Ch11 Security

Module V – Management Challenges
Security, Ethical,
and Societal
Challenges of IT
Ethical
Security and
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Challenges
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Copyright 2005, McGraw-Hill/Irwin, Inc. 11-1
Learning Objectives
1. Identify several ethical issues in how the
Security, Ethical,
and Societal
use of information technologies in
Challenges of IT business affects employment,
Ethical
Responsibility of individuality, working conditions,
Business
Professionals
privacy crime, health, and solutions to
Computer Crime societal problems.
Privacy Issues
Health Issues 2. Identify several types of security
Section II
Tools of Security
management strategies and defences,
Management and explain how they can be used to
Internetworked
Security Defenses ensure the security of business
System Controls
and Audits
applications of information technology.
3. Propose several ways that business
Real World Cases
managers and professionals can help to
lessen the harmful effects and increase
KEY TERMS
the beneficial effects of the use of
BACK NEXT
END information technology.
Security and Ethics
Security, Ethical,
and Societal
• Major Security Challenges
• Serious Ethical Questions
Challenges of IT
Ethical
Responsibility of
• Threats to Business and

Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Individuals
Management
Internetworked • Real World Case 1- F-Secure,
Security Defenses
System Controls
and Audits Microsoft, GM, and Verizon:
Real World Cases
The Business Challenge of
KEY TERMS Computer Viruses Click to go to
Case 1
END
BACK NEXT
Security and Ethics
Security, Ethical,
Business/IT Security, Ethics, and Society
and Societal
Challenges of IT
Ethical Employment Privacy
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security Business/IT
Security
Management Health Ethics and Crime
Internetworked
Security Defenses Society
System Controls
and Audits
Real World Cases
KEY TERMS
Individuality Working
END Conditions
BACK NEXT
Security and Ethics
Security, Ethical,
Ethical Responsibility
• Business Ethics
and Societal
Challenges of IT
Ethical
• Stockholder Theory
Responsibility of
Business
Professionals
Computer Crime
• Social Contract
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
Theory
System Controls
and Audits
• Stakeholder Theory
Real World Cases
KEY TERMS
END
BACK NEXT
Security and Ethics
Security, Ethical,
Ethical Responsibility
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security and Ethics
Security, Ethical,
Technology Ethics
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security and Ethics
Security, Ethical,
Ethical Guidelines
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security and Ethics
Security, Ethical,
Enron Corporation: Failure
and Societal
Challenges of IT in Business Ethics
Ethical
Responsibility of • Drove Stock Prices Higher Never
Business
Professionals Mentioning Any Weaknesses
Computer Crime
Privacy Issues • Promised Much – Delivered
Health Issues
Section II Little
Tools of Security
Management • Finally Admitted Overstated
Internetworked
Security Defenses Earnings by $586 Million in 1997
System Controls
and Audits • 1998 Third Quarter Loss $638
Million – Filed Bankruptcy
Real World Cases • Greed and Mismanagement
KEY TERMS Destroyed a Potentially
BACK NEXT
END Successful Business Plan
Security Management
Security, Ethical,
• Security is 6 to 8% of IT Budget in
and Societal
Challenges of IT
Developing Countries
Ethical
Responsibility of
• 63% Have or Plan to Have Position of
Business
Professionals
Chief Privacy or Information Officer
Computer Crime
Privacy Issues
in the Next Two Years
Health Issues
Section II
• 40% Have a Chief Privacy Officer
Tools of Security
Management
and Another 6% Intend One in the
Internetworked Next Two Years
• 39% Acknowledge that their Systems
Security Defenses
System Controls
and Audits
Have Been Compromised in the Past
Real World Cases
Year
KEY TERMS
• 24% Have Cyber Risk Insurance and
END
5% Intend to Acquire Such Coverage
BACK NEXT
Security Management
Security, Ethical,
and Societal
Security Technology Used
Challenges of IT
Ethical
Responsibility of
Antivirus
Business
96%
Professionals
Computer Crime
Virtual Private Networks
Privacy Issues 86%
Health Issues
Section II Intrusion-Detection Systems
Tools of Security 85%
Management
Internetworked Content Filtering/Monitoring
Security Defenses 77%
System Controls
and Audits Public-Key Infrastructure
45%
Real World Cases Smart Cards

43%
KEY TERMS
Biometrics
END 19%
BACK NEXT
Security Management
Security, Ethical,
PayPal, Inc. Cybercrime on the
and Societal
Challenges of IT Internet
Ethical
Responsibility of
• Online Payment Processing Company
Business
Professionals
• Observed Questionable Accounts
Computer Crime Being Opened
• Froze Accounts Used to Buy
Privacy Issues
Health Issues
Section II
Tools of Security Expensive Goods For Purchasers in
Management
Internetworked
Russia
Security Defenses
System Controls
• Used Sniffer Software and Located
and Audits Users Capturing PayPal Ids and
Passwords
Real World Cases
• More than $100,000 in Fraudulent
KEY TERMS Charges
BACK NEXT
END • Crooks Arrested by FBI
Security Management
Security, Ethical,
Computer Crime
• Hacking
and Societal
Challenges of IT
Ethical
• Cyber Theft
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
• Unauthorized Use of
Section II
Tools of Security
Management
Work
Internetworked
Security Defenses
System Controls
• Piracy of Intellectual
and Audits
Property
Real World Cases
KEY TERMS
• Computer Viruses and
BACK NEXT
END Worms
Security Management
Security, Ethical,
Examples of Common Hacking
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security Management
Security, Ethical,
Recourse Technologies:
and Societal
Challenges of IT Insider Computer Crime
• Link Between Company
Ethical
Responsibility of
Business
Professionals
Computer Crime Financial Difficulty and
Privacy Issues
Health Issues Insider Computer Crimes
• Use of “Honey Pots” Filled
Section II
Tools of Security
Management
Internetworked
Security Defenses with Phony Data to Attract
System Controls
and Audits Hackers
Real World Cases
• Software Catches Criminal
KEY TERMS
Activity in Seconds
BACK NEXT
END • Crime Exposed and Stopped
Security Management
Security, Ethical,
Internet Abuses in the Workplace
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security Management
Security, Ethical,
Network Monitoring Software
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security Management
Security, Ethical,
AGM Container Controls:
and Societal
Challenges of IT Stealing Time and Resources
Ethical
Responsibility of
Business
• The Net Contains Many
Professionals Productivity Distractions
• Remedies Include Monitoring
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Internet Use and Blocking
Management
Internetworked Sites Unrelated to Work
Security Defenses
System Controls • Importance of Telling
and Audits
Employees About Monitoring
Real World Cases • Use of Software Monitoring
KEY TERMS Provided Rebuttal Answers To
BACK NEXT
END Web Use Discussions
Security Management
Security, Ethical,
Copying Music CDs: Intellectual
and Societal
Challenges of IT
Property Controversy
• RIAA Crack Down on Music
Ethical
Responsibility of
Business
Professionals
Computer Crime Piracy
Privacy Issues
Health Issues • Web Sites Fighting Back
• 140 Million Writable Drives
Section II
Tools of Security
Management
Internetworked
Security Defenses In Use
System Controls
and Audits • Billions of Blank CDs Sold
Real World Cases
While Music CD Sales Are
Going Down
• Pirates Reluctant to Go Away
KEY TERMS
END
BACK NEXT
Security Management
Security, Ethical,
Facts About Recent Computer
and Societal
Challenges of IT
Viruses and Worms
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security Management
Security, Ethical,
University of Chicago: The
and Societal
Challenges of IT Nimda Worm
Ethical
Responsibility of • Nimda Worm Launch Sept. 18,
Business
Professionals 2001 Mass Mailing of Malicious
Computer Crime
Privacy Issues Code Attacking MS-Windows
Health Issues
Section II • Took Advantage of Back Doors
Tools of Security
Management Previously Left Behind
Internetworked
Security Defenses • In Four Hours the University of
System Controls
and Audits Chicago’s Web Servers were
Scanned by 7,000 Unique IP
Real World Cases Addresses Looking for Weaknesses
KEY TERMS • Many Servers Had to Be
BACK NEXT
END Disconnected
Privacy Issues
Security, Ethical,
Right to Privacy
and Societal
Challenges of IT
Ethical
Privacy on the Internet
Responsibility of
Business
Professionals
Acxiom, Inc. Challenges to
Computer Crime
Privacy Issues
Consumer Privacy
Health Issues
Section II
Tools of Security
• Acxiom – 30 Years
Management
Internetworked
Security Defenses
Amassing Massive
System Controls
and Audits
Database
• Sells Data to Subscribers
• Use by Telemarketers
Real World Cases
KEY TERMS
BACK NEXT
END and Credit Firms
Privacy Issues
Security, Ethical,
Right to Privacy
and Societal
Challenges of IT
Ethical • Computer Profiling
• Computer Matching
Responsibility of
Business
Professionals
• Privacy Laws
Computer Crime
Privacy Issues
Health Issues
• Computer Libel and

Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits Censorship
Real World Cases
• Spamming
KEY TERMS
END
• Flaming
BACK NEXT
Privacy Issues
Security, Ethical,
Other Challenges
• Employment
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Challenges
• Working Conditions
Section II
Tools of Security
Management
Internetworked
• Individuality Issues
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
• Health Issues
END
BACK NEXT
Privacy Issues
Security, Ethical,
Ergonomics
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Privacy Issues
Security, Ethical,
Ergonomics
and Societal
Challenges of IT
Ethical
• Job Stress
Responsibility of
Business
Professionals
• Cumulative Trauma
Computer Crime
Privacy Issues Disorders (CTDs)
• Carpal Tunnel
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses Syndrome
• Human Factors
System Controls
and Audits
Real World Cases

Engineering
KEY TERMS
BACK NEXT
END
• Societal Solutions
Security Management of
Information Technology
Security, Ethical,
and Societal
• Business Value of Security
Challenges of IT
Ethical Management
• Protection for all Vital
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Business Elements
Section II
Tools of Security
Real World Case 2-
Management
Internetworked
Security Defenses
Geisinger Health Systems and
System Controls
and Audits Du Pont: Security
Real World Cases
Management of Data
KEY TERMS
Resources and Process Click to go to
Case 2
BACK NEXT
END Control Networks
Security, Ethical,
and Societal
Tools of Security Management
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Providence Health and Cervalis:
Challenges of IT
Ethical
Security Management Issues
Responsibility of
Business • Need for Security Management
Professionals
Computer Crime Caused by Increased Use of
Privacy Issues
Health Issues Links Between Business Units
Section II
Tools of Security
Management
• Greater Openness Means
Internetworked Greater Vulnerabilities
• Better Use of Identifying,
Security Defenses
System Controls
and Audits
Authenticating Users and
Real World Cases Controlling Access to Data
KEY TERMS • Theft Should Be Made as
BACK NEXT
END Difficult as Possible
Security, Ethical,
and Societal
Internetworked Security Defenses
•Encryption
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues –Public Key
–Private Key
Health Issues
Section II
Tools of Security
Graphically…
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Encryption
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Firewalls 1 External Firewall
Challenges of IT Blocks Outsiders
Ethical Internal Firewall
Responsibility of 2
3 4 5 Blocks Restricted
Business Materials
Professionals Intranet Host
Computer Crime Server System 3 Use of Passwords
Privacy Issues and Browser
Health Issues Security
Section II Performs
Tools of Security Firewall 4 Authentication
Management Router and Encryption
Internetworked
Router 1
Careful Network
Security Defenses 5 Interface Design
System Controls
and Audits 2
Internet
Firewall
Real World Cases

4
KEY TERMS Intranet
Server
END
BACK NEXT
Security, Ethical,
and Societal
Barry Nance: Testing PC
Challenges of IT
Ethical Firewall Security
• Worldwide Search for Active
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues IP Addresses
Health Issues
Section II
Tools of Security
• Sophisticated Probes Scan
Management Any Home or Work Location
• Personal Firewalls Help Block
Internetworked
Security Defenses
System Controls
and Audits
Intruders
Real World Cases
• Firewalls Generally Good at
KEY TERMS Protecting Computers from
BACK NEXT
END Most Hacking Efforts
Security, Ethical,
and Societal
MTV Networks: Denial of
Challenges of IT
Ethical
Responsibility of
Service Defenses
• MTV.com Website Targeted for
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Distributed Denial of Service
Section II
Tools of Security
(DDOS) Attacks During Fall
Management
Internetworked
Peak Periods
Security Defenses
System Controls • Some People Try to Crash MTV
and Audits
Sites
Real World Cases • Parent Viacom Installed Software
KEY TERMS to Filter out DDOS Attacks
BACK NEXT
END • Website Downtime Reduced
Security, Ethical,
and Societal
Challenges of IT
Defending Against Denial of
Ethical
Responsibility of
Service Attacks
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Sonalysts, Inc.: Corporate e-
Challenges of IT
Ethical
Responsibility of
Mail Monitoring
Business
Professionals
Computer Crime
• e-Sniff Monitoring Device
Privacy Issues
Health Issues
Searches e-Mail by Key
Section II
Tools of Security
Word or Records of Web
Management
Internetworked Sites Visited
• 82% of Businesses Monitor
Security Defenses
System Controls
and Audits
Web Use
Real World Cases
KEY TERMS
• Close to 100% of Workers
BACK NEXT
END
Register Some Improper Use
Security, Ethical,
and Societal
TrueSecure and 724 Inc.:
Challenges of IT Limitations of Antivirus Software
• Much Software Was Unable
Ethical
Responsibility of
Business
Professionals
Computer Crime to Stop Nimda Worm
• Software Alone is Often Not
Privacy Issues
Health Issues
Section II
Tools of Security
Management Enough to Clean System
Internetworked
Security Defenses
System Controls
• Until Better Software is
and Audits
Developed, A Complete
Real World Cases
System Disconnect and
KEY TERMS Purge May Be the Only
BACK NEXT
END
Solution
Security, Ethical,
and Societal
Example Security Suite Interface
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Other Security Measures
• Security Codes
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
• Multilevel Password
Privacy Issues
Health Issues System
Section II
Tools of Security –Smart Cards
• Backup Files
Management
Internetworked
Security Defenses
System Controls
and Audits –Child, Parent, Grandparent
Files
Real World Cases
• System Security Monitors
• Biometric Security
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Example Security Monitor
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Challenges of IT
Evaluation of Biometric
Ethical
Responsibility of
Business
Security
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Computer Failure Controls
Challenges of IT
Ethical
Responsibility of
Business
Professionals
•Fault Tolerant
Computer Crime
Privacy Issues
Health Issues
Systems
–Fail-Over
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
–Fail-Safe
Real World Cases –Fail-Soft
KEY TERMS
BACK NEXT
END
•Disaster Recovery
Security, Ethical,
and Societal
Methods of Fault Tolerance
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
System Controls
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Visa International: Fault
Challenges of IT
Ethical
Tolerant Systems
Responsibility of
Business • Only 100% Uptime is Acceptable
• Only 98 Minutes of Downtime in
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
12 Years
Tools of Security
Management • 1 Billion Transactions Worth $2
Internetworked
Security Defenses
System Controls
Trillion in Transactions a Year
and Audits
• 4 Global Processing Centers
Real World Cases
• Multiple Layers of Redundancy
KEY TERMS and Backup
BACK NEXT
END • Software Testing and Art Form
Systems Controls
Security, Ethical,
and Audits
• Information System
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Controls
Privacy Issues
Health Issues
Section II
• Garbage-In, Garbage-
Tools of Security
Management
Internetworked
Security Defenses
Out (GIGO)
System Controls
and Audits • Auditing IT Security
Real World Cases • Audit Trails
• Control Logs
KEY TERMS
END
BACK NEXT
Systems Controls
Security, Ethical,
and Audits
and Societal
Challenges of IT Processing
Ethical Controls
Responsibility of Input Output
Business Software Controls
Controls Hardware Controls Controls
Professionals
Computer Crime Firewalls
Privacy Issues Checkpoints
Health Issues
Section II
Tools of Security Security Codes Security Codes
Management Encryption Encryption
Data Entry Screens Control Totals
Internetworked Error Signals Control Listings
Security Defenses Control Totals End User Feedback
System Controls
and Audits Storage
Controls
Real World Cases
Security Codes
Encryption
KEY TERMS Backup Files
Library Procedures
END Database Administration
BACK NEXT
Summary
Security, Ethical,
and Societal
• Ethical and
Challenges of IT
Ethical
Responsibility of
Societal
Business
Professionals Dimensions
• Ethical
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management
Internetworked
Security Defenses
Responsibility in
System Controls
and Audits Business
Real World Cases • Security
KEY TERMS
BACK NEXT
END
Management
KEY
Antivirus software
TERMS
Ethical foundations
Audit trail Fault tolerant
Security, Ethical, Auditing business systems Firewall
and Societal
Challenges of IT Backup files Flaming
Ethical Biometric security Hacking
Responsibility of Business ethics Information system controls
Business
Professionals
Computer crime Intellectual property piracy
Computer Crime Computer matching Passwords
Privacy Issues Computer monitoring Privacy issues
Health Issues Computer virus Responsible professional
Section II
Tools of Security Denial of service Security management
Management Disaster recovery Software piracy
Internetworked Encryption Spamming
Security Defenses
System Controls
Ergonomics System security monitor
and Audits Ethical and Societal Impacts Unauthorized use
of business/IT
a. Employment
Real World Cases b. Health
c. Individuality
KEY TERMS
d. Societal Solutions
END e. Working Conditions
BACK NEXT
Optional Case Studies
Real World Case 1
F-Secure – Microsoft Click to go to
Security, Ethical,
GM and Verizon: The Business Case 1
and Societal
Challenges of IT Challenge of Computer Viruses
Ethical
Responsibility of Real World Case 2
Business
Professionals
Geisinger Health Systems and Click to go to
Computer Crime DuPont: Security Management of Case 2
Privacy Issues
Health Issues
Data Resources and Process
Section II Control Networks
Tools of Security
Management Real World Case 3
Internetworked
Security Defenses
Banner Health – Arlington County Click to go to
and Others: Security Management Case 3
System Controls
and Audits of Windows Software
Real World Cases
Real World Case 4
Online Resources – Lehman Click to go to
KEY TERMS Brothers and Others: Managing Case 4
BACK NEXT
END Network Security Systems
Security, Ethical,
and Societal
Challenges of IT
Ethical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Section II
Tools of Security
Management Enterprise and Global
Internetworked
Security Defenses
System Controls
Management of
and Audits
Real World Cases
KEY TERMS Chapter 12

END
BACK NEXT
F-Secure – Microsoft
GM and Verizon: The Business
Security, Ethical, Challenge of Computer Viruses
and Societal
Challenges of IT
Ethical
Responsibility of
Business
1- What security measures
Professionals
Computer Crime
Privacy Issues
should companies, business
Health Issues
Section II
professionals, and consumers
Tools of Security
Management take to protect their systems
Internetworked
Security Defenses
System Controls
from being damaged by
and Audits
computer worms and
Real World Cases
viruses? Return to
Chapter 11
KEY TERMS Return to

Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical Discussion Points Would Include:
Responsibility of
Business • Businesses Should
Professionals
Computer Crime – “Get Serious” About Cyber
Privacy Issues
Health Issues Security
Section II
Tools of Security – Stop Relying on Microsoft 's
Management
Internetworked Backbone
Security Defenses
System Controls • Businesses Need Better
and Audits
Procedures for Security
Real World Cases Updating
KEY TERMS • Businesses Should Update
BACK NEXT
END Security Defenses
and Societal
Challenges of IT
Ethical
Responsibility of
Business
2- What is the business and
Professionals
Computer Crime ethical responsibility of
Privacy Issues
Health Issues
Section II
Microsoft in helping to
Tools of Security
Management
prevent the spread of
Internetworked
Security Defenses
System Controls
computer viruses? Have they
and Audits met this responsibility? Why
Real World Cases
or why not?
KEY TERMS
END
BACK NEXT
and Societal
Challenges of IT
Responsibility of
Business
Professionals Microsoft (95% Market Share)
Computer Crime
Privacy Issues Must Ensure Software is Hostile to
Health Issues
Section II
Tools of Security
Hackers
Management
Internetworked
Must Write Better Software
Security Defenses
System Controls
and Audits
Microsoft and Others Must make
Security Higher Priority
Real World Cases
The Responsibility of Security is
KEY TERMS
END
the User Not Bender
BACK NEXT
and Societal
Challenges of IT
Ethical
Responsibility of
Business
3- What are several possible
Professionals
Computer Crime reasons why some companies
Privacy Issues
Health Issues
Section II
(like GM) were seriously
Tools of Security
Management
affected by computer viruses,
Internetworked
Security Defenses
System Controls
while others (like Verizon)
and Audits were not?
Return to
Chapter 11
Real World Cases
KEY TERMS Return to

Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical
Reasons Would Include:
Responsibility of
Business • Undue Dependence on Microsoft
Professionals
Computer Crime
Privacy Issues
for Quality Software
Health Issues
Section II
• GM Ignored Security until It was
Tools of Security
Management Too Late
• Companies Paid More Attention
Internetworked
Security Defenses
System Controls
and Audits
to Bottom Line than
Real World Cases
Security Return to
Chapter 11
KEY TERMS Return to

Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical
Reasons Would Include:
Responsibility of
Business • Undue Dependence on Microsoft
Professionals
Computer Crime
Privacy Issues
for Quality Software
Health Issues
Section II
• GM Ignored Security until It was
Tools of Security
Management Too Late
• Companies Paid More Attention
Internetworked
Security Defenses
System Controls
and Audits
to Bottom Line than
Real World Cases
Security Return to
Chapter 11
KEY TERMS • Inadequate Planning for Return to

Cases Page
BACK NEXT
END Improving Security
DuPont: Security Management of
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Ethical
Responsibility of
Business
1- What are several possible
Professionals
Computer Crime reasons why some companies
Privacy Issues
Health Issues
Section II
(like GM) were seriously
Tools of Security
Management
affected by computer viruses,
Internetworked
Security Defenses
System Controls
while others (like Verizon)
and Audits were not?
Return to
Chapter 11
Real World Cases
KEY TERMS Return to

Cases Page
END
BACK NEXT
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Responsibility of
Business
Professionals
• Key Components of a
Computer Crime
Privacy Issues Security System:
– Understanding Workflow
Health Issues
Section II
Tools of Security
Management
Internetworked – Assessing Risk
– Educating Users
Security Defenses
System Controls
and Audits
Real World Cases

• MvChart needed Installed
KEY TERMS
on Hardware Separate
BACK NEXT
END from EMK system
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Responsibility of
Business • Biometric and Proximity
Professionals
Computer Crime
Privacy Issues
Devices Streamline Secure
Health Issues
Section II
Network Access
Tools of Security
Management
• Requiring Caregivers Access to
Internetworked
Security Defenses Patient Information via the
System Controls
and Audits Internet Using:
– Electronic Token Identification
Real World Cases
– A Virtual Private Network
• Other Encryption Methods
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Ethical
Responsibility of
Business
2- What security measures is
Professionals
Computer Crime Du Pont taking to protect
Privacy Issues
Health Issues
Section II
their process control
Tools of Security
Management
networks? Are these measures
Internetworked
Security Defenses
System Controls
adequate? Explain your
and Audits evaluation.
Real World Cases
KEY TERMS
END
BACK NEXT
Security, Ethical,
and Societal
Control Networks
Challenges of IT
• Du Pont Co.-The Critical
Responsibility of
Business
Professionals
Computer Crime
Privacy Issues
Health Issues
Manufacturing Processes,
Section II
Tools of Security will Isolate Process Systems
Management
Internetworked
Security Defenses
from Business systems by:
System Controls
and Audits – Not Connecting our
Networks,
– Or it will Add Firewalls to
Real World Cases
KEY TERMS
BACK NEXT
END
Control Access
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Responsibility of
Business
• A Team-IT Staffers, Process-Control
Professionals
Computer Crime
Engineers, and Manufacturing
Privacy Issues Employees was Established to:
Health Issues
Section II
– Discern Control Devices Critical to
Tools of Security Manufacturing, Safety and Continuity
Management
Internetworked of Production
Security Defenses – Identify Assets of – Hardware, Data,
System Controls
and Audits and Software Applications
– Testing Fixes and Workarounds for
Real World Cases
Specific Machines
– Recognizing Precise Vulnerabilities
KEY TERMS
Differ by Environment
BACK NEXT
END – Determining how to Separate Networks
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Ethical
Responsibility of
Business
3- What are several other steps
Professionals
Computer Crime Geisinger and Du Pont could
Privacy Issues
Health Issues
Section II
take to increase the security of
Tools of Security
Management
their data and network
Internetworked
Security Defenses
System Controls
resources? Explain the value
and Audits of your proposals.
Return to
Chapter 11
Real World Cases
KEY TERMS Return to

Cases Page
END
BACK NEXT
Security, Ethical,
and Societal
Control Networks
Challenges of IT
Responsibility of
Business
Professionals
Computer Crime
Include the Concepts
Privacy Issues
Health Issues
Presented in the Chapter
Section II
Tools of Security
Management
Material and Additional
Internetworked
Security Defenses
System Controls
Considerations That You
and Audits
Have Located on the Return to
Real World Cases Internet Chapter 11
KEY TERMS Return to

Cases Page
END
BACK NEXT
Banner Health
Arlington County and Others:
Security Management of Windows
Security, Ethical,
and Societal Software
Challenges of IT
Ethical
Responsibility of
Business
1- What security problems are
Professionals
Computer Crime typically remedied by
Microsoft’s security patches
Privacy Issues
Health Issues
Section II
Tools of Security
Management for Windows? Why do such
Internetworked
Security Defenses
System Controls
problems arise in the first
and Audits
place?
Real World Cases
KEY TERMS Return to

Cases Page
END
BACK NEXT
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of
Discussion Points Would Include:
Business
Professionals
Computer Crime
• Vulnerability to Computer
Privacy Issues
Health Issues
Viruses (Worms)
Section II
Tools of Security
Management
• Microsoft’s Push to Deliver
Internetworked
Security Defenses
New Versions
System Controls
and Audits – That have not been tested
and/or
Real World Cases
KEY TERMS
• Designed Properly to
BACK NEXT
END
Reduce Vulnerability
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of
Business
2- What challenges does the
Professionals
Computer Crime
Privacy Issues
process of applying Windows
Health Issues
Section II
patches pose for many
Tools of Security
Management businesses? What are some
Internetworked
Security Defenses
System Controls
limitations of the patching
and Audits
process?
Real World Cases
KEY TERMS
END
BACK NEXT
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of
Business
Professionals • Patching Required
Computer Crime
Privacy Issues
Health Issues
Companies to Drop
Section II
Tools of Security
Everything with Finite
Management
Internetworked Resources
• Larger Companies Need
Security Defenses
System Controls
and Audits
Time to Properly Test

• Companies Faced with
Real World Cases
KEY TERMS
BACK NEXT
END Limited Scope for Downtime
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of
Business
3- Does the business value of
Professionals
Computer Crime
Privacy Issues
applying Windows patches
Health Issues
Section II
outweigh its costs, limitations,
Tools of Security
Management and the demands it places on
Internetworked
Security Defenses
System Controls
the IT function? Why or why
and Audits
not?
Real World Cases
KEY TERMS Return to

