
accessTrojan horse Malicious program that disguises itself as an
application or game
Variant Modified version of a virus created byamending original code
Virus File that attaches itself to other files andreplicates itself repeatedly
Worm Parasitic program like a virus, but does notinfect other programs
2-19Copyright 2012 Nelson Education Ltd.
Common Types of Malware
-
7/28/2019 0176503943_312407[1]
20/37
Spyware:
Form of Trojan horse
Can capture keystrokes
Password sniffer: Small program hidden in a network
Records identification numbers and passwords
Stealing small devices:
Laptops
Memory sticks
Data is the value
Other Dangers
cg-art/Shutterstock.com
2-20Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
21/37
Patent and CopyrightViolations
Klara Viskova/Shutterstock.com
2-21Copyright 2012 Nelson Education Ltd.
Protection of Intellectual Property (IP)
Software piracy:
CAAST
Canadian Alliance Against Software Theft BSA
Business Software Alliance
Patent infringement:
Use of anothers patent
-
7/28/2019 0176503943_312407[1]
22/37
Crime Prevention by Government
Legislation
Canadian Cyber Incident Response centre (CCIR)
Computer Emergency Response Team (CERT):
Responds to network security breaches
Monitors systems for emerging threats
2-22Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
23/37
Crime Prevention by Corporations
Install a firewall to protect internal computer network
Strong user authentication and encryption
Install the latest security patches
Disable guest accounts and null user accounts
Turn audit trails on
Install caller ID
2-23Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
24/37
2-24Copyright 2012 Nelson Education Ltd.
Intrusion Detection
Intrusion
Unauthorized users
Too many attempts
Intrusion detection software (IDS) Monitors system and network resources
Notifies security personnel intrusion is sensed
Security Dashboard
Threats, exposures, compliance, alerts
Outsourcing
Managed Security Service Providers (MSSPs)
-
7/28/2019 0176503943_312407[1]
25/37
Crime Prevention for Individuals andEmployees
Protection from identity theft:
Regularly check credit reports with major credit bureaus
Contract with service companies
Insure against identity theft Protection from malware attacks:
Run anti-virus programs
Keep it up to date
Scan incoming e-mails
Scan removable media (e.g., CDs and USBs)
2-25Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
26/37
-
7/28/2019 0176503943_312407[1]
27/37
Privacy: E-mail and Instant Messaging
E-mail and federal law:
Employers may monitor employees e-mail
Erased e-mails can be retrieved and used in lawsuits
Instant Messaging (IM) Privacy Do not send personal IMs at work
Choose nonrevealing, unprovocative IM name
Do not open files or click links from unknown people
Never send sensitive personal data via IM
2-27Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
28/37
AlbertLozano/Shutterstock.com
2-28Copyright 2012 Nelson Education Ltd.
Privacy andPersonal Sensing Devices
RFID tags:
Microchips with antenna
Embedded in many of the products we buy
medicine containers clothing
computer printers
car keys
library books Collection of data about personal habits
-
7/28/2019 0176503943_312407[1]
29/37
Privacy and theInternet
Trail of
E-mail messages
Web sites visited
Products bought
Social networks:
Facebook, MySpace
Caution about what you post and privacy settings
Platform for Privacy Preferences (P3P):
Privacy policies will be scanned to alert users
Tish1/Shutterstock.com
2-29Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
30/37
Internet Content Concerns
Libel:
Publishing An Intentionally False Written Statement
Damages A Persons Or Organizations Reputation
Individuals: Information Can Be Posted Anonymously Or With
False Names
Internet Content Rating Association (ICRA):
Protects Children From Potentially Harmful Material Safeguards Free Speech On The Internet
2-30Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
31/37
2-31Copyright 2012 Nelson Education Ltd.
Fairness in Information Use
PIPEDA (Personal Information Protection andElectronic Documents Act)
Individual must consent to collection of their data
ECPA (Electronic Commerce Protection Act) Aimed at spam and malware
Illegal to install software that sends a message withoutconsent of user
Commercial messages only sent to consenting customer
-
7/28/2019 0176503943_312407[1]
32/37
Individual Efforts to Protect Privacy
2-32Copyright 2012 Nelson Education Ltd.
Find out what is stored about you in existingdatabases
Be careful when you share information about
yourself Be proactive to protect your privacy
Take extra care when purchasing anything via theWeb
-
7/28/2019 0176503943_312407[1]
33/37
The Changing Work Environment
Jobs
Jobs that require IS literacy have increased
Less-skilled positions have decreased
Business Expansion from local markets to global markets
Creation of new jobs through reengineering
Closer contact with the customer via the Internet
2-33Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
34/37
Health Concerns
Occupational stress
Seated immobility thromboembolism (SIT)
Carpal tunnel syndrome (CTS)
Legislation San Francisco: Video display terminal (VDT) bill
For employees who are at VDTs more than 4 hrs perday
15 minute breaks every 2 hours
2-34Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
35/37
Avoiding Health and EnvironmentProblems
Create favourable conditions
Design the environment to fitthe work
Ergonomics: Science of designing products
and systems to maximize:
Safety, comfort, and
efficiency of people who usethem
2-35Copyright 2012 Nelson Education Ltd.
C
SquaredPhotoStudios/Photodisc/GettyImages
-
7/28/2019 0176503943_312407[1]
36/37
Ethical Issues in Information Systems
Code of ethics:
Principles and core values essential to a set of people
Governs behaviour
Reference point for what is legal and ethical Is it ethical or illegal or both?
Companies reading an employees e-mail
Downloading music to your iPod
Future employers checking you out on Facebook
2-36Copyright 2012 Nelson Education Ltd.
-
7/28/2019 0176503943_312407[1]
37/37
Summary of Principles
Establish policies and procedures to avoidcomputer waste and mistakes
Be aware of the risks of computer crime
Design jobs, equipment and work conditions sothat negative health effects are avoided
Be familiar with and practice the code of ethics towhich your profession subscribes