INFORMATICS 112
CHAPTER 13
BY MICAELA ECKARD
INFORMATION
SYSTEMS IN BUSINESS
AND SOCIETY
______________________________________________________________________________________________
SECURITY, PRIVACY AND ETHICAL ISSUES
COMPUTER WASTE AND MISTAKES
Steps to Preventing Computer-Related Waste and Mistakes
1. Establishing Policies and Procedures
This regards efficient acquisition, use and disposal of systems and devices.
The types of computer-related mistakes include the following:
→ Data-entry or data-capture errors
→ Errors in computer programs
→ Errors in handling files, including formatting a disc by mistake, copying an old
file over a newer one and deleting a file by mistake.
→ Mishandling of computer output.
2. Implementing Policies and Procedures
Useful policies to minimize waste and mistakes include the following:
→ HTML and URLs should be tightly controlled with all changes authorized by
responsible owners and
→ documented.
→ A user manual should be available that covers operating procedures and
documents the management and control of the application.
→ Each system report should indicate its general content in its title and specify
the time period it covers.
→ The system should have controls to prevent invalid and unreasonable data
entry.
3. Monitoring Policies and Procedures
, 4. Reviewing Policies and Procedures
During review, people should ask the following questions:
→ Do current policies cover existing practices adequately?
→ Is the organization planning any new activities in the future? If so, does it
need new policies or procedures on who will handle them and what must
be done?
→ Are contingencies and disasters covered?
COMPUTER CRIME
TYPES OF COMPUTER CRIME:
1. Identity Theft
Imposter obtains personal identification information
→ e.g. ID or driver’s license numbers in order to impersonate someone else
→ WHY?
To obtain credit, merchandise, and services in the name of the victim and to
have false credentials
SOCIAL ENGINEERING: Using one’s social skills to get computer users to provide you with
information to access an information system or its data.
2. Cyberterrorism
A Cyberterrorist intimidates or coerces a government or organization to
advance his/her political or social objectives by launching computer-based
attacks against computers, networks, and information stored on them.
3. Illegal access and use
CRACKER: A person who enjoys computer technology and spends time learning and using
computer systems.
SCRIPT KIDDIE: A cracker with little technical savvy who downloads programs called scripts,
which automate the job of breaking into computers.
4.
INSIDER: An employee working solo or in concert with outsiders to compromise corporate systems.
VIRUS: A computer program file capable of attaching to discs or other files and replicating itself
repeatedly, typically without the user’s knowledge or permission.
WORM: A parasitic computer program that can create copies of itself on the infected computer
or send copies to other computers via a network.
TROJAN HORSE: program is a malicious program that disguises itself as a useful application
and purposefully does something the user does not expect.
5. Equipment theft
6. Software and internet software piracy
Software is protected by copyright laws
Copyright law violations entails
→ Making additional copies
CHAPTER 13
BY MICAELA ECKARD
INFORMATION
SYSTEMS IN BUSINESS
AND SOCIETY
______________________________________________________________________________________________
SECURITY, PRIVACY AND ETHICAL ISSUES
COMPUTER WASTE AND MISTAKES
Steps to Preventing Computer-Related Waste and Mistakes
1. Establishing Policies and Procedures
This regards efficient acquisition, use and disposal of systems and devices.
The types of computer-related mistakes include the following:
→ Data-entry or data-capture errors
→ Errors in computer programs
→ Errors in handling files, including formatting a disc by mistake, copying an old
file over a newer one and deleting a file by mistake.
→ Mishandling of computer output.
2. Implementing Policies and Procedures
Useful policies to minimize waste and mistakes include the following:
→ HTML and URLs should be tightly controlled with all changes authorized by
responsible owners and
→ documented.
→ A user manual should be available that covers operating procedures and
documents the management and control of the application.
→ Each system report should indicate its general content in its title and specify
the time period it covers.
→ The system should have controls to prevent invalid and unreasonable data
entry.
3. Monitoring Policies and Procedures
, 4. Reviewing Policies and Procedures
During review, people should ask the following questions:
→ Do current policies cover existing practices adequately?
→ Is the organization planning any new activities in the future? If so, does it
need new policies or procedures on who will handle them and what must
be done?
→ Are contingencies and disasters covered?
COMPUTER CRIME
TYPES OF COMPUTER CRIME:
1. Identity Theft
Imposter obtains personal identification information
→ e.g. ID or driver’s license numbers in order to impersonate someone else
→ WHY?
To obtain credit, merchandise, and services in the name of the victim and to
have false credentials
SOCIAL ENGINEERING: Using one’s social skills to get computer users to provide you with
information to access an information system or its data.
2. Cyberterrorism
A Cyberterrorist intimidates or coerces a government or organization to
advance his/her political or social objectives by launching computer-based
attacks against computers, networks, and information stored on them.
3. Illegal access and use
CRACKER: A person who enjoys computer technology and spends time learning and using
computer systems.
SCRIPT KIDDIE: A cracker with little technical savvy who downloads programs called scripts,
which automate the job of breaking into computers.
4.
INSIDER: An employee working solo or in concert with outsiders to compromise corporate systems.
VIRUS: A computer program file capable of attaching to discs or other files and replicating itself
repeatedly, typically without the user’s knowledge or permission.
WORM: A parasitic computer program that can create copies of itself on the infected computer
or send copies to other computers via a network.
TROJAN HORSE: program is a malicious program that disguises itself as a useful application
and purposefully does something the user does not expect.
5. Equipment theft
6. Software and internet software piracy
Software is protected by copyright laws
Copyright law violations entails
→ Making additional copies
