Ch.10 information systems security and controls

Ch.10 information systems security and controls - Ch.10...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Ch.10 information systems security and controls 10.1 information systems security Threats to IS can come from a variety of paces inside and external to an organization. IS security precautions taken to keep all aspects of IS (e.g. all hardware, software, network equipment, data and facilities) safe from unauthorized use or access. Which mean that you have to secure not only the personal computers on people s desks but also the notebook computers. Fortunately, there are a variety of managerial methods and security technologies that can be used to manage IS security effectively. Primary threats to information systems security p.395 Accidents and natural disasters Inexperienced or careless computer operator or cats walking across keyboards, power outages (stop offer), hurricanes (weather impact) ,etc Employees and consultants People within an organization who have access to electronic files Links to outside business contacts When the business doing business with other, electronic information can be at risk Outsiders Hackers and crackers who penetrate (use) networks and computer system to snoop 刺探者 or to cause damage IS are often compromised (damage) through one or more of the following: unauthorized access, information modification, denial of service and viruses, spam, spyware and cookie. Unauthorized access It occurs between people who are unauthorized to see, manipulate, or handle information look through electronically stored information files for interesting or useful data, monitors displaying proprietary or confidential information or intercept electronic information on the way to its destination. It can be gained by physically stealing computers, stealing storage media, using someone else s pw or opening files on a computer that has not been set up to limit access. When computer information is shared by several users in an organization or in-house system, administrators can prevent casual snooping or theft of information by requiring correct permissions Administrators can log attempts of unauthorized individuals trying to obtain
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Ch.10 information systems security and controls access. Information modification Occurs when someone accesses electronic information and then changes the information in some way. e.g. when employees give themselves electronic raise and bonuses or salary e.g. when crackers hack into govt Web site and change information Computer viruses Viruses are one of the greatest risks to computer security Viruses consist of destructive code that can erase a hard drive, sesize control of a computer and do damage, When viruses destroy data, company has to spend time and money to repair the damage. Worms, a variation of virus that is targeted at networks, take advantage of
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/02/2012 for the course INFS 1602 taught by Professor Bradley during the Three '12 term at University of New South Wales.

Page1 / 15

Ch.10 information systems security and controls - Ch.10...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online