งานนำเสนอกำลังจะดาวน์โหลด โปรดรอ

งานนำเสนอกำลังจะดาวน์โหลด โปรดรอ

Principles of Information Systems Eighth Edition Chapter 14 The Personal and Social Impact of Computers.

งานนำเสนอที่คล้ายกัน


งานนำเสนอเรื่อง: "Principles of Information Systems Eighth Edition Chapter 14 The Personal and Social Impact of Computers."— ใบสำเนางานนำเสนอ:

1 Principles of Information Systems Eighth Edition Chapter 14 The Personal and Social Impact of Computers

2 2Principles of Information Systems, Eighth Edition Principles and Learning Objectives Policies and procedures must be established to avoid computer waste and mistakes –Describe some examples of waste and mistakes in an IS environment, their causes, and possible solutions –Identify policies and procedures useful in eliminating waste and mistakes –Discuss the principles and limits of an individual’s right to privacy

3 3Principles of Information Systems, Eighth Edition Principles and Learning Objectives (continued) Computer crime is a serious and rapidly growing area of concern requiring management attention –Explain the types and effects of computer crime –Identify specific measures to prevent computer crime

4 4Principles of Information Systems, Eighth Edition Principles and Learning Objectives (continued) Jobs, equipment, and working conditions must be designed to avoid negative health effects –List the important effects of computers on the work environment –Identify specific actions that must be taken to ensure the health and safety of employees –Outline criteria for the ethical use of information systems

5 5Principles of Information Systems, Eighth Edition Why Learn About Security, Privacy, and Ethical Issues in Information Systems and the Internet? Many nontechnical issues associated with ISs Human Resource employees need to: –Prevent computer waste and mistakes –Avoid privacy violations –Comply with laws about: Collecting customer data Monitoring employees Employees, IS users, and Internet users need to: –Avoid crime, fraud, privacy invasion

6 6Principles of Information Systems, Eighth Edition Computer Waste and Mistakes Computer waste –Inappropriate use of computer technology and resources Computer-related mistakes –Errors, failures, and other computer problems that make computer output incorrect or not useful –Caused mostly by human error

7 7Principles of Information Systems, Eighth Edition Computer Waste Cause: improper management of information systems and resources –Discarding old software and computer systems when they still have value –Building and maintaining complex systems that are never used to their fullest extent –Using corporate time and technology for personal use –Spam

8 8Principles of Information Systems, Eighth Edition Computer-Related Mistakes Common causes –Failure by users to follow proper procedures –Unclear expectations and a lack of feedback –Program development that contains errors –Incorrect data entry by data-entry clerk

9 9Principles of Information Systems, Eighth Edition Preventing Computer-Related Waste and Mistakes Effective policies and procedures must be: –Established สร้าง –Implemented ทำ –Monitored ติดตาม –Reviewed ทบทวน

10 10Principles of Information Systems, Eighth Edition Establishing Policies and Procedures Establish policies and procedures regarding efficient acquisition, use, and disposal of systems and devices Identify most common types of computer-related mistakes Training programs for individuals and workgroups Manuals and documents on how computer systems are to be maintained and used Approval of certain systems and applications before they are implemented and used

11 11Principles of Information Systems, Eighth Edition Implementing Policies and Procedures Policies often focus on: –Implementation of source data automation –Use of data editing to ensure data accuracy and completeness –Assignment of clear responsibility for data accuracy within each information system Training is very important for acceptance and implementation of policies and procedures

12 12Principles of Information Systems, Eighth Edition Monitoring Policies and Procedures Monitor routine practices and take corrective action if necessary Implement internal audits to measure actual results against established goals Follow requirements in Sarbanes-Oxley Act –Requires companies to document underlying financial data to validate earnings reports

13 13Principles of Information Systems, Eighth Edition Reviewing Policies and Procedures Do current policies cover existing practices adequately? –Were any problems or opportunities uncovered during monitoring? Does the organization plan any new activities in the future? –If so, does it need new policies or procedures on who will handle them and what must be done? Are contingencies and disasters covered?

14 14Principles of Information Systems, Eighth Edition Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents is increasing dramatically Computer crime is now global

15 15Principles of Information Systems, Eighth Edition The Computer as a Tool to Commit Crime Criminals need two capabilities to commit most computer crimes –Knowing how to gain access to computer system –Knowing how to manipulate the system to produce desired results Examples –Social engineering เทคนิคการเข้าระบบโดยใช้ช่องโหว่จาก พฤติกรรมของผู้ใช้ เช่น phishing –Dumpster diving พฤติกรรมการรื้อค้นขยะเพื่อหาสิ่งที่มี ประโยชน์ จึงอาจใช้เป็นช่องทางในการหาข่าวและความลับของ คู่แข่ง –Counterfeit and banking fraud using sophisticated desktop publishing programs and high-quality printers

16 16Principles of Information Systems, Eighth Edition Cyberterrorism Cyberterrorist: intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer- based attacks against computers, networks, and information stored on them การข่มขู่หรือใช้อำนาจ บังคับให้รัฐบาลหรือองค์กรทำตามที่ผู้ก่อการร้ายต้องการ เช่น การโจมตีต่างๆ Homeland Security Department’s Information Analysis and Infrastructure Protection Directorate –Serves as governmental focal point for fighting cyberterrorism

17 17Principles of Information Systems, Eighth Edition Identity Theft Imposter obtains personal identification information such as Social Security or driver’s license numbers in order to impersonate someone else การปลอม แปลงหรือการได้ข้อมูลส่วนตัวของคนอื่นมา เพื่อจะได้เป็น คนนั้น –To obtain credit, merchandise, and services in the name of the victim –To have false credentials Identity Theft and Assumption Deterrence Act of 1998 passed to fight identity theft 9 million victims in 2005

18 18Principles of Information Systems, Eighth Edition The Computer as the Object of Crime Crimes fall into several categories –Illegal access and use การเข้าสู่ระบบหรือใช้งาน แบบ ไม่ถูกต้อง –Data alteration and destruction การเปลี่ยนข้อมูลและ ทำลายข้อมูล –Information and equipment theft การขโมยข้อมูลและ อุปกรณ์ –Software and Internet piracy การลักลอบใช้ซอฟต์แวร์ โดยไม่ได้รับอนุญาต –Computer-related scams การโกงต่างๆที่เกี่ยวข้องกับ คอมพิวเตอร์ –International computer crime อาชญากรรมคอมพิวเตอร์ ข้ามชาติ

19 19Principles of Information Systems, Eighth Edition Illegal Access and Use Hacker: learns about and uses computer systems Criminal hacker (also called a cracker): gains unauthorized use or illegal access to computer systems Script bunny: automates the job of crackers พวกที่ เขียน script เองไม่เป็นแต่ใช้ของคนอื่น เพื่อสร้างความ ประทับใจให้กับคนในกลุ่ม Insider: employee who comprises corporate systems Malware: software programs that destroy or damage processing

20 20Principles of Information Systems, Eighth Edition Illegal Access and Use (continued) Virus: program file capable of attaching to disks or other files and replicating itself repeatedly Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network

21 21Principles of Information Systems, Eighth Edition Illegal Access and Use (continued) Trojan horse: program that appears to be useful but purposefully does something user does not expect Logic bomb: type of Trojan horse that executes when specific conditions occur Variant: modified version of a virus that is produced by virus’s author or another person

22 22Principles of Information Systems, Eighth Edition Using Antivirus Programs Antivirus program: program or utility that prevents viruses and recovers from them if they infect a computer Tips on using antivirus software –Run and update antivirus software often –Scan all diskettes and CDs before using them –Install software only from a sealed package or secure, well-known Web site –Follow careful downloading practices –If you detect a virus, take immediate action

23 23Principles of Information Systems, Eighth Edition Using Antivirus Programs (continued) Antivirus software should be used and updated often

24 24Principles of Information Systems, Eighth Edition Information and Equipment Theft Obtaining identification numbers and passwords to steal information or disrupt systems –Trial and error, password sniffer program Software theft Computer systems and equipment theft –Data on equipment is valuable

25 25Principles of Information Systems, Eighth Edition Software and Internet Software Piracy Software is protected by copyright laws กฎหมาย ลิขสิทธิ์ Copyright law violations การละเมิดกฎหมายลิขสิทธิ์ –Making additional copies –Loading the software onto more than one machine Software piracy: act of illegally duplicating software การทำซ้ำซอฟต์แวร์แบบผิดกฎหมาย Internet-based software piracy –Most rapidly expanding type of software piracy and most difficult form to combat –Examples: pirate Web sites, auction sites with counterfeit software, peer-to-peer networks

