1 James A. O’Brien Eleventh Edition

  ² Introduction to Information Systems Introduction to Information Systems _{Essentials for the Internetworked E-Business Enterprise Chapter Objectives Eleventh Edition}

• Identify several ethical issues

  James A. O’Brien

• Identify several types of security management strategies and defenses.

11 C h a p t e r Security and Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved. Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges

  ….In the Small Stuff  Empowering is  Being a good more than example is better

  God is in the Small Stuff delegating than giving good advice

   Have the courage and it all matters to hold people  There are born accountable leaders and there are leaders who

  “Leadership is an Art”  Associate with are made. And leaders as often as then there arte you can those who become leaders out of

  Bruce Bickel & Stan Jantz necessity

  © 2002 McGraw-Hill Companies

  © 2002 McGraw-Hill Companies Small Stuff (cont.)

   An exceptional leader is one who gets average people to do superior work

   If you want to lead, read

   Use your influence sparingly. It will last longer

   When you find a leader, follow

   When you identify a follower, lead

   Be available to take someone’s place in an emergency

   Power begins to corrupt the moment you begin to seek it

  Small Stuff (cont.)  A signpost like a peer, only warns you about the road ahead. But a map, like a mentor can show you how to get where you want to go

   Find a mentor  Managing people begins with caring for them

   One of the sobering characteristics of leadership is that leaders are judged to a greater than followers.

  Eleventh Edition James A. O’Brien _{7 Introduction to Information Systems} Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.

  Security and Ethical Challenges Security Ethics and Society Employment Privacy Health Individuality Crime Working Conditions

  Security st st

  IT Security in the 21 Century

  IT Security in the 21 Century (cont.)

    Increasing the Reliability of Systems. Artificial Intelligence in Biometrics.

  The objective relating to reliability is to use fault Expert systems, neural computing, voice recognition, and

tolerance to keep the information systems fuzzy logic can be used to enhance the capabilities of

working, even if some parts fail. several biometric systems.

   Expert Systems for Diagnosis, Prognosis, and Disaster  Intelligent Systems for Early Detection.

  Planning.

   Expert systems can be used to diagnose Detecting intrusion in its beginning is extremely troubles in computer systems and to suggest solutions. important, especially for classified information and financial data.

   . Smart card technology can be used to protect PCs on LANs. --

   Intelligent Systems in Auditing.

   Fighting Hackers. Several new products are available for Intelligent systems are used to enhance the task fighting hackers. of IS auditing.

  

James A. O’Brien Eleventh Edition James A. O’Brien Eleventh Edition

Introduction to Information Systems ^{11 Introduction to Information Systems 12} Computer Crime Common Hacking Tactics

• Denial of Service • War Dialing

  Cyber

• Scans • Logic Bombs

  Hacking Theft

• Sniffer Programs • Buffer Overflow • Spoofing • Password Crackers • Trojan Horse • Social Engineering

  Computer

• Back Doors • Dumpster Driving

  Viruses

• Malicious Applets

  Unauthorized Piracy _{Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved. Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.} Use at work

  © 2002 McGraw-Hill Companies

  © 2002 McGraw-Hill Companies ^{Eleventh Edition James A. O’Brien 13} Introduction to Information Systems Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.

  Security Management of e-Business

  Encryption Denial of Service Defenses Fire Walls Monitor E-mail Virus Defenses ^{Eleventh Edition James A. O’Brien 14} Introduction to Information Systems Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.

  Other e-Business Security Measures

  Security Codes Security Monitors Backup Files Biometric Security Controls

  Ethics Where does work end and private life begin?

