Embed Size (px)
Citation preview
IT Security, Ethics and Society
IT Security, Ethics, and Society
Next : Principles of Technology Ethics
Principles of Technology Ethics
Next : Responsible Professional Guidelines
Responsible Professional Guidelines
A responsible professional
Acts with integrity
Increases personal competence
Sets high standards of personal performance
Accepts responsibility for his/her work
Advances the health, privacy, and general welfare of the public
Next : Computer Crime
Computer Crime
– Unauthorized use, access, modification, or destruction of hardware, software, data, or network resources
– The unauthorized release of information
– The unauthorized copying of software
– Denying an end user access to his/her own hardware, software, data, or network resources
– Using or conspiring to use computer or network resources illegally to obtain information or tangible property
Next : Corporate Protection Mechanisms
Corporate Protection Mechanisms
Next : Hacking
Hacking
Hacking
The obsessive use of computers
Unauthorized access/use of networked computers
Breaking and Entering
Hacking into a computer system and reading files, but neither stealing nor damaging anything
Cracker
A malicious or criminal hacker who maintainsknowledge of vulnerabilities found for private advantage
Next : Cyber Theft
Cyber TheftMany computer crimes involve theft of moneyMany computer crimes involve theft of money
Most are “inside jobs” that involve unauthorized network entry and alteration of databases to cover the
tracks of the employees involved
Many attacks occur through the Internet (E.g. Phishing)
Most companies don’t reveal that they have been targets or victims of cyber crime
Next : Cyber Terrorism
Cyberterrorism
• The leveraging of an organization’s or government’s computers and information– Particularly through the Internet– To cause physical, real-world harm or severe
disruption of infrastructure
• Can have serious, large-scale influence– Can weaken a country’s economy– Can affect Internet-based businesses
Next : Cyber Terrorism
Cyberterrorism
Life-support at Antarctic research station turned off
Release of untreated sewage into waterways
Examples of Cyberterrorism
Systems shut down in nuclear power plants
Website content replacement by Extremist groups
Next : Unauthorized use at work
Unauthorized Use at Work
• Unauthorized use of computer systems and networks is time and resource theft– Doing private consulting– Doing personal finances– Playing video games– Unauthorized use of Internet or company networks
• Sniffers– Monitor network traffic or capacity to find evidence
of improper useNext : Internet Abuses at the Workplace
Internet Abuses in the WorkplaceGeneral email
abuses
Plagiarism
Unauthorizeduse and access
Newsgrouppostings
Copyrightinfringement
Transmission ofconfidential data
Moonlighting
Hacking
Use ofexternal ISPs
Pornography
Leisure useof Internet
Non-work-relateddownloads or
upload
Next : Software Piracy
Software Piracy
• Software Piracy– Unauthorized copying of computer programs
• Licensing– Purchasing software is really a payment
for a license for fair use– Site license allows a certain number of copies– Public domain software is not copyrightedA third of the software industry’s revenues are lost to piracy
Next : Theft of IP
Theft of Intellectual Property• Intellectual Property
– Copyrighted material– Includes music, videos, images, articles, books,
and software
• Copyright Infringement is Illegal– Peer-to-peer networking techniques have made
it easy to trade pirated intellectual property
• Publishers Offer Inexpensive Online Music– Illegal downloading of music and video is
down and continues to drop
Next : Virus and Worms
Viruses and Worms• A virus is a program that cannot work without being inserted
into another program– A worm is a distinct program that can run unaided
• These programs copy annoying or destructive routines into networked computers– Copy routines spread the virus
• Commonly transmitted through– The Internet and online services– Email and file attachments– Disks from contaminated computers– Shareware
Next : Privacy Issues
Privacy Issues
The power of information technology to store and retrieve information can have a negative effect on every individual’s right to privacy– Personal information is collected with every
visit to a Web site
– Confidential information stored by credit bureaus, credit card companies, and the government has been stolen or misused
Next : Privacy Issues
Privacy Issues
• Computer Matching– Using customer information gained from many
sources to market additional business services
• Unauthorized Access of Personal Files– Collecting telephone numbers, email addresses,
credit card numbers, and other information to build customer profiles
Next : Internet Privacy
Protecting Your Privacy on the Internet
• Ways to protect your privacy– Encrypt email
– Ask your ISP not to sell your name and information to mailing list providers and other marketers
– Don’t reveal personal data and interests on online service and website user profiles
Next : IT Act 2000
IT Act 2000
The Information Technology Act was passed in 2000 to have a check on the increasing cyber crimes.Legal validity of e-mails and digital signatures.
Violation leads to Imprisonment and Compensation up to RS.1 Crore
Next : IT Security
IT Security
IT security is a personal obligation.It is a matter of attitude and culture.Power of IT and Social networking is huge and should be put to good use
Next : Ergonomics
Ergonomics
Designing healthy work environments
Safe, comfortable,
pleasant place for
people to work
Safe, comfortable,
pleasant place for
people to work
Increases employee
morale and productivity
Increases employee
morale and productivity
Also called human factors
engineering
Also called human factors
engineering
