1

Chapter 8

Protecting People and Information

Threats and Safeguards

2

Presentation Overview

Ethics Privacy Information Security

3

Opening Case StudyDigital Destruction Beyond All

Imagination

One of the lessons learned from 9/11 is that with careful and thorough protection of important information, not even a calamity like the one that occurred in New York can put you out of business.

http://www.cnn.com/SPECIALS/2001/trade.center/tenants1.html

In what ways is information vulnerable and what can you do to protect important information?

4

Ethics

Ethics - the _________ and standards that guide our behavior toward other people.

Ethics depend on:1. Your basic ethical _________ , which you

developed as you grew up.2. The set of practical _________ involved in the

decision that you’re trying to make – that is, all the shades of gray in what are rarely black or white decisions.

5

EthicsTwo Factors That Determine How You

Decide Ethical Issues

1. Consequences2. _________3. Likelihood of effect4. Time to _________ 5. Relatedness6. Reach of result

6

Ethics Intellectual Property

_________ - intangible creative work that is embodied in physical form.

Copyright - the legal protection afforded an expression of an idea.

_________ - says that you may use copyrighted material in certain situations.

_________ - the unauthorized use, duplication, distribution or sale of copyrighted software.

_________ - software that is manufactured to look like the real thing and sold as such.

7

Privacy

Privacy - the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your

consent.

8

PrivacyPrivacy and Other Individuals

E-mail is completely insecure.

Each e-mail you send results in at least 3 or 4 copies being stored on different computers.

9

PrivacyPrivacy and Employees

Companies need information about their employees and customers to be effective in the marketplace.

In 2001, 63% of companies monitored employee Internet connections including about two-thirds of the 60 billion electronic messages sent by 40 million e-mail users.

10

PrivacyPrivacy and Consumers

Customers want businesses to: Know who they are, but they want them

to leave them alone. _________ what they want, but they don’t

want businesses knowing too much about their habits and preferences.

Tell them about _________ and _________ they might like to have, but don’t want to be inundated with ads.

11

PrivacyPrivacy and Consumers

_________ - a small record deposited on your hard disk by a Web site containing information about you and your Web activities.

_________ - software to generate ads that installs itself on your computer when you download some other (usually free) program from the Web.

_________ - software you don’t want hidden inside software you do want.

12

PrivacyPrivacy and Consumers

Spyware (also called sneakware or stealthware) - software that comes hidden in _________ _________ software and tracks your online movements, mines the information stored on your computer, or uses your computer’s CPU and storage for some task you know nothing about.

13

PrivacyPrivacy and Government Agencies

Government agencies have about 2,000 databases containing personal information on individuals.

For example, The National Crime Information Center (NCIC) database contains information on the criminal records of more than 20 million people.

Team Work

What Are The Biggest Internet Scams?

(p. 387)

14

PrivacyPrivacy and International Trade

Safe-harbor principles - a set of rules to which U.S. businesses that want to trade with the European Union (EU) must adhere.

On Your OwnWhat’s YourOpinion?(p. 388)

15

InformationInformation as Raw Material

Raw materials are the _________ from which a product is made.

Wood, glue, and screws are _________ materials for a chair.

Almost everything you buy has _________ as part of the product.

The most _________ companies place the highest value on information. ( branding )

16

InformationInformation as Capital

Capital is the _________ you use to produce a product or service.

Buildings, trucks, and machinery are assets.

Information is _________ since it is used by companies to provide products and services.

17

Security – The Business Challenge

Who’s the bad guy? Competitors, foreign governments, network hackers, disgruntled ex-employees, news and media, unauthorized customers, employees, etc?

How do I protect my information from the bad guys, without making employees and authorized users less productive?

How can I administer security consistently, reliably, and cost effectively across all of my distributed information resources ?

Insiders80%

Outsiders20%

Studies show 80% of real security problems are caused by authorized users

18

SecuritySecurity and Employees

19

SecuritySecurity and Collaboration Partners

If you use collaboration systems, representatives of other companies can gain access to your systems.

_________ _________ - harnesses far-flung computers together by way of the Internet or a virtual private network to share CPU power, databases, and database storage.

20

SecuritySecurity and Outside Threats

85% of large companies and governmental agencies were broken into during 2002.

_________ - very knowledgeable computer users who use their knowledge to invade other people’s computers.

21

What Is Hacking?

Unauthorized or Unintended use of information Technology assets for… Personal gain

Theft, fraud _________ Revenge _________

22

Why is hacking a problem? Hacks mean business…and

they hurt Corporate image

Customer & Employee Privacy

Real $$$$ often in millions

23

Security Threats

ParticipantParticipant ParticipantParticipantNetworkNetwork

Interruption _________ Modification MasqueradeIntranet has 3 separate components Secrecy Integrity Availability

24

SecuritySecurity and Outside Threats

Computer virus (or simply a virus) - is software that is written with malicious intent to cause annoyance or damage.

_________ - a type of virus that spreads itself, not just from file to file, but from computer to computer via e-mail and other Internet traffic.

Denial-of-service attack (DoS) - floods a Web site with so many requests for service that it slows down or crashes.

25

SecuritySecurity and Outside Threats

Computer viruses can’t: _________ your hardware (i.e.

monitors, printers, or processor.) _________ any files they weren’t

designed to attack. Infect files on write-protected disks.

26

SecuritySecurity Precautions

Risk management - consists of the identification of risks, security implementation, and effective measures.

Risk assessment - measure the risk exposure of IT assets.

Risk assessment asks: What can go wrong? How likely is it to go wrong? What are the possible consequences if it does go wrong?

27

SecuritySecurity Precautions

Backup - making a copy of computer information.

Anti-virus software - detects and removes viruses.

Firewall – protects computers from intruders.

_________ _________ _________ - looks for people on the network who shouldn’t be there.

Security auditing software - checks out your computer or network for potential weaknesses.

28

_________ _________ _________ _________ _________.

29

SecuritySecurity Precautions

Biometrics - the use of physical characteristics to provide identification.

Encryption – scrambles the contents of a file so that you can’t read it without having the decryption key.

Public key encryption (PKE) - an encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient.