Security, Privacy, and Ethical

issues in Information Systems

Chapter 9
 Computer Waste and Mistakes
• Computer-related waste: inappropriate use of
computers
– Improper management of information systems
and resources.
• Computer-related mistakes: errors, failures,
and computer problems that make computer
output incorrect or not useful.
– Caused mainly by human error.
 Preventing Computer-Related Waste and
Mistake
• Establish policies and procedures regarding efficient
acquisition, use, and disposal of systems and devices.
– starts by identifying the most common types of
errors.
• Data entry or data capture errors
• Errors in computer programs
• Errors in handling files, formatting, copying, deleting
• Mishandling of computer output
• Inadequate planning for and control of equipment malfunctions.
• In adequate planning for and control of environmental difficulties.
• Installing computing capacity inadequate for the level of activity
• Failure to provide access to most current information
 Preventing Computer-Related
Waste and Mistake
• Implementing policies and procedures.(p333)

• Monitoring policies and procedures.

• Reviewing policies and procedures. (p334)

 Computer Crime
• Identity theft: One obtains personal
information of someone else and use it to
open e.g. accounts in their name.
– Social engineering, shoulder surfing.
• Cyber terrorism: Someone launches
computer-based attacks to coerce a
government or organization to advance their
political or social objectives.
 Computer Crime
• Illegal access and use:
– Cracker: A person who enjoys computer
technology and spends time learning and using
computer systems.
– Script Kiddie
– Insider
– Virus
– Worm
– Trojan Horse
– Antivirus program (proper use p340)
 Computer Crime
• Equipment theft:
– Many companies use devices that disable the disk
drive and/ or lock the computer to the desk.
 Computer Crime
• Software and Internet Software Piracy
– The act of illegally duplicating or downloading
software.
 Computer Crime
• Computer-Related Scams:
– Get rich quick schemes, credit card.
– Ways to avoid becoming a victim:
• Don’t agree to anything in high-pressure seminars
• Don’t judge based only on appearances
• Avoid plans that pays commissions for recruiting
additional distributors.
• Beware of shills
• Beware of paying up front first to eventually receive
something
• Do not depend on oral promises.
 Preventing Computer-Related Crime
• Crime prevention by the state
– Acts, regulations
• Crime prevention by organizations
– Public-key infrastructure (PKI)
– Biometrics
– p345
• Crime prevention by individuals
 Preventing Computer-Related Crime
• Using Intrusion Detection Software (IDS)
– Monitors system and network resources and
notifies network security personnel when it
senses a possible intrusion.
• Using Managed Security Service Providers
– Outsource network security.
– Monitor, manage, and maintain network security.
 Preventing Computer-Related Crime
• Preventing Crime on the Internet
– Internet usage and security policies
– Stand-alone firewall
– Intrusion detection systems
– Monitor internet browsing
– Internet security specialists
 Privacy
• Privacy and the government
– Acts and laws governing the sharing of
information.
• Privacy at work
• E-mail privacy
• Privacy and the Internet
• Fairness in information use
– The right to know and the ability to decide?
• Individual efforts to protect privacy
 The Work Environment
• Health concerns
– Organizations can increase employee effectiveness
by paying attention to the health concerns in
today’s work environment.
– For some people working with computers can
cause anxiety.
– Computers can affect physical health.
– Emissions from improperly maintained
equipment.
 The Work Environment
• Avoiding health and environmental problems
– Many computer-related health problems are
caused by poorly designed work environment.
– Ergonomics has suggested some approaches to
reduce these health problems.
– Ergonomics: the science of designing machines,
products, and systems to maximize the safety,
comfort, and efficiency of the people who use
them.
 Ethical Issues In Information
Systems
• Ethical issues deal with what is generally
considered right or wrong.
• Code of ethics: states the principles and core
values that are essential to a set of people
and, therefore, govern their behavior.