7.0 CHAPTER 7 - PRIVACY _ SECURITY ETHICS 2023.pdf
Document Details
Uploaded by LionheartedPhosphorus
2017
Tags
Related
Full Transcript
Chapter 7 © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Learning Objec...
Chapter 7 © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Learning Objectives 1. Describe the impact of large databases, private networks, the Internet, 2. 3. Computing Essentials 2017 4. 5. 6. 7. 8. and the web on privacy. Discuss online identity and the major laws on privacy. Discuss cybercrimes, including identity theft, Internet scams, data manipulation, ransomware, and denial of service. Describe social engineering and malicious software, including crackers, malware, viruses, worms, and Trojan horses. Discuss malicious hardware, including zombies, botnets, rogue Wi-Fi networks, and infected USB flash drives. Detail ways to protect computer security, including restricting access, encrypting data anticipating disasters, and preventing data loss. Discuss computer ethics, including copyright law, software piracy, digital rights management, the Digital Millennium Copyright Act, as well as cyberbullying, plagiarism, and ways to identify plagiarism. © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Introduction Computing Essentials 2017 What are the consequences of the widespread presence of this technology? Does technology make it easy for others to invade our personal privacy? When we apply for a loan or for a driver’s license, or when we check out at the supermarket, is that information about us being distributed and used without our permission? When we use the web, is information about us being collected and shared with others? How can criminals use this information for ransom, blackmail, or vandalism? This chapter covers issues related to the impact of technology on people and how to protect ourselves on the Web. © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. People Technology has had a very positive impact on people, but some of the impact could be negative. Computing Essentials 2017 Most significant concerns: Privacy – What are the threats to personal privacy and how can we protect ourselves? Security – How can access to sensitive information be controlled and how can we secure hardware and software? Ethics – How do the actions of individual users and companies affect society? © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Privacy Computing Essentials 2017 Privacy – concerns the collection and use of data about individuals Three primary privacy issues: Accuracy – responsibility of those who collect data Must be secure and correct Property – who owns data and who has rights to software Access – responsibility of those who control data and use of data © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Large Databases / Big Data Computing Essentials 2017 Large organizations compile information about us daily Big Data is exploding and ever-growing The federal government alone has over 2000 database Data collectors include Government agencies Telephone companies Credit card companies Supermarket scanners Financial institutions Search engines Social networking sites Information Resellers/Brokers Collect and sell personal data Create electronic profiles © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Large Databases / Big Data (Cont.) Computing Essentials 2017 Personal information is a marketable commodity, which raises many issues: Collecting public, but personally identifying information (e.g., Google’s Street View) Spreading information without personal consent, leading to identity theft Spreading inaccurate information Mistaken identity Freedom of Information Act Entitlement to look at your records held by government agencies © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Private Networks Employee monitoring software Employers can monitor e-mail legally A proposed law could prohibit this type of electronic monitoring or at least require the employer to notify the employee first © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. The Internet and the Web Computing Essentials 2017 Illusion of anonymity People are not concerned about privacy when surfing the Internet or when sending e-mail When browsing the web, critical information is stored on the hard drive in these locations: History Files Temporary Internet Files Browser cache Cookies First-party cookie Third-party cookie Privacy Mode Web bugs Spyware © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 History Files and Temporary Internet Files History Files Include locations or addresses of sites you have recently visited Temporary Internet Files / Browser Cache Saved files from visited websites Offers quick re-display when you return to the site © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Cookies Computing Essentials 2017 Cookies are small data files that are deposited on your hard disk from web sites you have visited First-party cookies are generated only by websites you are visiting Third-party cookies are generated by an advertising company that is affiliated with the website Also known as tracking cookies that keep track of your Internet activities through 3rd party cookies Refer to the accompanying graphic displaying how to block 3rd party cookies © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Privacy Modes Computing Essentials 2017 Ensures your browsing activity is not recorded on your hard drive Incognito Mode Google Chrome Private Browsing Safari © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Privacy Threats Web bugs Invisible images or HTML code hidden within an e-mail message or web page When a user opens the message information is sent back to the source of the bug Spyware Computing Essentials 2017 Wide range of programs that are designed to secretly record and report Internet activities, add Internet ad cookies Computer monitoring software Invasive and dangerous Keystroke Loggers Record activities and keystrokes Anti-Spyware programs Detect and remove privacy threats © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Online Identity The information that people voluntarily post about Computing Essentials 2017 themselves online Archiving and search features of the Web make it available indefinitely Major Laws on Privacy Gramm-Leach-Bliley Act protects personal financial information Health Insurance Portability and Accountability Act (HIPAA) protects medical records Family Educational Rights and Privacy Act (FERPA) resists disclosure of educational records © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Security Computing Essentials 2017 Involves protecting individuals or organizations from theft and danger Hackers Gain unauthorized access with malicious intent Not all hackers are illegal Cybercrime / Computer Crime Criminal offense that involves