ITM 100 Chapter Notes - Chapter 8: Wired Equivalent Privacy, Rogue Security Software, Sql Injection

Watch out: problem: massive data breach; using old security practices, solution: initiative to use minimal up-to-date industry practices, for example, salting passwords. Illustrates the need for security practices to keep up with current standards and threats: demonstrates the lack of regulation for corporate computer security and social network data security; poor data protection by many companies. Policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems: controls: Methods, policies, and organizational procedures that ensure safety of organization"s assets; accuracy and reliability of its accounting records; and operational adherence to management standards. Hardware problems (breakdowns, configuration errors, damage from improper use or crime) Software problems (programming errors, installation errors, unauthorized changes) Use of networks/computers outside of firm"s control. Internet vulnerabilities: network open to anyone, size of internet means abuses can have wide impact, use of fixed internet addresses with cable or dsl modems creates fixed targets for hackers, unencrypted voip, e-mail, p2p, im.