Computer Security and Privacy Chapter 5 Computer Benefits Allow us to accomplish many tasks Provide...

Computer Security and Privacy

Chapter 5

Computer Benefits

• Allow us to accomplish many tasks• Provide us with lots of information• Store and retrieve information for us• Allow us to browse the Web• Make businesses and individuals more efficient

Plymouth State University

WHY BE CONCERNED ABOUT COMPUTER SECURITY?

• Theft or damage of hardware

• Losing data (companies and individuals)

• Buying pirated or digitally counterfeited products online.


Potential Hardware Problems

• Hardware loss (hardware theft or lost hardware)

• Hardware damage ( both intentional and unintentional

• System failure – Hardware problem– Natural or man- made disaster.


Computer Concerns and Protection

• Hackers

• Viruses & Worms

• Firewalls

Cyberthreats

• Hackers– People who gain unauthorized access to computers or

networks, often for fun or to see if they can (not good)

• Crackers– Malicious hackers who break into computers for malicious

purposes

11/2/00 Plymouth State University 7

Threats to Computers: Theft

• Hardware

• Software

• Information

• Malice & destruction

• Theft of PDAs, cell phones, etc. as well as computers

Security

• Security is extremely important in today’s network environment

• Hackers can be a serious problem for both corporate and private computers

• Physical and software security are used


Threats to Computers:Natural & Other Hazards

• Natural hazards• Terrorism


Security: Safeguarding Computers

• Disaster-recovery plans– A method of restoring information-processing

operations that have been halted by destruction or accident

• Reinforced by 2001 World Trade Center attack• Reinforced by company data losses incurred during 2005

Hurricane Katrina

– Plans range in price and complexity from• Backing up data from disk to tape, CD, or zip disk, with a UPS• Automatically storing data redundantly in two places• Having an off-site computerized data storage center with

independent power supply• Having a complete “hot” redundant data center that can instantly

be used if there is a disasterMore $$$

Protecting Your Computer

• Safeguards– Use antivirus software, and keep it current– Install a firewall to filter out undesirable traffic– Install antispyware software– Encrypt financial and personal records – Back up your data, so if your PC is attacked and

must be reformatted, you can restore your data

Preventing Data Loss

• Backup files often!

• External hard drive


Software Security

• IDs and Passwords– Assigned to users, must be protected– Need to use password that is not obvious– Should be changed periodically

• Some systems force users to change them

Protecting Computers

• Door locks

• Equipment locks

• Tracking software

• Ruggedized devices

• Surge supressors

• Uninterruptable Power Supply


Precautions

• To protect against hardware theft, door and equipment locks can be used.

• To protect against accidental hardware damage, surge suppressors, uninterruptible power supplies ( UPSs) should be used.

• Storage media care, and precautions against excess dust, heat, and static electricity.


Protection

• Ruggedized devices can be used when necessary.

• To protect against data loss, backups are essential for both individuals and businesses

• Disaster recovery plan for natural and man- made disasters.


Encryption

• Encryption can be used to protect individual files and the content of data stored on a storage medium.

• Full disk encryption ( FDE) and self- encrypting hard drives can be used to encrypt all the content located on a hard drive automatically.


Protecting Data

• Encryption– The process of altering readable data into

unreadable form to prevent unauthorized access

• Scrambles data before storing• Uses encryption key

SOFTWARE PIRACY AND DIGITAL COUNTERFEITING

• Software piracy ( the unauthorized copying of a computer program)

• Piracy costs manufacturers billions of dollars each year, and some of these costs are passed on to law-abiding consumers.

• Various tools, such as holograms, and software activation procedures, can be used to prevent software piracy.


Counterfeiting Money

• Making fake copies of currency and other resources are illegal in the United States.

• The government has various methods in place to prevent digital counterfeiting of currency, such as using features like security threads and watermarks.


Intellectual Property

• Software Copyright– Publisher owns software– User is granted a license to use it– No copies to be made– Used on one computer

• Not recognized by all countries

• Software Piracy

How is computer software protected by law?

• Computer software is protected by copyright law and international copyright treaties as well as other intellectual property laws and treaties. Copyright law and other intellectual property laws in many countries protect the rights of a software owner by granting to the owner a number of exclusive rights, including the right to reproduce or "copy" the software..

Software Piracy

• Illegal copying of Software

• Illegal Distribution of Software

• Illegal Use of Software

Why should I be concerned about Software Piracy?

• Software piracy harms all software companies and ultimately you, the end user. Piracy results in higher prices for duly licensed users, reduced levels of support, and delays in the funding and development of new products, causing the overall selection and quality of software to suffer.

Plymouth State College

Privacy

• Privacy – the right to not reveal information

• Most Web sites specify their privacy policy

• Cookies

DATABASES

• Information in marketing databases is frequently sold to companies and other organizations

• Information in some government data-bases is available to the public.

• Some public information can be retrieved from databases via the Web.


Electronic Profiling

• Electronic profiling is the collection of diverse information about an individual.

• Consider whether or not the Web site is requesting too much personal information,

• Only provide the required data.

• Do not provide personal details in chat rooms and personal Web sites.


Data Gathering

• Combining data from many sources

• Procedure– Data sources– Data fusion & cleansing

Data Storage

Privacy Policies

• An organization’s privacy policy addresses how any personal information submitted to that company will be used.

• Before providing any personal information via a Web page, it is a good idea to review the Web site’s privacy policy to see if the information will be shared with other organizations.


E-mail Address

• Protecting your E-mail address is one of the best ways to avoid spam.

• A throw-away E-mail address can be used for any activities that may result in spam

• Your permanent personal E-mail address can then be reserved for communications that should not result in spam.


WHY BE CONCERNED ABOUT INFORMATION PRIVACY?

• Privacy issues affect the lives of everyone.

• Information privacy refers to the rights of individuals and companies to control how information about them is collected and used.

• Privacy of Web site activities and E-mail messages

• High number of security breaches on systems that contain personal information.


Disposing of Old Hardware

• Individuals and businesses should be cautious when disposing of old hardware, such as hard drives and CDs, that contain sensitive data.

• Minimally, hard drives to be reused should be wiped clean

• CDs, DVDs, and other media to be disposed of should be shredded.

• Many copying machines contain copies of scanned documents on an internal hard drive.


ELECTRONIC SURVEILLANCE AND MONITORING

• Computer monitoring software that can record an individual’s computer use

• Video surveillance in public locations. • Monitoring telephone calls• Individual’s location using a smart ID card

customers safe. • For the highest level of privacy while at the

workplace, employees should perform only work-related activities on the job.


COMPUTER SECURITY AND PRIVACY LEGISLATION

• Legislating these issues is difficult due to ongoing changes in technology, jurisdictional issues, and varying opinions.

• Some legislation related to computer security has been enacted; new legislation is being considered on a regular basis.

• Do-not-call list



Inaccurate Digital Data

– Photographs may not be authentic– Photographs may be deliberately misleading

• 1994 Time magazine photo of O.J. Simpson was digitally darkened to make him appear sinister

– Could this have biased potential jury members?

– Dirty data – mistaken identity– Identity theft


Ethics• Privacy

• Security

• Social Security Number

• Credit Card Numbers

• Misuse of data

• Identity Theft


Exam in Two Weeks

Chapters 3, 4, 5, 6Lectures from Weeks 6, 7, 8, 9

Computer Security and Privacy Chapter 5 Computer Benefits Allow us to accomplish many tasks Provide...

Documents

Transcript of Computer Security and Privacy Chapter 5 Computer Benefits Allow us to accomplish many tasks Provide...