237-L13-6up - Agenda Questions BUS 237 Information Systems...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
BUS 237 1 Lecture 12: Managing Information Security and Privacy BUS 237 Information Systems in Business BUS 237 Agenda Questions? Security Threats Security Safeguards Final Exam BUS 237 2 This Could Happen to You Emerson Pharmaceuticals $800M in sales 200 person IT department DSI $50M in sales 1 person IT department No in-house software development (only licensed software) Why the difference? Directors and project managers at DSI are knowledgeable in IT Users at DSI want only support for IT infrastructure two servers, one supports sales & marketing; the other supports design, inventory, and manufacturing What about security? BUS 237 3 Learning Objectives BUS 237 4 Q1. What is identity theft, and what can I do about it? Q2. What are the elements of a security program? Q3. How can technical safeguards protect against security threats? Q4. How can data safeguards protect against security threats? Q5. How can human safeguards protect against security threats? Q6. What is disaster preparedness? Q7. How should organizations respond to security incidents? Security of Information Systems Security Threats BUS 237 BUS 237 6 What is the Perfect Crime? When you don’t know that there has been one. .. ~ a perfect fit with digital goods.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
BUS 237 2 Security Security gets management attention & is sexy (but beware of fear mongering) 85% of the solution does not need to be either technological or expensive Price the fence to the cattle or the damage that they can do BUS 237 7 Q1. What is identity theft, and what can I do about it? Understanding threats to your own privacy will help make you more sensitive to the importance of security and privacy In identity theft , vital information such as a person’s name, address, date of birth, social insurance number, and mother’s maiden name are acquired to complete impersonation With this information, the identity thief can take over a victim’s financial accounts; open new bank accounts; transfer bank balances; apply for loans, credit cards, and other services Security Threats to Organizations Three sources of security problems are: 1. Human error and mistakes 2. Malicious human activity 3. Natural events and disasters BUS 237 9 1. Human Errors and Mistakes Human errors and mistakes include accidental problems caused by both employees and non- employees An example is an employee who misunderstands operating procedures and accidentally deletes customer records This category also includes poorly written programs and poorly designed procedures As well as physical accidents BUS 237 10 2. Malicious Human Activity The second source of security problems is malicious human activity This category includes employees and former employees who intentionally destroy data or other systems components It also includes hackers who break into a system and virus and worm writers who infect computer systems Malicious human activity also includes outside criminals
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 9

237-L13-6up - Agenda Questions BUS 237 Information Systems...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online