Security & ethical challenges
-
Upload
louie-medinaceli -
Category
Documents
-
view
579 -
download
2
description
Transcript of Security & ethical challenges
Republic of the PhilippinesRepublic of the PhilippinesEULOGIO “AMANG” RODRIGUEZEULOGIO “AMANG” RODRIGUEZ
INSTITUTE OF SCIENCE AND TECHNOLOGYINSTITUTE OF SCIENCE AND TECHNOLOGYNagtahan, Sampaloc, ManilaNagtahan, Sampaloc, Manila
GRADUATE PROGRAMGRADUATE PROGRAMMASTER IN PUBLIC ADMINISTRATIONMASTER IN PUBLIC ADMINISTRATION
TOPIC: Security and Ethical ChallengesTOPIC: Security and Ethical Challenges
Management Information Management Information SystemsSystems
1Management Information Systems
Presented by:
LOUIE A. MEDINACELI
DR. LOURDES BANDOYProfessor
Sample 1:Digitally altered photosSample 1:Digitally altered photos
Sample 2:Digitally altered photosSample 2:Digitally altered photos
Sample 3:Digitally altered photosSample 3:Digitally altered photosThe New Version The Old Version
Sample 5:Digitally altered photosSample 5:Digitally altered photosOprah, one the most well known celebrities of our time has graced many magazine
covers. However in this TV Guide she is seen in a beautiful dress sitting on a pile of cash. You see it? The pile of cash is so fake right? You are right. See anything else? Take a look at the picture below. That’s not Oprah’s body. It’s Ann-Margaret.
Sample 1:Photoshop MistakesSample 1:Photoshop Mistakes
Missing leg. We love Veronica Kay, but the missing leg is not sexy.
Sample 2:Photoshop MistakesSample 2:Photoshop Mistakes
Where’s the belly button?
COMPUTER CRIMECOMPUTER CRIME
Cyber crime is becoming one of the Net’s growth businesses. Today, criminals are doing everything from stealing intellectual property and committing fraud to unleashing viruses and committing acts of cyber terrorism.
HackingHackingHacking is the obsessive use of computers, or Hacking is the obsessive use of computers, or
the unauthorized access and use of the unauthorized access and use of networked computer systems. Hackers networked computer systems. Hackers usuallyusually
Steal or damage dataSteal or damage data Get unauthorized access to computer filesGet unauthorized access to computer files Monitor e-mails or web server accessMonitor e-mails or web server access May use remote services that allow one May use remote services that allow one
computer to execute programs on anothercomputer to execute programs on another Plant data that will cause system to Plant data that will cause system to
welcome intruderswelcome intrudersManagement Information Systems 9
Cyber TheftCyber Theft
Cyber theft involves theft of money by Cyber theft involves theft of money by unauthorized network entry and unauthorized network entry and fraudulent alteration of computer fraudulent alteration of computer databases.databases.
Management Information Systems 10
Unauthorized use at WorkUnauthorized use at Work
Unauthorized use of computer Unauthorized use of computer resources especially by employeesresources especially by employees
Playing video gamesPlaying video games Unauthorized use of internetUnauthorized use of internet Non-work related upload/downloadNon-work related upload/download Transmission of confidential dataTransmission of confidential data Moonlighting Moonlighting
Management Information Systems 11
Software PiracySoftware Piracy
Unauthorized copying of data is called Unauthorized copying of data is called software piracy or software theftsoftware piracy or software theft
Software is protected by copyright law Software is protected by copyright law and user license agreement that and user license agreement that allows only limited copies to be madeallows only limited copies to be made
Management Information Systems 12
Piracy of Intellectual PropertyPiracy of Intellectual Property
Materials other than software are also Materials other than software are also pirated by making multiple copiespirated by making multiple copies
Piracy of music, video, images, Piracy of music, video, images, articles, books etc.articles, books etc.
Dissemination of these material Dissemination of these material through internet websitesthrough internet websites
Management Information Systems 13
Computer security risksComputer security risks Virus-potentially damaging computer
programs that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission; may damage files, software including the operating system
Worms-a program that copies itself; could shut down the computer or network
Trojan horses-a program that hides within or looks like a legitimate program; does not replicate itself to other computers
Symptoms of Computer risksSymptoms of Computer risks
Screen displays unusual message or image
Music or unusual sound displays randomly Available memory is less than expected Existing programs and files disappear Files become corrupted Programs or files do not work properly Unknown programs or files mysteriously
appear System properties change
Symptoms of Computer risk(cont..)Symptoms of Computer risk(cont..)
Your computer functions slower than normal
Your computer responds slowly and freezes often
Your computer restarts itself often You see uncommon error messages,
distorted menus, and dialog boxes You notice applications on your computer
fail to work correctly You fail to print correctly
Safeguard from Computer risksSafeguard from Computer risks1. Never start a computer with a floppy disk in
drive A, unless it is an uninfected boot disk. Turn off message preview
2. Never open an e-mail attachment unless you are expecting it and it is from a trusted source. Turn off message preview
3. Set the macro security in programs so you can enable or disable macros. Only enable macros if the document is from a trusted source and you are expecting it.
4. Install an antivirus program on all of your computers. Obtain updates to the antivirus signature files on a regular basis.
Safeguard from Computer risksSafeguard from Computer risks5. Check all downloaded programs for viruses,
worms, or Trojan horses. These malicious-logic programs often placed in seemingly innocent programs, so they will affect a large number of users.
