Privacy - Cal State LA - Instructional Web Server

Download Report

Transcript Privacy - Cal State LA - Instructional Web Server 

Management Information Systems
CIS 301
Spring 2006
Week 9 Lectures
Dr. David Gadish
© 2004-06, David Gadish, Ph.D.
1
Week 8 Review
 More student introductions
 IT Infrastructures - Business-Driven
Technology (Chap 7)
 Computer Crime and Forensics (ELM-H)
© 2004-06, David Gadish, Ph.D.
2
Week 9 Overview
 More student introductions
 Protecting People and Information – threats
and Safeguards (Chap 8)
 Building an e-Portfolio (ELM-I)
© 2004-06, David Gadish, Ph.D.
3
Protecting People and
information – Threats and
Safeguards
Chapter 8
4
Presentation
 Ethics
 Privacy
 Information
 Security
© 2004-06, David Gadish, Ph.D.
5
Introduction
 To handle information in a responsible
way you must understand:
– The importance of ethics in the ownership
and use of information.
– The importance to people of personal privacy
and the ways in which it can be
compromised.
– The value of information to an organization.
– Threats to information and how to protect
against them (security).
© 2004-06, David Gadish, Ph.D.
6
Introduction
© 2004-06, David Gadish, Ph.D.
7
Ethics
 Ethics - the principles and standards
that guide our behavior toward other
people.
© 2004-06, David Gadish, Ph.D.
8
Ethics
Two Factors That Determine How You Decide
Ethical Issues
1. Your basic ethical structure, which you
developed as you grew up.
2. The set of practical circumstances
involved in the decision that you’re trying
to make — that is, all the shades of gray in
what are rarely black or white decisions.
© 2004-06, David Gadish, Ph.D.
9
Ethics
Two Factors That Determine How You Decide
Ethical Issues
© 2004-06, David Gadish, Ph.D.
10
Ethics
Two Factors That Determine How You Decide
Ethical Issues
 The practical circumstances surrounding
decisions include:
1. Consequences - how much or how little
benefit or harm will come from a particular
decision?
2. Society’s opinion - what is your perception
of what society really thinks of your
intended action?
3. Likelihood of effect - what is the probability
of the harm or benefit that will occur if you
take the action?
© 2004-06, David Gadish, Ph.D.
11
Ethics
Two Factors That Determine How You
Decide Ethical Issues
4. Time to consequences - what length of time
will it take for the benefit or harm to take
effect?
5. Relatedness - how much do you identify with
the person or persons who will receive the
benefit or suffer the harm?
6. Reach of result - how many people will be
affected by your action?
© 2004-06, David Gadish, Ph.D.
12
Ethics
Guidelines for Ethical Computer System Use
 The four quadrants of ethical and legal behavior.
 Try to stay in quadrant I.
© 2004-06, David Gadish, Ph.D.
13
Ethics
Intellectual Property
 Intellectual property - intangible creative
work that is embodied in physical form.
 Copyright - the legal protection afforded
an expression of an idea, such as a song,
video game, and some types of proprietary
documents.
© 2004-06, David Gadish, Ph.D.
14
Ethics
Intellectual Property
 Fair Use Doctrine - says that you may
use copyrighted material in certain
situations — for example, in the creation
of new work or, within certain limits, for
teaching purposes.
 Pirated software - the unauthorized use,
duplication, distribution or sale of
copyrighted software.
© 2004-06, David Gadish, Ph.D.
15
Ethics
Intellectual Property
 Counterfeit software - software that
is manufactured to look like the real
thing and sold as such.
© 2004-06, David Gadish, Ph.D.
16
Privacy
 Privacy - the right to:
– be left alone when you want to be
– have control over your own personal
possessions
– not to be observed without your consent
© 2004-06, David Gadish, Ph.D.
17
Privacy
Privacy and Other Individuals
 Key logger, or key trapper,
software, -a program, when installed
on a computer, records every
keystroke and mouse click.
© 2004-06, David Gadish, Ph.D.
18
Privacy
Privacy and Other Individuals
 E-mail is completely insecure.
 Each e-mail you send results in at least 3
or 4 copies being stored on different
computers.
 You can take measures to protect your e-
mail.
© 2004-06, David Gadish, Ph.D.
19
Privacy
Privacy and Other Individuals
© 2004-06, David Gadish, Ph.D.
20
Privacy
Privacy and Employees
 Companies need information about their
employees and customers to be effective in
the marketplace.
 In 2001, 63% of companies monitored
employee Internet connections including
about two-thirds of the 60 billion electronic
messages sent by 40 million e-mail users.
© 2004-06, David Gadish, Ph.D.
21
Privacy
Privacy and Employees
 Good reasons for seeking and storing
personal information on employees.
– Hire the best people possible and avoid being
sued for failing to adequately investigate
backgrounds.
– Ensure staff members are conducting
themselves appropriately.
– Held liable for the actions of employees.
© 2004-06, David Gadish, Ph.D.
22
Privacy
Privacy and Employees
 Hardware key logger - a hardware
device that captures keystrokes on their
journey from the keyboard to the
motherboard.
© 2004-06, David Gadish, Ph.D.
23
Privacy
Privacy and Consumers
 Customers want businesses to:
– Know who they are, but they want them to
leave them alone.
– Provide what they want, but they don’t want
businesses knowing too much about their
habits and preferences.
– Tell them about products and services they
might like to have, but don’t want to be
inundated with ads.
© 2004-06, David Gadish, Ph.D.
24
Privacy
Privacy and Consumers

