LECTURE 8

SECURITY, ETHICAL AND

SOCIAL CHALLENGES OF
IS/MIS

James A. O'Brien, and George Marakas

Management Information Systems
 Chapter 13 Security and Ethical
2
Challenges

IT Security, Ethics, and Society

• IT has both beneficial
and detrimental (harmful)
effects on society and
people
• Manage work activities
to minimize the
detrimental effects of IT
• Optimize the beneficial
effects.
Chapter 13 Security and Ethical
3
Challenges

Business Ethics
• Business ethics is the written and unwritten principles and
values that govern decisions and actions within
companies.

• Ethics questions that managers confront as part of their

daily business decision making include:
• Equity
• Rights
• Honesty
• Power
 Chapter 6 Telecommunications and Networks 4

Business Ethics for Executives

• Honesty
• Integrity
• Promise-Keeping
• Trustworthiness
• Loyalty
• Fairness
• Concern for Others
• Respect for Others
• Law Abiding
• Commitment to Excellence
• Leadership
• Reputation & Morale
• Accountability
 Chapter 13 Security and Ethical
5
Challenges

Computer Crime
• Computer crime includes
• Unauthorized use, access, modification, or destruction of hardware,
software, data, or network resources

• The unauthorized release of information

• The unauthorized copying of software

• Denying an end user access to his/her own hardware, software,

data, or network resources

• Using or conspiring to use computer or network resources illegally to

obtain information or tangible property
 Chapter 13 Security and Ethical
6
Challenges

Hacking
• Hacking is
• The obsessive use of computers
• The unauthorized access and use of networked computer systems

• Electronic Breaking and Entering

• Hacking into a computer system and reading files, but neither stealing
nor damaging anything

• Cracker
• A malicious or criminal hacker who maintains knowledge of the
vulnerabilities found for private advantage
Chapter 13 Security and Ethical
7
Challenges

Cyber Theft
• Many computer crimes involve the theft of money

• The majority are “inside jobs” that involve unauthorized

network entry and alternation of computer databases to
cover the tracks of the employees involved

• Many attacks occur through the Internet

• Most companies don’t reveal that they have been targets

or victims of cybercrime
Chapter 13 Security and Ethical
8
Challenges

Software Piracy and Copyright

• Software Piracy
• Unauthorized copying of computer programs

• Licensing
• Purchasing software is really a payment for a license for fair use
• Site license allows a certain number of copies
Chapter 13 Security and Ethical
9
Challenges

Unauthorized use at Work

• Unauthorized use of computer systems and networks is
time and resource theft
• Doing private consulting
• Doing personal finances
• Playing video games
• Unauthorized use of the Internet or company networks

• Sniffers
• Used to monitor network traffic or capacity
• Find evidence of improper use
Chapter 13 Security and Ethical
10
Challenges

Internet abuses in the Workplace

• General email abuses
• Unauthorized usage and access
• Copyright infringement/plagiarism
• Newsgroup postings
• Transmission of confidential data
• Pornography
• Hacking
• Non-work-related download/upload
• Leisure use of the Internet
• Use of external ISPs
• Moonlighting (have a second job in addition to one's regular employment.)
Chapter 13 Security and Ethical
11
Challenges

Theft of Intellectual Property

• Intellectual Property
• Copyrighted material
• Includes such things as music, videos, images, articles, books, and
software

• Copyright Infringement is Illegal

• Peer-to-peer networking techniques have made it easy to trade
pirated intellectual property

• Publishers Offer Inexpensive Online Music

• Illegal downloading of music and video is down and continues to
drop
Chapter 13 Security and Ethical
12
Challenges

Common Hacking Tactics

• Denial of Service
• Scans
• Sniffer
• Spoofing
• Trojan Horse
• Back Doors
• Malicious Applets
• War Dialing
• Logic Bombs
• Buffer Overflow
• Password Crackers
• Social Engineering
• Dumpster Diving
Chapter 13 Security and Ethical
13
Challenges

Viruses and Worms

• A virus is a program that cannot work without being
inserted into another program (aided).
• A worm can run unaided (needing or having no assistance; without help)
• These programs copy annoying or destructive routines into
networked computers
• Commonly transmitted through
• The Internet and online services
• Email and file attachments
• Shareware
 Chapter 13 Security and Ethical
14
Challenges

Spyware Problems
• Spyware can steal private information and also
• Add advertising links to Web pages
• Redirect affiliate payments
• Change a users home page and search settings
• Make a modem randomly call premium-rate phone numbers
• Leave security holes that let Trojans in
• Degrade system performance
Chapter 13 Security and Ethical
15
Challenges

Opt-in Versus Opt-out

• Opt-In
• "Opt-in" is the process used to describe when a positive action is
required in order to subscribe a user to a newsletter list, for example.
• Opt-Out
• "Opt-out" on the other hand means that a user can be signed up
much more easily and he needs to be given the possibility to opt-out
easily. Under opt-in regimes, the second "Opt-out" process would be
forbidden.
• Usually opt-out is used as a term for the regime that is being
applied for US-American direct marketing messages,
• While opt-in is the regime that is used under European and
Canadian data protection rules.
•
Chapter 13 Security and Ethical
16
Challenges

Privacy Issues
• The power of information technology to store and retrieve
information can have a negative effect on every
individual’s right to privacy.

• Violation of Privacy
• Accessing individuals’ private email conversations and
computer records

• Unauthorized Access of Personal Files

• Collecting telephone numbers, email addresses, credit card
numbers, and other information to build customer profiles
Chapter 13 Security and Ethical
17
Challenges

Computer Libel and Censorship

• Flaming is a personal attack, when posting something
negative about a person instead of an idea about the game.
There is zero need to use personal attacks in this board.
• Indiscriminate sending of unsolicited email messages to
many Internet users

• Spamming is posting the same thing, often cut and paste,

repeatedly on the same or different threads. Advertising
external sites or services is also considered spam.
• Sending extremely critical, derogatory (showing a critical or
disrespectful attitude), and often vulgar email (Receiving
sexually explicit) messages or newsgroup posting to other
users on the Internet or online services
 Chapter 6 Telecommunications and Networks 18

Computer libel and Censorship

• Censorship (by using Internet) is the control or suppression of what
can be accessed, published, or viewed on the internet. It may be
carried out by governments, private organizations at the behest of
government, regulators, or on their own initiative.
Chapter 13 Security and Ethical
19
Challenges

Questions
1. Define ethics, business ethics and social responsibility.
2. What are the four parameters of business ethics, explain with
examples.
3. Define Computer Crime, Hacking, Cyber Theft, Software Piracy
4. List a Common Hacking Tactics with their meaning.
5. Give a list of Internet Abuses in the Workplace.
6. How do you define the Theft of Intellectual Property
7. Define Viruses and Worms how they spread to computer.
8. Define Adware and Spyware, and what the difference between them
is.
9. Define Opt-in and Opt-out, and what the difference between them
are.
10. What is Privacy – what are the different issues of Privacy?
11. Explain Computer Libel and Censorship in regards to Flaming and
Spamming.