Privacy, Security, and Ethics Chapter 9 in Computing Essentials PDF

Because learning changes everything. ® Privacy, Security, and Ethics Chapter 9 Computing Essentials O’Leary © 2021 McGraw-Hill Education. All rights reserved. Authorized only for instructor use in the classroom. No reproduction or further distribution permitted without the prior written consent of McGraw-Hill Education. Learning Objectives 1. Describe the impact of large databases, private networks, the Internet, and the web on privacy. 2. Discuss online identity and major laws on privacy. 3. Discuss cybercrimes including identity theft, Internet scams, data manipulation, ransomware, and denial of service. 4. Describe social engineering and malicious software, including crackers, malware, viruses, worms, and Trojan horses. 5. Discuss malicious hardware, including zombies, botnets, rogue Wi-Fi networks, and infected USB flash drives. 6. Detail ways to protect computer security including restricting access, encrypting data, anticipating disasters, and preventing data loss. 7. Discuss computer ethics including copyright law, software piracy, digital rights management, the Digital Millennium Copyright Act, as well as plagiarism and ways to identify plagiarism. © McGraw-Hill Education 2 Introduction The ubiquitous use of computers and technology prompts some very important questions about the use of personal data and our right to privacy. To efficiently and effectively use computers, you need to be aware of the potential impact of technology on people and how to protect yourself on the web. You need to be sensitive to and knowledgeable about personal privacy and organizational security. © McGraw-Hill Education Yuri Arcurs/E+/Getty Images 3 People Technology has had a very positive impact on people, but some of the impact could be negative. Effective implementation of computer technology involves maximizing its positive effects while minimizing its negative effects. Most significant concerns: Privacy – What are the threats to personal privacy and how can we protect ourselves? Security – How can access to sensitive information be controlled and how can we secure hardware and software? Ethics – How do the actions of individual users and companies affect society? © McGraw-Hill Education 4 Privacy Privacy Concerns the collection and use of data about individuals Three primary privacy issues: Accuracy Responsibility of those who collect data Must be secure and correct Property Relates to who owns the data Access Responsibility of those who control data and use that data © McGraw-Hill Education 5 Large Databases (Big Data) All human events are recorded digitally referred to as Bid Data Large organizations compile information about us daily Big Data is exploding and ever- growing The federal government alone has over 2,000 databases Information Resellers/Brokers Collect and sell personal data (Digital Footprint) Create electronic profiles © McGraw-Hill Education 2015 Spokeo, Inc. 6 Big Data Personal information is a marketable commodity, which raises many issues: Collecting public, but personally identifying information (e.g., Google’s Street View) Spreading information without personal consent, leading to identity theft Spreading inaccurate information Mistaken identity Freedom of Information Act Entitlement to look at your records held by government agencies © McGraw-Hill Education 7 Private Networks Employee monitoring software record virtually everything you do on your computer Employers can monitor e-mail legally A proposed law could prohibit this type of electronic monitoring or at least require the employer to notify the employee first To know your company’s current policy on monitoring electronic communication, contact your human relations department © McGraw-Hill Education 8 The Internet and the Web Illusion of anonymity People are not concerned about privacy when surfing the Internet or when sending e-mail When browsing the web, critical information is stored on the hard drive in these locations: History Files Temporary Internet Files Browser cache Cookies Privacy Mode Spyware © McGraw-Hill Education Piotr Swat/Shutterstock 9 History Files and Temporary Internet Files History Files Include locations or addresses of sites you have recently visited Temporary Internet Files / Browser Cache Saved files from visited websites Offers quick re-display when you return to the site © McGraw-Hill Education (a) Google Inc. (b) Apple 10 Cookies Small data files that are deposited on your hard disk from web sites you have visited First-party cookies - generated only by websites you are visiting Third-party cookies - generated by an advertising company that is affiliated with the website (to keep track of your web activity as you move from one site to the next) Also known as tracking cookies that keep track of your Internet activities through 3rd party cookies Most browsers also offer a privacy mode (browsing activity is not recorded) ex: Google Chrome provides Incognito Mode, and Safari provides Private Browsing © McGraw-Hill Education (a) Google Inc. (b) Apple 11 Privacy Modes Incognito Google Chrome Mode Private Safari Browsing © McGraw-Hill Education 12 Privacy Threats Web bugs Invisible images or HTML code hidden within an e-mail message or web page Spyware Record and report Internet activities Change browser to manipulate what you view Computer monitoring software Most invasive and dangerous Keystroke Loggers Record activities and keystrokes Anti-Spyware programs Detect and remove privacy threats © McGraw-Hill Education Figure 13 Online Identity The information that people voluntarily post about themselves online Archiving and search features of the Web make it available indefinitely Major Laws on Privacy Gramm-Leach-Bliley Act protects personal financial information Health Insurance Portability and Accountability Act (HIPAA) protects medical records Family Educational Rights and Privacy Act (FERPA) resists disclosure of educational records Most of the information collected by private organizations is not covered by existing laws. © McGraw-Hill Education 14 Security Involves protecting individuals or organizations from theft and danger Hackers Gain unauthorized access with malicious intent Not all hackers are illegal Cybercrime / Computer Crime Criminal offense that involves a computer and a network Effects over 400 million people annually Costs over $400 billion each year Cyberterrorism is a politically motivated cybercrime © McGraw-Hill Education Kamolrat/Shutterstock; Flegere/Shutterstock; Hugh Threlfall/Alamy Stock Photo 15 Forms of Computer Crime Computer Crime Description Identity theft Illegal assumption of a person’s identity for economic gain Internet scams Scams over the Internet Data manipulation Unauthorized access of a computer network and copying files to or from the server Ransomware Malicious software that encrypts your computer’s data and ransoms the password to the user DoS, Denial of Attempts to slow down or stop a computer system or service network by flooding a computer or network with requests for information and data DDoS, Distributed Coordinates several computers making repeated requests denial of service for service © McGraw-Hill Education 16 Internet Scams Scams using the Internet Internet scams have created financial and legal problems for many thousands of people Majority are initiated by a mass mailing to unsuspecting individuals © McGraw-Hill Education Figure 9-7 17 Social Engineering Practice of manipulating people to divulge private data. Played a key role in: Identity theft Internet scams Data manipulation Phishing (most common social engineering technique) Attempts to trick Internet users into thinking a fake but official-looking website or e-mail is legitimate © McGraw-Hill Education 18 Malicious Software Malicious Programs or Malware Designed by crackers, computer criminals, to damage or disrupt a computer system A cracker is a computer criminal who creates and distributes malicious programs or malware Computer Fraud and Abuse Act makes spreading a virus a federal offense 3 most common programs Viruses – migrate through networks and attach to different programs Worms – fills the computer with self-replicating information Trojan horse – programs disguised as something else © McGraw-Hill Education (left): AlexLMX/Getty Images; (middle): iko/Shutterstock; (right): Alex Melnick/Shutterstock 19 Malicious Hardware Criminals use hardware for crimes Most common are: Zombies Computers infected by a virus, worm, or Trojan Horse Botnet or Robot Network is a collection of Zombies Rogue Wi-Fi Hotspots Imitating legitimate free Wi-Fi Capture data coming through the Rogue Wi-Fi Infect USB Flash Drives Left on purpose in hopes for people to pick up and use Have malicious software contained on them © McGraw-Hill Education 20 Computer Security Measures Principle measures to ensure computer security Computer Fraud and Abuse Act Crime for unauthorized person to view, copy or damage data using computers across state lines Prevents use of any government or federally insured financial institution computers Measure Description Restricting access Limit access to authorized persons using such measures as passwords, picture passwords, and biometric scanning. Encrypting data Code all messages sent over a network. Anticipating Prepare for disasters by ensuring physical security and data disasters security through a disaster recovery plan. Preventing data Routinely copy data and store it at a remote location. loss © McGraw-Hill Education 21 Restricting Access Passwords Dictionary attack Uses software to try thousands of common words sequentially in an attempt to gain unauthorized access to a user’s account Biometric scanning Fingerprint scanners Iris (eye) scanners Facial recognition © McGraw-Hill Education Left: Anatoliy Babiy/iStockphoto/Getty Images Right: Cristian Baitg/Getty Images 22 Automated