6. If the anti-virus program flags an e-mail attachment as infected, delete the attachment immediately.
7. Before using any removable storage devices, use the antivirus program to check for infection.
8. Create a recovery disk and write protect it.9. Install a personal firewall program
Unauthorized Access and UseUnauthorized Access and Use Unauthorized access- the use of a
computer or network without permission Cracker- someone who tries to access a
computer or network illegally Hacker- break into a computer by
connecting to it and then logging in as a legitimate user
Safeguard from unauthorized Safeguard from unauthorized accessaccess
1. Acceptable use policy (AUP)- outlines the activities for which the computer and network may and may not be used
2. Firewalls-deny network access to outsiders and restrict employees’ access to sensitive data like payroll or personnel records
3. Intrusion detection software-automatically analyzes all network traffic, assess system vulnerabilities, identifies any unauthorized access (intrusions) and notifies
Safeguard from unauthorized Safeguard from unauthorized access (continuation)access (continuation)
5. Access control-is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer
and audit trails- or log, that records in a file both successful and unsuccessful access attempts
a. User names-a unique combination of characters like letters of the alphabet, that identifies one specific user
b. and passwords-a private combination of characters associated with the user name that allows access to certain computer resources
c. Possessed objects-any items that you must carry to gain access to a computer or computer facility (badges, cards, smart cards, keys)
d. Biometric devices-grant access to programs using biometric identifies like finger prints, face recognition, voice recognition
e. Callback system-user connects to a computer only after the computer calls that user back at a previously established telephone number
FingerprintReader
Face Recognition System
Other ChallengesOther Challenges
Employment challenges because a lot of Employment challenges because a lot of tasks have been automatedtasks have been automated
Computer monitoring causes intrusion in Computer monitoring causes intrusion in personal space for workerspersonal space for workers
Challenges in working conditions are caused Challenges in working conditions are caused by tasks which are monotonous in nature. by tasks which are monotonous in nature. But it also automates most of the work and But it also automates most of the work and gives way to more challenging jobsgives way to more challenging jobs
Challenges to individuality as they eliminate Challenges to individuality as they eliminate the human relationships between peoplethe human relationships between people
Management Information Systems 23
BenefitsBenefits
Medical diagnosisMedical diagnosis Crime controlCrime control Environmental monitoringEnvironmental monitoring Urban planningUrban planning Computer based trainingComputer based training Distance learningDistance learning
Management Information Systems 24
Health Concerns of Computer Use
Hand Exercises to Reduce Tendonitis
Computer and Health RisksComputer and Health Risks
1. Repetitive strain injury (RSI)-a disorder of the muscles, nerves, tendons, ligaments and joints
2. Computer vision syndrome-sore, tired, burning, itching or dry eyes; blurred or double vision, etc.
3. Lower back pain, muscle fatigue and emotional fatigue
ErgonomicsErgonomics
applied science devoted to incorporating comfort, efficiency and safety into the design of items in the workplace
Computer addictionComputer addiction
when the computer consumes someone’s entire social life
EncryptionEncryption
The concept of private key and public The concept of private key and public key can be extended to authentication key can be extended to authentication protocols. There are three types of protocols. There are three types of authentication protocols followed by authentication protocols followed by organizations.organizations.
1.1. Password Authentication protocolPassword Authentication protocol
2.2. Challenge Handshake authentication Challenge Handshake authentication ProtocolProtocol
3.3. Extensible Authentication ProtocolExtensible Authentication ProtocolManagement Information Systems 33
FirewallFirewall
Firewalls are used to restrict access to Firewalls are used to restrict access to one network from another network. one network from another network. Different types of firewalls exist.Different types of firewalls exist.
1.1. Packet FilteringPacket Filtering
2.2. Stateful firewallsStateful firewalls
3.3. Proxy FirewallsProxy Firewalls
4.4. Kernel Proxy firewallsKernel Proxy firewalls
Management Information Systems 34
Ethical responsibility of business Ethical responsibility of business professionalsprofessionals
Business ethics are concerned withBusiness ethics are concerned with EquityEquity RightsRights HonestyHonesty Exercise of corporate powerExercise of corporate power
Management Information Systems 35
Theories of corporate social Theories of corporate social responsibilityresponsibility
The stockholders theory The stockholders theory holds that managers are holds that managers are agents of the stockholders and their only ethical agents of the stockholders and their only ethical responsibility is to increase the profits of the business responsibility is to increase the profits of the business without violating the law or engaging in fraudulent without violating the law or engaging in fraudulent activities.activities.
The social contract theory The social contract theory states that companies states that companies have ethical responsibilities to all members of society, have ethical responsibilities to all members of society, which allow corporations to exist based on a social which allow corporations to exist based on a social contractcontract
The stakeholders theory The stakeholders theory states that managers have states that managers have ethical responsibility to manage a firm for the benefit ethical responsibility to manage a firm for the benefit of all of its stakeholders i.e. stockholders, employees, of all of its stakeholders i.e. stockholders, employees, customers, suppliers and local community.customers, suppliers and local community.
Management Information Systems 36
Principles of technology ethicsPrinciples of technology ethics
Proportionality of benefits to riskProportionality of benefits to risk Informed consent to risksInformed consent to risks Justice in distribution of risk with Justice in distribution of risk with
benefits derived to each sub unitbenefits derived to each sub unit Minimized risk by the selected optionMinimized risk by the selected option
Management Information Systems 37
Ethical guidelineEthical guideline
Acting with integrityActing with integrity Increasing your professional Increasing your professional
competencecompetence Setting high standards of personal Setting high standards of personal
performanceperformance Accepting responsibility for your workAccepting responsibility for your work Advancing the health, privacy, and Advancing the health, privacy, and
general welfare of the publicgeneral welfare of the public
Management Information Systems 38
Mistakes are part of being human. Appreciate your mistakes for what they are; precious life lesson that can only be learned the hard way. Thank you