26 26Principles of Information Systems, Eighth Edition Computer-Related Scams Examples of Internet scams โกง –Get-rich-quick schemes –“Free” vacations with huge hidden costs –Bank fraud –Fake telephone lotteries –Selling worthless penny stocks Phishing –Gaining access to personal information by redirecting user to fake site การหลอกลวงทางอินเทอร์เน็ตที่หลอกให้เหยื่อเข้าไปใน เว็บไซต์ปลอม เพื่อกรอกข้อมูลส่วนตัวหรือเป็นความลับลง ไป

27 27Principles of Information Systems, Eighth Edition International Computer Crime Computer crime becomes more complex when it is committed internationally Large percentage of software piracy takes place across borders Threat of terrorists, international drug dealers, and other criminals using information systems to launder illegally obtained funds Computer Associates International’s CleverPath for Global Compliance software

28 28Principles of Information Systems, Eighth Edition Preventing Computer-Related Crime Efforts to curb computer crime being made by: –Private users –Companies –Employees –Public officials

29 29Principles of Information Systems, Eighth Edition Crime Prevention by State and Federal Agencies Computer Fraud and Abuse Act of 1986 –Punishment based on the victim’s dollar loss Computer Emergency Response Team (CERT) ศูนย์ประสานงานการรักษาความปลอดภัยคอมพิวเตอร์ –Responds to network security breaches –Monitors systems for emerging threats Newer and tougher computer crime legislation is emerging การออกกฎหมายที่เกี่ยวกับอาชญากรรมทาง คอมพิวเตอร์

30 30Principles of Information Systems, Eighth Edition Crime Prevention by Corporations Public key infrastructure (PKI) เป็นระบบป้องกันข้อมูล การสื่อสารผ่านเครือข่าย โดยใช้ key คู่ ( คือ public key และ private key) ในการเข้าและถอดรหัสข้อมูล โดยมี Certificate Authority เป็นผู้ออกให้ มีวัตถุประสงค์เพื่อ ปกปิดข้อมูลให้เป็นความลับในระหว่างการส่ง - รับข้อมูล –Allows users of an unsecured public network such as the Internet to securely and privately exchange data –Use of a public and a private cryptographic key pair, obtained and shared through a trusted authority Biometrics: measurement of one of a person’s traits, whether physical or behavioral

31 31Principles of Information Systems, Eighth Edition Table 14.3: Common Methods Used to Commit Computer Crimes Crime Prevention by Corporations (continued) เพิ่ม ลบ เปลี่ยนข้อมูลที่นำเข้าระบบ เช่น การลบข้อมูลการขาดเรียน เปลี่ยนแปลงหรือพัฒนาระบบเพื่อใช้ก่ออาชญากรรม เช่นการเปลี่ยนโปรแกรมคำนวณดอกเบี้ยเงินฝากของธนาคาร เลือกหรือเปลี่ยนแปลงแฟ้มข้อมูล เช่น การเปลี่ยนเกรดจาก C เป็น A การใช้งานระบบคอมพิวเตอร์เพื่อก่ออาชญากรรม เช่น ลอบเข้าระบบของรัฐบาล

32 32Principles of Information Systems, Eighth Edition Crime Prevention by Corporations (continued) Table 14.3: Common Methods Used to Commit Computer Crimes (continued) 5. ทำให้ผลลัพธ์ที่ได้ออกมาไม่ถูกต้องหรือนำไปใช้ในการที่ผิด เช่น การขโมยข้อมูลลูกค้าจากถังขยะของบริษัท 6. การขโมยทรัพยากรต่างๆ เช่น hardware software และเวลา เช่น การ copy โปรแกรมมาใช้งานโดยไม่จ่ายเงิน 7. ขายสินค้าที่ไม่มีค่าบนอินเทอร์เน็ต เช่น การส่ง ขายของที่ไม่มีค่าหรือไม่มีประโยชน์ 8. การ blackmail ลักลอบนำข้อมูลที่เป็นความลับหรือมีประโยชน์มาเปิดเผย 9. การ blackmail โดยการข่มขู่เพื่อให้ได้สิ่งที่ต้องการเรียกร้อง