Security Tasks Ways to perform and automate important security tasks Security Suites Provide a collection of utility programs designed to protect your privacy and security Firewalls Security buffer between a corporation’s provide network and all external networks Password Managers Helps to create strong passwords Authentication Process of ensuring the integrity of a user © McGraw-Hill Education Gravvi/Shutterstock 23 Encryption Coding information to make it unreadable, except to those who have the encryption key or key The key will decrypt the information into a readable format Common uses for encryption: E-mail encryption File encryption Website encryption HTTPS – hypertext transfer protocol secured Virtual private networks (VPNs) Wireless network encryption restricts access to authorized users WPA2 – Wi-Fi Protected Access © McGraw-Hill Education Enigmail; Apple, Inc. 24 Anticipating Disasters and Preventing Data Loss Anticipating Disasters Physical Security protects hardware from human & natural disasters Data Security protects software and data from unauthorized tampering or damage Disaster Recovery Plan describes ways to continue operating in the event of a disaster Preventing Data Loss Frequent backups Redundant data storage Store off-site in case of loss of equipment © McGraw-Hill Education 25 Making IT Work for You Security and Technology Precautions you as an individual can and should take to make sure that you aren’t the victim of high-tech criminals Update software Regular backup of data Be careful when browsing Be alert to e-mail scams Use antivirus software Strong passwords Protect against data breaches Enable two-factor authentication © McGraw-Hill Education DNY59/E+/Getty Images 26 Ethics Standards of moral conduct Computer Ethics – guidelines for the morally acceptable use of computers Copyright and Digital Rights Management Cyberbullying Plagiarism © McGraw-Hill Education 27 Copyright and Digital Rights Management Copyright Gives content creators the right to control the use and distribution of their work Paintings, books, music, films, video games Software piracy Unauthorized copying and distribution of software Digital rights management (DRM) controls access to electronic media & files Digital Millennium Copyright Act protects against piracy © McGraw-Hill Education Apple, Inc. 28 Cyberbullying and Plagiarism Cyberbullying Use of the Internet to send or post content intended to harm another person Plagiarism Representing some other person’s work and ideas as your own without giving credit to the original person’s work and ideas © McGraw-Hill Education Turnitin 29 Careers in IT IT Security Analysts Maintain the security of a company’s network, systems, and data Goal is to ensure the confidentiality, integrity, and availability of information. Bachelors or associates degree in information systems or computer science Experience in filed/Network administrator is usually required Must safeguard information systems against external threats- crackers/virus Good communication & research skills Annual salary is usually from $49,000 to $99,000 Demand for this position is expected to grow © McGraw-Hill Education Yuri Arcurs/E+/Getty Images 30 A Look to the Future The End of Anonymity Most forums and comment areas on websites allow users to post messages anonymously Future software can identify you and track your moves through a mall or store In the future, when you visit a mall, security cameras will recognize you and track your path using facial recognition and update your online identity. This personal digital footprint will be continuously updated based on social media postings, Internet browsing history, and credit card purchases. Sensors in your clothes will tell stores what brands you like and how much you spend. © McGraw-Hill Education Franck Boston/Shutterstock 31 Open Ended Questions 1. Define privacy and discuss the impact of large databases, private networks, the Internet, and the Web. 2. Define and discuss online identity and the major privacy laws. 3. Define security. Define computer crime, social engineering, malicious software, and malicious hardware including identity theft, Internet scams, data manipulations, ransomware, DoS attacks, viruses, worms, Trojan horses, zombies, rogue Wi-Fi hotspots, and infected USB flash drives. 4. Discuss ways to protect computer security including restricting access, encrypting data, anticipating disasters, and preventing data loss. 5. Define ethics, copyright law, cyberbullying, and plagiarism. © McGraw-Hill Education 32 End of Main Content Because learning changes everything. ® www.mheducation.com © 2021 McGraw-Hill Education. All rights reserved. Authorized only for instructor use in the classroom. No reproduction or further distribution permitted without the prior written consent of McGraw-Hill Education.

Privacy, Security, and Ethics Chapter 9 in Computing Essentials PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue