COMMERCE 2KA3 Chapter Notes - Chapter 8: Machine-Readable Medium, Rogue Security Software, Sql Injection

Security: refers to the polices, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems. Controls: are methods, policies, and organizational procedures that ensure the safety of the organization"s asset, the accuracy and reliability of its records, and operational adherence to management standards. Large amounts of data in electronic form are more vulnerable than that which would be in manual form. Through communications networks, information systems, in different locations are interconnected. There is greater potential for unauthorized access, abuse, and fraud, but it is not limited to a single location b/c its electronic. Threats can stem from technical, organizational, and environmental factors compounded by poor management decisions. Users at the client level cause harm by introducing errors or by accessing systems without authorization. Internet and other large public networks are more vulnerable than internal networks because they are open to anyone, thus the impact of a few can have effects on the many.