Lecturer: Mr. Michael Allotey Contact Information: mallotey@ug.edu.gh School of Information and Communication Studies Department of Information Studies Second Semester (2018-2019)
Lecture Overview This lecture covers safety and security issues when using Information Systems in Organizations or at home. As the use of information systems increase in organizations, the risks/threats associated with them also continue to increase. Many of these risk/threats are associated with the Internet. Slide 2
Session Outline The key topics to be covered in the session are as follows: 1. Introduction Slide 3
Reading List • Laudon, C.K. Laudon, J.P. (2000) Management Information Systems (11th Ed.), NJ, Prentice-Hall in Honkong, Pearson. • Senn, J.A. (1982) Information Systems in Management, NY Wadsworth Publishing Company. • Stoner, J.A.F. (1999) Management, (1999) Prentice-Hall of India, New Delhi. • Lucey Terry, (1995) Management Information Systems, DP Publishing Ltd. Aldine Place, London. • Watson, H.J. et al (1991) Information System for Management: A Book of Reading. • Hutchinson , S.E. & Sawyer, S.C. (2000) Computers, Communications and Information: A User’s Introduction. • Alter, S. (1999). Information systems: A management perspective. Reading, Mass. [u.a.: Addison Wesley. • O’Brien , J.A. (2009) Introduction to Information Systems, Boston, Pearson. • Long, P. et al (2016) Cambridge International AS and A Level IT Coursebook, University Printing House, Cambridge CB2 8BS, UK. Slide 4
Topic One INTRODUCTION Slide 5
Introduction The safety and security risks/threats related to the use of Information Systems in organizations can be categorized into the following: • Physical Security • E-safety • Security of Data Slide 6
Topic Two PHYSICAL SECURITY Slide 7
Introduction The increase use of Information Systems in organizations brings about some physical dangers to employees. These categorized into: • Health Aspects • Safety Aspects Slide 8
Health Aspects Health aspects has to do with how people become ill or affected by their daily contact with information systems (CBIS). The following are some health risks: • Back and neck problems/strain • Repetitive strain injury (RSI) • Eye strain • Headaches • Ozone irritation Slide 9
Safety Aspects Safety aspects has to do with the dangers that could lead to serious injury or even loss of life. Some common examples of safety risks are as follows: • Electrocution • Trailing wires (Can make you trip) • Heavy equipment falling and causing injury • Fire risk Slide 10
Topic Three E-SAFETY Slide 11
E-safety • This refers to safety when using the internet. That is keeping personal data safe when using Information Systems. • E-safety also refers to the benefits, risks and responsibilities when using Information systems. Slide 12
E-safety Issues Encountered when Using Information Systems In organizations • Giving out personal information to people who are unknown to you • Sending photos of ones self- either online or via a mobile phone • Failing to maintain your privacy settings when using online devices • Failing to verify the security of websites before visiting them • Opening emails from unknown sources • Emailing people you do not know • Failing to be vigilant when using social network sites, instant messaging and chat rooms. Slide 13
Discussion Activity Evaluate your own use of e-mail and social media/ networking sites. Which of the following e-safety issues do you encounter? What e-safety strategy will you use to deal with these issues? Slide 14
Topic Four SECURITY OF DATA Slide 15
Security of Data This refers to the security risks/ threats associated with any electronic devise that connects to a network. The following are some examples: • Hacking • Denial of service attack • Spam • Phishing • Cookies • Smishing • Malwares • Vishing • Pharming Slide 16
Hacking (Unauthorized Access) • This is the act of gaining unauthorized access to a computer system. • This can lead to identity theft or misuse of personal information. Data can be stolen, deleted, changed or corrupted on a user’s computer. Slide 17
Discussion Activity What is the difference between hacking and cracking? Slide 18
Phishing • This is normally carried out through electronic communications, such as emails. • This is when an authorized person attempts to gather personal data, such as passwords and credit card details, by distinguishing themselves as a trustworthy person or organization. • The email will look legitimate and will normally encourage a person to click on a link on the email and when the link is clicked, it will take the user to a website that will ask them for their personal information. Slide 19
Smishing • Smishing is short for SMS phishing. It is similar to phishing , but it is carried out using SMS text messaging rather than email. Slide 20
Vishing • Vishing is short for voice phishing. It is the act of using a telephone call to try and scam a user into giving their personal data. • The scammer will usually pretend that they are a legitimate person or organization. Slide 21
Pharming • Pharming is another method of collecting personal data. • A hacker will install malicious code onto a person’s computer or server. When a user types in a web address, they will be redirected to a fraudulent, but legitimate looking, replica website, without their consent. Slide 22
Denial of Service Attack (DoS) • A denial of service attack is designed to send more requests to a server that it can deal with. • They are carried out to cause disruptions to an organizations network or website and often result in users not being able to use the network and clients not being able to access the website. Slide 23
Spam • Spam is often referred to as Junk email. • While spam is less of a security risk, it can cause denial of service by clogging up the bandwidth on the internet. Slide 24
Cookies • Cookies are small files or code that are stored on a user’s computer. • Once a cookie has been read by the web browser or users computer, the data can be retrieved and used t customize the webpage for each individual. Slide 25
Malwares • Malware is a computer program that is designed to damage or disrupt a computer system and the files that are stored on it. • Malwares can take the following forms: • Viruses • Adware • Trojan horse • Rootkit • Worms • Malicious bots • Spyware • Ransomware Slide 26
Virus • This is a program code or software that can replicate itself with the intention of deleting or corrupting files on a computer. • They often cause the computer to malfunction. For example by filling up the hard disk drive. Slide 27
Trojan Horse • This is a malicious computer program that disguises itself as another application, such as a game or a utility program. It normally acts as a computer virus would. Slide 28
Worms • This is a small computer program that uses computer networks and finds security holes to replicate itself. • They can also exploit security holes in a piece of software or operating system. Worms also often acts like a virus would. Slide 29
Spyware/ Key-Logging Software • This is a software that gathers data by monitoring key presses on the users keyboard; the gathered data is sent back to the person who sent the software. Slide 30
Adware • Adware is short for advertising-supported software. • It is a software program that is used to display adverts that are targeted at the user. • It can analyze the website the user visits and will target them with advertising of a similar nature. Slide 31
Rootkit • This is a computer program that enables a person to gain administrator access to a victims computer. • It normally gets installed when a victims password is cracked. Slide 32
Assignment • Find out about Malicious bots and Ransomwares. Slide 33
**END** Thank You Slide 34
Recommend
More recommend