Cases Page
END
BACK NEXT
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of • Exploit-Proof Code Patching is Best
Business
Professionals Strategy
Computer Crime
Privacy Issues
• Microsoft’s Windows Update Patch
Health Issues Management Program
Section II
Tools of Security – Has a Critical Shortcoming
Management – Could Fool Users-They have Been
Internetworked
Security Defenses Properly Patched
System Controls – Users are Really Vulnerable-Patch not
and Audits
Fixed
• Users have Reported Patches don't
Real World Cases
Always Deploy Properly
KEY TERMS Return to
Cases Page
END
BACK NEXT
Banner Health
Security, Ethical,
Challenges of IT
Ethical
Responsibility of • Exploit-Proof Code Patching is Best
Business
Professionals Strategy
Computer Crime
Privacy Issues
• Microsoft’s Windows Update Patch
Health Issues Management Program
Section II
Tools of Security – Has a Critical Shortcoming
Management – Could Fool Users-They have Been
Internetworked
Security Defenses Properly Patched
System Controls – Users are Really Vulnerable-Patch not
and Audits
Fixed
• Users have Reported Patches don't
Real World Cases
Always Deploy Properly
KEY TERMS • Microsoft Patches have Serious Cases
Return to
Page
BACK NEXT
END Security Vulnerability
Online Resources – Lehman
Brothers and Others: Managing
Security, Ethical, Network Security Systems
and Societal
Challenges of IT
Ethical
Responsibility of
Business
1- What is the function of each
Professionals
Computer Crime
Privacy Issues
of the network security tools
Health Issues
Section II
identified in this case? Visit
Tools of Security
Management the websites of security firms
Internetworked
Security Defenses
System Controls
Check Point and
and Audits
NetForensics to help you
Real World Cases
answer.
KEY TERMS Return to
Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical
Responsibility of • Network Intrusion-Detection Systems
•
Business
Professionals Firewalls
Computer Crime
Privacy Issues • Anti-Virus Tools
Health Issues
Section II • Automating the Process
Tools of Security
Management
– Gathering
Internetworked – Consolidating
Security Defenses
System Controls – Correlating
and Audits – Prioritizing Data from Security Event
• Collecting Data from Individual
Real World Cases
Security Systems
KEY TERMS • “Normalizing” Data to Quickly
BACK NEXT
END Identify Potential Attacks
and Societal
Challenges of IT
Ethical
Responsibility of
Business
2- What is the value of security
Professionals
Computer Crime
Privacy Issues
information management
Health Issues
Section II
software to a company? Use
Tools of Security
Management the companies in this case as
Internetworked
Security Defenses
System Controls
examples.
and Audits
Real World Cases
KEY TERMS
END
BACK NEXT
and Societal
Challenges of IT Discussion Points Would Include:
• Provides a Single Place To Get
Ethical
Responsibility of
Business
Professionals Information
• Automated Gathering,
Computer Crime
Privacy Issues
Health Issues
Section II Consolidating, and Correlating Data
Tools of Security
Management – Into a Usable Format to Analyze
Internetworked
Security Defenses
– Used to Establish Priorities
System Controls
and Audits
• Permits Businesses to React Faster
to Activity
Real World Cases • Reduces the Number of False Alerts
KEY TERMS • Allows Companies to Drill Down
BACK NEXT
END into Attach Details
and Societal
Challenges of IT
Ethical
Responsibility of
Business
3- What can smaller firms who
Professionals
Computer Crime
Privacy Issues
cannot afford the cost of such
Health Issues
Section II
software do to properly
Tools of Security
Management manage and use the
Internetworked
Security Defenses
System Controls
information about security
and Audits
from their network security
Real World Cases
systems? Give several
KEY TERMS examples. Return to
Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical
Responsibility of
Business
• Plan for Having Periodic Audits
Professionals
Computer Crime of IT Security
Privacy Issues
Health Issues • Review/Update Regularly
Section II
Tools of Security Control Features of IT
Management
Internetworked
Security Defenses
• Regularly Change Passwords-To
System Controls Access System
• Develop a Backup Plan and
and Audits
Real World Cases Implement

KEY TERMS Return to
Cases Page
END
BACK NEXT
and Societal
Challenges of IT
Ethical
Responsibility of
Business
• Plan for Having Periodic Audits
Professionals
Computer Crime of IT Security
Privacy Issues
Health Issues • Review/Update Regularly
Section II
Tools of Security Control Features of IT
Management
Internetworked
Security Defenses
• Regularly Change Passwords-To
System Controls Access System
• Develop a Backup Plan and
and Audits
Real World Cases Implement

KEY TERMS • Develop Plan for Disaster Return to
Cases Page
BACK NEXT
END Recovery

Ch11 Security

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Ch11 Security

Hochgeladen von

Copyright:

Verfügbare Formate

Module V – Management Challenges

Real World Cases

• Threats to Business and

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases Smart Cards

Real World Cases

Real World Cases

Real World Cases

Real World Cases

• Computer Libel and

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

Real World Cases

KEY TERMS Chapter 12

KEY TERMS Return to

KEY TERMS Return to

KEY TERMS Return to

KEY TERMS • Inadequate Planning for Return to

KEY TERMS Return to

Real World Cases

KEY TERMS Return to

KEY TERMS Return to

KEY TERMS Return to

Time to Properly Test

KEY TERMS Return to

Real World Cases

Real World Cases Implement

Real World Cases Implement

Das könnte Ihnen auch gefallen