  Change 

  Portfolio Career – Handy 

  Telecommuting 

  Smart Work – 80% cerebral/20%manual 

  Virtual Corporations 

  Intellectual Capital

  James A. O’Brien Eleventh Edition ¹⁷ Introduction to Information Systems Ethical Considerations

  National Security

• Ethical Principles • Standard of Conduct
• – Act with integrity  Loss of individual privacy
• – Proportiona
• – Protect the privacy and
• – Informed Consent 

  Wiretaps confidentiality of information

• – Justice

   Library Example

• – Do not misrepresent or
• – Minimized Risk

   Right’s at Work withhold information

• – Do not misuse resources
• – Do not exploit weakness of systems
• – Set high standards
• – Advance the health and _{Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.}

  welfare of general public Case: Cyber Crime

  Lessons Learned from the Case  On Feb. 6, 2000 - the biggest EC sites were hit by cyber crime.

   Information resources that include computers, networks, programs, and data are vulnerable to unforeseen attacks.

• Yahoo!, eBay, Amazon.com, E*Trade

   The attacker(s) used a method called denial of  Many countries do not have sufficient laws to deal with computer criminals. service (DOS).

• Clog a system by hammering a Web site ’s equipment

   Protection of networked systems can be a complex issue. with too many requests for information

    Attackers can zero on a single company, or can attack

  The total damage worldwide was estimated at $5- many companies, without discrimination. 10 billion (U.S.).

• The alleged attacker, from the Philippines, was not  Attackers use different attack methods.

  prosecuted because he did not break any law in the  Although variations of the attack methods are known, the Philippines. defence against them is difficult and/or expensive.

  © 2002 McGraw-Hill Companies

• Counterfeit Access Device and Computer Fraud Act of
• Computer Fraud and Abuse Act of 1986
• Computer Abuse Amendment Act of 1994 (prohibits
• Computer Security Act of 1987
• Electronic Communications Privacy Act of 1986
• Electronic Funds Transfer Act of 1980
• Video privacy protection act of 1988
• Copyright • Trade Secrets • Patent

  © 2002 McGraw-Hill Companies U.S. Federal Statutes

   According to the FBI, an average white-collar crime involves $23,000; but an average computer crime involves about $600,000.

   The following U.S. federal statutes deal with computer crime;

  1984

  transmission of viruses)

  Video Ethics

   Privacy  Intellectual Property

   Quality of Life  Social Responsibility  P2P / File Sharing  SPAM / Free speech 

  The privacy of patients’ information 

  Monitoring employees’ use of the Internet ^{Eleventh Edition James A. O’Brien} _{Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.} ^{24 Introduction to Information Systems} Employment Challenges

  Lost Job Opportunities Computer Monitoring Lost Individuality Health Issues Working Conditions

• The vital role of e-bBusiness and e-commerce
• Managers can help solve the problems of

• Business and IT activities involve many ethical
• One of the most important responsibilities of
• Security management tools and policies can

  © 2002 McGraw-Hill Companies Case: Catching Cases of Plagiarism

  Problem:  The Internet provides abundant information to students who may be tempted to download material and submit it as their own work.

  Solution:  Some companies (e.g., Plagiarism.org ) are offering Internet-based anti-plagiarism technology to identify such cases of plagiarism.

   Manuscript are checked against a database of other manuscripts collected from different universities and from all over the Internet.

  Results:  Cases of gross plagiarism are more likely to be flagged. ^{Eleventh Edition James A. O’Brien 26} Introduction to Information Systems Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.

  Chapter Summary

  systems in society raises serious ethical and societal issues in terms of their impact on employment, individuality, working conditions, privacy, health, and computer crime.

  improper use of IT by assuming their ethical responsibilities for ergonomic design, beneficial use, and enlightened management of e-business technologies in our society.

  Eleventh Edition James A. O’Brien _{27 Introduction to Information Systems} Irwin/McGraw-Hill Copyright © 2002, The McGraw-Hill Companies, Inc. All rights reserved.

  Chapter Summary (cont)

  considerations. Ethical principles and standards of conduct can serve as guidelines for dealing with ethical businesses issues.

  the management of a company is to assure the security and quality of its e-business activities.

  ensure the accuracy, integrity, and safety of e- business systems and resources.