Cookie - a small record deposited on your
hard disk by a Web site containing information
about you and your Web activities.

Adware - software to generate ads that installs
itself on your computer when you download
some other (usually free) program from the
Web.

Trojan-horse software - software you don’t
want, hidden inside software you do want.
© 2004-06, David Gadish, Ph.D.
25
Privacy
Privacy and Consumers
Adware
© 2004-06, David Gadish, Ph.D.
26
Privacy
Privacy and Consumers
 Spyware (also called sneakware or
stealthware) - software that comes hidden
in free downloadable software and tracks
your online movements, mines the
information stored on your computer, or
uses your computer’s CPU and storage for
some task you know nothing about.
© 2004-06, David Gadish, Ph.D.
27
Privacy
Privacy and Consumers
 Web log - consists of one line of information for every
visitor to a Web site and is usually stored on a Web server.
 Clickstream - records information about you during a Web
surfing session such as what Web sites you visited, how
long you were there, what ads you looked at, and what you
bought.
 Anonymous Web browsing (AWB) services - hides your
identity from the Web sites you visit.
© 2004-06, David Gadish, Ph.D.
28
Privacy
Privacy and Government Agencies
 Government agencies have about 2,000
databases containing personal information
on individuals (…much much more…).
 The various branches of government need
information to administer entitlement
programs, such as social security, welfare,
student loans, law enforcement, and so on.
© 2004-06, David Gadish, Ph.D.
29
Privacy
Privacy and Government Agencies
 Law enforcement
– NCIC (National Crime Information Center)
– FBI’s
• Carnivore or DCS-1000
• Magic Lantern (software key logger)
– NSA (National Security Agency)
• Echelon
© 2004-06, David Gadish, Ph.D.
30
Privacy
Privacy and Government Agencies
 Other Federal agencies
– IRS
– Census bureau
– Student loan services
– Social security
– Welfare records
© 2004-06, David Gadish, Ph.D.
31
Privacy
Privacy and International Trade
 Safe-harbor principles - a set of rules
to which U.S. businesses that want to
trade with the European Union (EU)
must adhere.
© 2004-06, David Gadish, Ph.D.
32
Privacy
Privacy and International Trade
 The rights granted to EU citizens include the
consumer’s right to:
–
–
–
–
Know the marketer’s source of information.
Check personal identifiable information for accuracy.
Correct any incorrect information.
Specify that information can’t be transferred to a third
party without the consumer’s consent.
– Know the purpose for which the information is being
collected.
© 2004-06, David Gadish, Ph.D.
33
Privacy
Laws on Privacy
 The Health Insurance Portability and
Accountability (HIPAA) act seeks to:
–
–
–
–
Limit release and use of health information.
Right to access your medical records.
Specify circumstances of access.
Disclosure if recipient signs protection
agreement.
© 2004-06, David Gadish, Ph.D.
34
Privacy
Laws on Privacy
© 2004-06, David Gadish, Ph.D.
35
Information
© 2004-06, David Gadish, Ph.D.
36
Information
Information as Raw Material
 Raw materials are the components from which a product is
made.
 Wood, glue, and screws are raw materials for a chair.
 Almost everything you buy has information as part of the
product.
 The most successful companies place the highest value on
information.
© 2004-06, David Gadish, Ph.D.
37
Information
Information as Capital
 Capital is the asset you use to produce a product or
service.
 Buildings, trucks, and machinery are assets.
 Information is capital since it is used by companies to
provide products and services.
© 2004-06, David Gadish, Ph.D.
38
Security
Security and Employees
 Most of the press reports are about outside
attacks on computer systems, but actually,
companies are in far more danger of losing
money from employee misconduct than
they are from outsiders.
 White-collar crime accounts for about $400
billion in losses every year.
© 2004-06, David Gadish, Ph.D.
39
Security
Security and Employees
© 2004-06, David Gadish, Ph.D.
40
Security
Security and Collaboration Partners
 If you use collaboration systems,
representatives of other companies can gain
access to your systems.
 Grid computing - harnesses far-flung
computers together by way of the Internet
or a virtual private network to share CPU
power, databases, and database storage.
© 2004-06, David Gadish, Ph.D.
41
Security
Security and Outside Threats
 85% of large companies and governmental
agencies were broken into during 2001.
 Hackers - very knowledgeable computer
users who use their knowledge to invade
other people’s computers.
© 2004-06, David Gadish, Ph.D.
42
Security
Security and Outside Threats
© 2004-06, David Gadish, Ph.D.
43
Security
Security and Outside Threats
 Computer virus (or simply a virus) - is software that is
written with malicious intent to cause annoyance or
damage.
 Worm - a type of virus that spreads itself, not just from
file to file, but from computer to computer via e-mail
and other Internet traffic.
 Denial-of-service attack (DoS) - floods a Web site with
so many requests for service that it slows down or
crashes.
© 2004-06, David Gadish, Ph.D.
44
Security
Security and Outside Threats
© 2004-06, David Gadish, Ph.D.
45
Security
Security and Outside Threats
 Computer viruses can’t:
– Hurt your hardware (i.e. monitors, printers, or
processor.)
– Hurt any files they weren’t designed to attack.
– Infect files on write-protected disks.
© 2004-06, David Gadish, Ph.D.
46
Security
Security Precautions
 Risk management - consists of the
identification of risks or threats, the
implementation of security measures, and the
monitoring of those measures for effectiveness.
© 2004-06, David Gadish, Ph.D.
47
Security
Security Precautions
 Risk assessment - the process of evaluating IT
assets, their importance to the organization, and
their susceptibility to threats, to measure the risk
