Chapter 8
Protecting People and
Information
Threats and Safeguards
1
Presentation Overview




Ethics
Privacy
Information
Security
2
Opening Case Study
Digital Destruction Beyond All Imagination



One of the lessons learned from 9/11 is that with careful
and thorough protection of important information, not
even a calamity like the one that occurred in New York can
put you out of business.
http://www.cnn.com/SPECIALS/2001/trade.center/tenants
1.html
In what ways is information vulnerable and what can you
do to protect important information?
3
Ethics

Ethics - the _________ and standards that

Ethics depend on:
guide our behavior toward other people.
1.
2.
Your basic ethical _________ , which you developed
as you grew up.
The set of practical _________ involved in the
decision that you’re trying to make – that is, all the
shades of gray in what are rarely black or white
decisions.
4
Ethics
Two Factors That Determine How You
Decide Ethical Issues
1.
2.
3.
4.
5.
6.
Consequences
_________
Likelihood of effect
Time to _________
Relatedness
Reach of result
5
Ethics
Intellectual Property

_________ - intangible creative work that is embodied in physical form.

Copyright - the legal protection afforded an expression of an idea.

_________ - says that you may use copyrighted material in certain
situations.

_________ - the unauthorized use, duplication, distribution or sale of
copyrighted software.

_________ - software that is manufactured to look like the real thing and
sold as such.
6
Privacy

Privacy - the right to
be left alone when
you want to be, to
have control over
your own personal
possessions, and not
to be observed
without your consent.
7
Privacy
Privacy and Other Individuals


E-mail is completely insecure.
Each e-mail you send results in at
least 3 or 4 copies being stored on
different computers.
8
Privacy
Privacy and Employees


Companies need information about their
employees and customers to be
effective in the marketplace.
In 2001, 63% of companies monitored
employee Internet connections
including about two-thirds of the 60
billion electronic messages sent by 40
million e-mail users.
9
Privacy
Privacy and Consumers

Customers want businesses to:



Know who they are, but they want them to
leave them alone.
_________ what they want, but they don’t
want businesses knowing too much about their
habits and preferences.
Tell them about _________ and _________
they might like to have, but don’t want to be
inundated with ads.
10
Privacy
Privacy and Consumers



_________ - a small record deposited on your
hard disk by a Web site containing information
about you and your Web activities.
_________ - software to generate ads that
installs itself on your computer when you
download some other (usually free) program
from the Web.
_________ - software you don’t want hidden
inside software you do want.
11
Privacy
Privacy and Consumers

Spyware (also called sneakware or
stealthware) - software that comes
hidden in _________ _________
software and tracks your online
movements, mines the information
stored on your computer, or uses your
computer’s CPU and storage for some
task you know nothing about.
12
Privacy
Privacy and Government Agencies


Government agencies have about
2,000 databases containing personal
information on individuals.
Team Work
For example, The National Crime
Information Center (NCIC) database
contains information on the criminal
What Are The
records of more than 20 million
Biggest Internet Scams?
people.
(p. 387)
13
Privacy
Privacy and International Trade

Safe-harbor
principles - a set of
rules to which U.S.
businesses that want
to trade with the
European Union (EU)
must adhere.
On
Your Your
Own
What’s
Opinion?
(p. 388)
14
Information
Information as Raw Material

Raw materials are the _________ from which a
product is made.

Wood, glue, and screws are _________ materials for
a chair.

Almost everything you buy has _________ as part of
the product.

The most _________ companies place the highest
value on information. ( branding )
15
Information
Information as Capital



Capital is the _________ you use to produce a
product or service.
Buildings, trucks, and machinery are assets.
Information is _________ since it is used by
companies to provide products and services.
16
Security –
The Business Challenge
Who’s the bad guy? Competitors, foreign governments,
network hackers, disgruntled ex-employees, news and
media, unauthorized customers, employees, etc?
How do I protect my information from the
bad guys, without making employees and
authorized users less productive?
Outsiders
20%
Insiders
80%
How can I administer security consistently,
reliably, and cost effectively across all of my Studies show 80% of real
distributed information resources ?
security problems are
caused by authorized users
17
Security
Security and Employees
18
Security
Security and Collaboration Partners


If you use collaboration systems, representatives
of other companies can gain access to your
systems.
_________ _________ - harnesses far-flung
computers together by way of the Internet or a
virtual private network to share CPU power,
databases, and database storage.
19
Security
Security and Outside Threats


85% of large companies and
governmental agencies were broken
into during 2002.
_________ - very knowledgeable
computer users who use their
knowledge to invade other people’s
computers.
20
What Is Hacking?

Unauthorized or Unintended use of
information Technology assets for…

Personal gain




Theft, fraud
_________
Revenge
_________
21
Why is hacking a problem?

Hacks mean business…and they
hurt

Corporate image

Customer & Employee Privacy

Real $$$$ often in millions
22
Security Threats
Interruption
Network
Participant
 _________
 Modification
 Masquerade
Intranet has 3 separate components
 Secrecy
 Integrity
 Availability

Participant
23
Security
Security and Outside Threats



Computer virus (or simply a virus) - is software that
is written with malicious intent to cause annoyance or
damage.
_________ - a type of virus that spreads itself, not just
from file to file, but from computer to computer via email and other Internet traffic.
Denial-of-service attack (DoS) - floods a Web site
with so many requests for service that it slows down or
crashes.
24
Security
Security and Outside Threats

Computer viruses can’t:



_________ your hardware (i.e. monitors,
printers, or processor.)
_________ any files they weren’t designed
to attack.
Infect files on write-protected disks.
25
Security
Security Precautions

Risk management - consists of the identification of

Risk assessment - measure the risk exposure of IT

Risk assessment asks:
risks, security implementation, and effective measures.
assets.



What can go wrong?
How likely is it to go wrong?
What are the possible consequences if it does go wrong?
26
Security
Security Precautions

Backup - making a copy of computer information.

Anti-virus software - detects and removes viruses.

Firewall – protects computers from intruders.

_________ _________ _________ - looks for people on the
network who shouldn’t be there.

Security auditing software - checks out your computer or
network for potential weaknesses.
27
_________ _________ _________ _________ _________.
28
Security
Security Precautions

Biometrics - the use of physical characteristics

Encryption – scrambles the contents of a file

Public key encryption (PKE) - an encryption
to provide identification.
so that you can’t read it without having the
decryption key.
system that uses two keys: a public key that
everyone can have and a private key for only the
recipient.
29