a computer and a network Effects over 400 million people annually Costs over $400 billion each year © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Forms of Computer Crime © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Cyber Crime Denial of Service (DoS) attack attempts to slow down or stop a Computing Essentials 2017 computer system or network by flooding it with requests for information or data Rogue Wi-Fi hotspots Imitate free Wi-Fi networks and capture any and all information sent by the users to legitimate sites including usernames and passwords Data manipulation Finding entry into someone’s computer network and leaving a prankster’s message © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Internet Scams A fraudulent or deceptive act or operation to trick someone into providing personal information or spending money for little or no return Identity Theft Computing Essentials 2017 Illegal assumption of someone’s identity for purpose of economic gain Cyber-bullying Use of the Internet, cell phones, or other devices to send or post content intended to harm Phishing Attempts to trick Internet users into thinking a fake but official-looking website is legitimate © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Types of Internet Scams © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Malicious Software Malicious Programs or Malware Computing Essentials 2017 Designed by crackers, computer criminals, to damage or disrupt a computer system Computer Fraud and Abuse Act makes spreading a virus a federal offense 3 most common programs Viruses – migrate through networks and attach to different programs Worms – fills the computer with selfreplicating information Trojan horse – programs disguised as something else © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Malicious Hardware Computing Essentials 2017 3 most common malicious hardware Zombies – infected computers allow them to be remotely controlled for malicious purpose. Rogue WiFi hotspot – imitate free Wi-Fi networks. Infected USB flash drives – contain viruses and other malicious software © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Measures to Protect Computer Security Principle measures to ensure computer security Restricting access Encrypting data Anticipating disasters Physical security Data security Disaster recovery plan Preventing data loss © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Restricting Access Firewalls Authentication Encrypting Data Email Encryption File Encryption Website Encryption Biometric scanning Fingerprint scanners Iris (eye) scanners Passwords Dictionary attack Uses software to try thousands of common words sequentially to gain unauthorized access to a user’s account © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Computing Essentials 2017 Encryption Coding information to make it unreadable, except to those who have the encryption key • E-mail encryption protects emails • File encryption protects files • Web site encryption uses HTTPS protocol for protection • HTTPS – hypertext transfer protocol secured • Virtual private networks (VPNs) • Encrypts connects between company networks and their remote users • Wireless network encryption restricts access to authorized users • WPA2 – Wi-Fi Protected Access © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Anticipating Disasters Anticipating Disasters Computing Essentials 2017 Physical Security protects hardware Data Security protects software and data from unauthorized tampering or damage Disaster Recovery Plan describes ways to continue operating in the event of a disaster Preventing Data Loss Frequent backups Redundant data storage Store off-site in case of loss of equipment © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Recent Data Privacy Trends Computing Essentials 2017 • Recent trends seek to strike a balance between our data against our privacy. 1. Cookies-less future - Publishers, advertisers, and Big Tech will need to alter how they monetize their content and gather data in the future. 2. Consumers demand more control over their data – customers will choose companies that are transparent with their personal data. 3. Addressing privacy with technology – employ centralize PrivacyOps platform to fulfill users request faster 4. Public awareness leads to corporate transparency – expect clear data policies. 5. Governing bodies will enforce more fines. [https://www.invisibly.com/learn-blog/data-privacy-trends/] © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Making IT Work for You ~ Cloud-Based Backup Computing Essentials 2017 Cloud-based backup services such as Carbonite provide cloudbased backup services. © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Ethics Standards of moral conduct Computer Ethics – guidelines for the morally acceptable use of computers Copyright Computing Essentials 2017 Gives content creators the right to control the use and distribution of their work Paintings, books, music, films, video games Software piracy Unauthorized copying and distribution of software Digital rights management (DRM) controls access to electronic media Digital Millennium Copyright Act protects against piracy © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Plagiarism Computing Essentials 2017 Representing some other person’s work and ideas as your own without giving credit to the original person’s work and ideas © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Careers in IT IT Security Analysts maintain Computing Essentials 2017 the security of a company’s network, systems, and data. Bachelors or associates degree in information systems or computer science Experience is usually required Must safeguard information systems against external threats Annual salary is usually from $62,000 to $101,000 Demand for this position is expected to grow © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Open-Ended Questions (Page 1 of 3) 1. Define privacy and discuss the impact of large databases, private networks, the Internet, and the Web. Computing Essentials 2017 2. Define and discuss online identity and the major privacy laws. 3. Define security. Define computer crime and the impact of malicious programs, including viruses, worms, Trojan horses, and zombies, as well as denial of service attacks, rogue Wi-Fi hotspots, data manipulation, identity theft, Internet scams, and cyberbullying. © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part. Open-Ended Questions (Page 2 of 2) 4. Discuss ways to protect computer security Computing Essentials 2017 including restricting access, encrypting data, anticipating disasters, and preventing data loss. 5. Define ethics, and describe copyright law and plagiarism. © 2017 by McGraw-Hill Education. This proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part.