exposure of these assets.
 Risk assessment asks:
– What can go wrong?
– How likely is it to go wrong?
– What are the possible consequences if it does go
wrong?
© 2004-06, David Gadish, Ph.D.
48
Security
Security Precautions
 Backup - the process of making a copy of the
information stored on a computer.
 Anti-virus software - detects and removes or
quarantines computer viruses.
 Firewall - hardware and/or software that
protects computers from intruders.
© 2004-06, David Gadish, Ph.D.
49
Security
Security Precautions
 Biometrics - the use of physical
characteristics — such as your
fingerprint, the blood vessels in the retina
of your eye, the sound of your voice, or
perhaps even your breath — to provide
identification.
© 2004-06, David Gadish, Ph.D.
50
Security
Security Precautions
 Encryption – scrambles the contents of a file so
that you can’t read it without having the right
decryption key.
 Public key encryption (PKE) - an encryption
system that uses two keys: a public key that
everyone can have and a private key for only the
recipient.
© 2004-06, David Gadish, Ph.D.
51
Security
Security Precautions
 Intrusion-detection software - looks for people
on the network who shouldn’t be there or who
are acting suspiciously.
 Security auditing software - checks out your
computer or network for potential weaknesses.
© 2004-06, David Gadish, Ph.D.
52
Building and e-Portfolio
ELM - I
53
Presentation Overview
 The Electronic Job Market
 Preparations Before You Write
 Writing Targeted Resume Content
 Developing e-Portfolio Content
 Web Design Considerations
 Preparing Web Content
© 2004-06, David Gadish, Ph.D.
54
The Electronic Job Market
 Electronic job market - makes use of
Internet technologies to recruit employees
and is growing by leaps and bounds.
© 2004-06, David Gadish, Ph.D.
55
The Electronic Job Market
© 2004-06, David Gadish, Ph.D.
56
The Electronic Job Market
© 2004-06, David Gadish, Ph.D.
57
Preparations Before You Write
 Hidden job market – the collective term
used to describe jobs that are not
advertised.
 Up to 80 percent of new jobs fall into this
category.
© 2004-06, David Gadish, Ph.D.
58
Preparations Before You Write
Start to Network
 Phone
 Face-to-face
 Mailing lists - discussion groups
organized by area of interest.
© 2004-06, David Gadish, Ph.D.
59
Preparations Before You Write
Perform Self-Assessment
 Skill words – nouns and adjectives used by
organizations to describe job skills which should
be woven into the text of applicants’ resumes.
 There are many good tools for self-assessment
including:
–
–
–
–
–
Personality profiles
Checklists
Strength identification
Achievement lists
Writing and projection exercises
© 2004-06, David Gadish, Ph.D.
60
Preparations Before You Write
Research Careers, Industries, and
Companies
 Directory search engine - organizes listings of
Web sites into hierarchical lists.
– Yahoo! is the most popular and well-known of these.
 True search engine - uses software agent
technologies to search the Internet for key words
and then places them into indexes.
– Ask Jeeves is the most popular and well-known true
search engine.
© 2004-06, David Gadish, Ph.D.
61
Preparations Before You Write
Research Careers, Industries, and Companies
© 2004-06, David Gadish, Ph.D.
62
Writing Targeted Resume Content
Powerful Objective Statements
 A well-developed objective statement is a
powerful tool for getting employers to look
more deeply into your potential.
 Typical objective statements are short -
between one and three sentences and appear
below the contact information.
© 2004-06, David Gadish, Ph.D.
63
Writing Targeted Resume Content
Important Contact Information
 You should dedicate the first section of your
resume to your name and how you can be
contacted.
 Contact information must be complete, correct,
and permanent.
 If your resume is pulled for consideration six
months from now, the contact information should
still be valid.
© 2004-06, David Gadish, Ph.D.
64
Writing Targeted Resume Content
Other Valuable Resume Sections
 The other sections included in your resume
are determined by what you need to
communicate.
 Ideally all other content would directly
support your objectives and skills.
© 2004-06, David Gadish, Ph.D.
65
Developing e-Portfolio Content
 Electronic portfolio (e-portfolio) - a
collection of Web documents used to
support a stated purpose such as
demonstrating writing or photography
skills.
© 2004-06, David Gadish, Ph.D.
66
Developing e-Portfolio Content
Gallery
 An e-portfolio provides you with the opportunity
to demonstrate your skills through a gallery of
works.
 The gallery should include:
– Writing samples.
– Spreadsheets or other applications of business tools.
– Demonstrations of analytical, tracking, planning, or
management skills.
– Presentations that you’ve developed.
© 2004-06, David Gadish, Ph.D.
67
Developing e-Portfolio Content
Gallery
© 2004-06, David Gadish, Ph.D.
68
Web Design Considerations
Basic Web Design Principles
1.
Define the site audience and purpose
2.
Some of the questions you can ask yourself to
help gain insight into your target audience are:
–
–
–
–
What is the average age of managers and employees?
How conservative is this industry?
Are employees expected to be artistic?
How do employees dress?
© 2004-06, David Gadish, Ph.D.
69
Web Design Considerations
Basic Web Design Principles
 Keep in mind that good printed layout
does not translate effectively to the Web.
–
–
–
Web pages are designed to be browsed.
Web pages are not the same size.
Web page layout varies depending on the
Web browser, screen resolution, operating
system, and monitor being used.
© 2004-06, David Gadish, Ph.D.
70
Web Design Considerations
Basic Web Design Principles
© 2004-06, David Gadish, Ph.D.
71
Web Design Considerations
Basic Web Design Principles
© 2004-06, David Gadish, Ph.D.
72
Web Design Considerations
Basic Web Design Principles
Site structure