33 33Principles of Information Systems, Eighth Edition Using Intrusion Detection Software Intrusion detection system (IDS) ระบบตรวจจับการบุก รุก คิดตาม ตรวจสอบ –Monitors system and network resources ติดตามดูแล ระบบและทรัพยากรเครือข่าย –Notifies network security personnel when it senses a possible intrusion, such as: Repeated failed logon attempts Attempts to download a program to a server Access to a system at unusual hours –Can provide false alarms – or voice message alerts may be missed

34 34Principles of Information Systems, Eighth Edition Using Managed Security Service Providers (MSSPs) Managed security service provider (MSSP): organization that monitors, manages, and maintains network security for both hardware and software for its client companies บริษัทหรือผู้ให้บริการดูแลรักษาความปลอดภัยข้อมูลของ องค์กร และป้องกันภัยจากการใช้อินเทอร์เน็ต –Sifts through alarms and alerts from all monitoring systems –May provide scanning, blocking, and filtering capabilities –Useful for small and midsized companies

35 35Principles of Information Systems, Eighth Edition Internet Laws for Libel and Protection of Decency Filtering software –Screens Internet content to protect children –Prevents children from sending personal information over or through chat groups Internet Content Rating Association (ICRA) rating system for Web sites Children’s Internet Protection Act (CIPA) –Requires filters in federally funded libraries

36 36Principles of Information Systems, Eighth Edition Internet Laws for Libel and Protection of Decency (continued) Libel: publishing an intentionally false written statement that is damaging to a person’s reputation Can online services be sued for libel for content that someone else publishes on their service? การหมิ่นประมาททางอินเทอร์เน็ต ฟ้องร้องได้

37 37Principles of Information Systems, Eighth Edition Preventing Crime on the Internet Develop effective Internet usage and security policies Use a stand-alone firewall with network monitoring capabilities Deploy intrusion detection systems, monitor them, and follow up on their alarms Monitor managers’ and employees’ use of Internet Use Internet security specialists to perform audits of all Internet and network activities

38 38Principles of Information Systems, Eighth Edition Privacy Issues With information systems, privacy deals with the collection and use or misuse of data More and more information on all of us is being collected, stored, used, and shared among organizations Who owns this information and knowledge?

39 39Principles of Information Systems, Eighth Edition Privacy and the Federal Government Data collectors –U.S. federal government –State and local governments –Profit and nonprofit organizations U.S. National Security Agency (NSA)’s program to wiretap telephone and Internet traffic of U.S. residents

40 40Principles of Information Systems, Eighth Edition Privacy at Work Rights of workers who want their privacy versus interests of companies that demand to know more about their employees Workers can be closely monitored via computer technology –Track every keystroke made by a user –Determine what workers are doing while at the keyboard –Estimate how many breaks workers are taking Many workers consider monitoring dehumanizing

41 41Principles of Information Systems, Eighth Edition Privacy Federal law permits employers to monitor sent and received by employees messages that have been erased from hard disks can be retrieved and used in lawsuits Use of among public officials might violate “open meeting” laws

42 42Principles of Information Systems, Eighth Edition Privacy and the Internet Huge potential for privacy invasion on the Internet – messages –Visiting a Web site –Buying products over the Internet Platform for Privacy Preferences (P3P): screening technology นโยบายในการคุ้มครองสิทธิส่วนบุคคล เช่น cookies Children’s Online Privacy Protection Act (COPPA), 1998: requires privacy policies and parental consent Potential dangers on social networking Web sites

43 43Principles of Information Systems, Eighth Edition Fairness in Information Use Table 14.4: The Right to Know and the Ability to Decide

44 44Principles of Information Systems, Eighth Edition Fairness in Information Use (continued) The Privacy Act of 1974: provides privacy protection from federal agencies Gramm-Leach-Bliley Act: requires financial institutions to protect customers’ nonpublic data USA Patriot Act: allows law enforcement and intelligence agencies to gather private information Other laws regulate fax advertisements, credit-card bureaus, the IRS, video rental stores, telemarketers, etc.

