chapter 3 ethics, privacy & security
DESCRIPTION
Chapter 3 Ethics, Privacy & Security. Describe the major ethical issues related to information technology and identify situations in which they occur . Identify the many threats to information security Understand the various defense mechanisms used to protect information systems. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/1.jpg)
Chapter 3 Ethics, Privacy & SecurityDescribe the major ethical issues related to information technology and identify situations in which they occur.
Identify the many threats to information security
Understand the various defense mechanisms used to protect information systems.
Explain IT auditing and planning for disaster recovery.
![Page 2: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/2.jpg)
Case Study TJX SWOT
![Page 3: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/3.jpg)
Ethical Issues
Fundamental tenets of ethics include responsibility, accountability, and liability
unethical is not necessarily illegal. Should organizations monitor employees’ Web surfing
and e-mail? Should organizations sell customer information to
other companies?
![Page 4: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/4.jpg)
Ethical Issues
Should organizations audit employees’ computers for unauthorized software or illegally downloaded music or video files?
Privacy issues
Accuracy issues
Property issues
Accessibility issues
![Page 5: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/5.jpg)
Protecting Privacy
The right of privacy is not absolute. Privacy must be balanced against the needs of society
The public’s right to know supersedes the individual’s right of privacy
International Aspects of Privacy
![Page 6: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/6.jpg)
IT’s About Business
Security Outside the Perimeter: LexisNexis
![Page 7: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/7.jpg)
Threats to Information Security
Today’s interconnected, interdependent, wirelessly networked business environment
Governmental legislation Smaller, faster, cheaper computers and storage devices Decreasing skills necessary to be a computer hacker International organized crime taking over cybercrime Downstream liability Increased employee use of unmanaged devices Lack of management support
![Page 8: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/8.jpg)
Threats to Information Systems
Unintentional acts Natural disasters Technical failures Management failures Deliberate acts
![Page 9: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/9.jpg)
IT’s About Business
The “Hack, Pump, and Dump” Scheme
![Page 10: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/10.jpg)
Protecting Information Resources Risk management
Risk analysis
Risk mitigation
Risk acceptance
Risk limitation
Risk transference
![Page 11: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/11.jpg)
Protecting Information Resources Controls The Difficulties in Protecting Information Resources Physical Controls Access Controls
![Page 12: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/12.jpg)
![Page 13: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/13.jpg)
Protecting Information Resources Authentication
Something the User Is
Something the User Has
Something the User Does
Something the User Knows
![Page 14: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/14.jpg)
IT’s About Business
Providing Least Privilege at UPS
![Page 15: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/15.jpg)
Protecting Information Resources Communications (network) controls
Firewalls.
Anti-malware systems.
![Page 16: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/16.jpg)
![Page 17: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/17.jpg)
Protecting Information Resources Whitelisting and Blacklisting
Intrusion Detection Systems
Encryption.
Virtual Private Networking
Secure Socket Layer
![Page 18: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/18.jpg)
IT’s About Business
Using Encryption to Reduce E-Mail Security Risks at Harvard Pilgrim
![Page 19: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/19.jpg)
Ethics, Privacy, and Information Security
![Page 20: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/20.jpg)
Ethics, Privacy, and Information Security
Vulnerability Management Systems
Employee Monitoring Systems
Application Controls
![Page 21: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/21.jpg)
Business Continuity Planning, Backup, and Recovery
hot site
warm site
cold site
off-site data storage
![Page 22: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/22.jpg)
IT’s About Business
The Baltimore Ravens Plan for Business Continuity
![Page 23: Chapter 3 Ethics, Privacy & Security](https://reader031.vdocuments.net/reader031/viewer/2022012317/56816854550346895dde67c9/html5/thumbnails/23.jpg)
Information Systems Auditing
Types of Auditors and Audits How Is Auditing Executed?