The structure of a Web site is how the various
pages of the site are linked together.

There are a number of schools of thought when
it comes to Web page length, scrolling or
clicking.
© 2004-06, David Gadish, Ph.D.
73
Web Design Considerations
Basic Web Design Principles
© 2004-06, David Gadish, Ph.D.
74
Web Design Considerations
Design Your Home Page
 When designing a group of Web pages
that are structured to work together, such
as an e-Portfolio site, it’s critical that each
page contain common color, font,
navigation, and layout design elements.
 It should be obvious to a user who has
clicked on a link to another site page that
he or she is still in your e-portfolio site.
© 2004-06, David Gadish, Ph.D.
75
Web Design Considerations
Design Your Home Page
Color

There are four colors to select for your Web site
- text, link, visited link, and background.

It’s important that the colors match your
audience preferences and work well together.
© 2004-06, David Gadish, Ph.D.
76
Web Design Considerations
Design Your Home Page
© 2004-06, David Gadish, Ph.D.
77
Web Design Considerations
Design Your Home Page
5. Document the site design
– After designing your home page, you should
have a good idea of how to segment and link
(organize) your remaining e-portfolio content.
– Ideally, you should create logical groupings of
content so that you have no more than eight
links on your home page.
© 2004-06, David Gadish, Ph.D.
78
Web Design Considerations
Design Your Home Page
© 2004-06, David Gadish, Ph.D.
79
Questions?
© 2004-06, David Gadish, Ph.D.
80
Next Week’s Agenda
 Implementing a Database with MSAccess
(ELM-J)
 Protecting People and Information - Threats
and Safeguards (Chap 9)
 Course Review / Discussion
© 2004-06, David Gadish, Ph.D.
81