45 45Principles of Information Systems, Eighth Edition Corporate Privacy Policies Should address a customer’s knowledge, control, notice, and consent over storage and use of information May cover who has access to private data and when it may be used A good database design practice is to assign a single unique identifier to each customer

46 46Principles of Information Systems, Eighth Edition Individual Efforts to Protect Privacy Find out what is stored about you in existing databases เก็บข้อมูลเกี่ยวกับตนเองอะไรไว้บ้างใน ฐานข้อมูล Be careful when you share information about yourself ระมัดระวังการ share ข้อมูลของตนเอง Be proactive to protect your privacy ป้องกันข้อมูลส่วนตัว ของตนเอง When purchasing anything from a Web site, make sure that you safeguard your credit card numbers, passwords, and personal information เมื่อมีการซื้อขาย ในเว็บไซต์ให้ระมัดระวังเกี่ยวกับข้อมูลให้มาก เช่นข้อมูล ส่วนตัว เลขที่บัตรเครดิต รหัสผ่าน

47 47Principles of Information Systems, Eighth Edition The Work Environment Use of computer-based information systems has changed the workforce –Jobs that require IS literacy have increased –Less-skilled positions have decreased Computer technology and information systems have opened up numerous avenues to professionals and nonprofessionals Despite increasing productivity and efficiency, computers and information systems can raise other concerns

48 48Principles of Information Systems, Eighth Edition Health Concerns Occupational stress ความเครียด Repetitive stress injury (RSI) อาการที่เกิดจากการนั่ง ทำงานอยู่หน้าเครื่องนานๆ แบบไม่ถูกสุขลักษณะ Carpal tunnel syndrome (CTS) เส้นประสาทที่ข้อมือ ถูกกด Emissions from improperly maintained and used equipment ใช้อุปกรณ์หรือเครื่องมือไม่เหมาะสม Increase in traffic accidents due to drivers using cell phones, laptops, or other devices while driving ใช้มือถือ โน๊ตบุ๊คหรืออุปกรณ์อื่นๆ ขณะขับรถ

49 49Principles of Information Systems, Eighth Edition Avoiding Health and Environment Problems Work stressors: hazardous activities associated with unfavorable conditions of a poorly designed work environment ตัวก่อความเครียดในงาน, ความเครียด, แรงกดดัน ความต้องการสำเร็จ เป็นต้น Ergonomics: science of designing machines, products, and systems to maximize safety, comfort, and efficiency of people who use them การยศาสตร์ Employers, individuals, and hardware manufacturing companies can take steps to reduce RSI and develop a better work environment

50 50Principles of Information Systems, Eighth Edition Avoiding Health and Environment Problems (continued) Research has shown that developing certain ergonomically correct habits can reduce the risk of RSI when using a computer

51 51Principles of Information Systems, Eighth Edition Ethical Issues in Information Systems Laws do not provide a complete guide to ethical behavior Many IS-related organizations have codes of ethics for their members American Computing Machinery (ACM): oldest computing society founded in 1947 ACM’s code of ethics and professional conduct –Contribute to society and human well-being –Avoid harm to others –Be honest and trustworthy

52 52Principles of Information Systems, Eighth Edition Ethical Issues in Information Systems (continued) ACM’s code of ethics and professional conduct (continued) –Be fair and take action not to discriminate –Honor property rights including copyrights and patents –Give proper credit for intellectual property –Respect the privacy of others –Honor confidentiality

53 53Principles of Information Systems, Eighth Edition Summary Computer waste: inappropriate use of computer technology and resources Computer-related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful; caused mostly by human error Preventing computer-related waste and mistakes requires establishing, implementing, monitoring, and reviewing effective policies and procedures

54 54Principles of Information Systems, Eighth Edition Summary (continued) Criminals need two capabilities to commit most computer crimes: knowing how to gain access to a computer system and knowing how to manipulate the system to produce desired results Crimes in which computer is the tool: cyberterrorism, identity theft, etc. Crimes in which computer is the object of crime: illegal access and use, data alteration and destruction, information and equipment theft, software and Internet piracy, computer-related scams, and international computer crime

55 55Principles of Information Systems, Eighth Edition Summary (continued) Efforts to curb computer crime are being made by state and federal agencies, corporations, and individuals With information systems, privacy deals with the collection and use or misuse of data Ergonomics: science of designing machines, products, and systems to maximize safety, comfort, and efficiency of people who use them Many IS-related organizations have codes of ethics for their members


ดาวน์โหลด ppt Principles of Information Systems Eighth Edition Chapter 14 The Personal and Social Impact of Computers.

งานนำเสนอที่คล้ายกัน


Ads by Google