ITM 100 Lecture Notes - Lecture 9: Personal Information Protection And Electronic Documents Act, Phishing, Smart Card
DepartmentInformation Technology Management
Course CodeITM 100
This preview shows half of the first page. to view the full 1 pages of the document.
ITM 100 - Chapter 9
Information Ethics – Principles and standards that guide our behaviour towards other people in the use of info and info technology.
Privacy – The right to be left alone, have control over your personal possessions, and not to be observed without consent
Confidentiality – the assurance that messages and information are available only to those who are authorized to view them
Information privacy - concerns the legal right of individuals, groups, or institutions to determine for themselves when information
about them is communicated to others.
Personal Information Protection and Electronic Documents Act (PIPEDA) is a Federal act that applies to all organizations
ePolicies--Organizations strive to build a corporate culture based on ethical principles that employees can understand and implement.
Ethical computer use policy – contains general principles to guide computer user behaviour.
Protecting Enterprise Information
Information security – the protection of information from misuse by persons inside or outside an organization.
Information security policies – identify the rules required to maintain information security.
Information security plan – how an organization will implement the information security policies.
Authentication – A method for confirming users’ identities
Authorization – The process of giving someone permission to do or have something
Identity theft – the forging of someone’s identity for the purpose of fraud
Phishing – a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent e-mail
Tokens – Small electronic devices that change user passwords automatically.
Smart card – A device that can store information and small amounts of software to perform some limited processing.
Biometrics – The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting.
Spam – is a form of unsolicited email.
Technologies available to help prevent and build resistance to attacks include:
Content filtering - prevents emails containing sensitive info from transmitting and stops spam and viruses from spreading.
Encryption—transforming a message into an alternative form that requires a key or password to make it readable.
Public key encryption (PKE)— Everyone needs to unscramble the message, the recipient has the key/answer
Firewall – Hardware and/or software that guards a private network by analyzing the info leaving and entering the network
Hackers—experts in technology who use their knowledge to break into computers and computer networks
Virus—malicious software that spreads from computer to computer by a user activating the file in which it resides.
Worm—a type of malicious software that spreads across networks and does not need a user to activate it.
You're Reading a Preview
Unlock to view full version