Professional Documents
Culture Documents
Ethical Frameworks
Utilitarian approach
Rights approach
Fairness approach
Common good approach
General Framework for Ethics
Code of ethics
Ethics scenarios
Ethics and Information Technology
Accuracy Issues
Property Issues
Accessibility Issues
3.2 Privacy
Court decisions have followed two rules:
• The Problem
• The Solution
• The Results
CHAPTER 4
Information Security
CHAPTER OUTLINE
Information Security
Threat
Exposure
Vulnerability
© Sebastian/AgeFotostock America, Inc.
© laggerbomber-Fotolia.com
© Dragonian/iStockphoto
© PhotoEdit/Alamy Limited
Decreasing Skills Needed to be a Hacker
These
employees hold
ALL the
information
Two examples
Tailgating
Shoulder surfing
Identify theft
View Source
Deliberate Threats (continued)
Alien Software
Spyware (see video)
Spamware
Cookies
Cookie demo
© SergeyTitov/iStockphoto
What if a SCADA attack were successful?
Results in NYC
Risk
Risk management
Risk analysis
Risk mitigation
Risk Acceptance
Risk limitation
Risk transference
7.5 Information Security Controls
Physical controls
Access controls
Communications (network) controls
Where Defense Mechanisms
(Controls) Are Located
Access Controls
Authentication
Something the user is (biometrics powerpoints)
Video on biometrics
The latest biometric: gait recognition
Something the user has
Something the user does
Something the user knows
passwords
passphrases
Access Controls (continued)
Authorization
Privilege
Least privilege
Communications Controls
Firewalls
Anti-malware systems
Encryption
Communication or Network Controls
(continued)
• SpectorSoft
• Websense
Hot Site
Warm Site
Cold Site
Information Systems Auditing
Internal
External
IS Auditing Procedure
• The IT Solutions
• The Results