Textbook Notes (368,316)
Canada (161,798)
BUS 237 (192)
Chapter 12

MIS Chapter 12 Managing Information Security and Privacy.docx

2 Pages
158 Views
Unlock Document

Department
Business Administration
Course
BUS 237
Professor
Zorana Svedic
Semester
Summer

Description
Bus 237 Management Information Systems Chapter 12 Chapter 12: Managing Information Security and Privacy Identity theft Stealing, misrepresenting, or hijacking the identity of another person or business Personal Info Protection and In Canada, PIPEDA gives individuals the right to know why an Electronic Documents Act (PIPEDA) organization collects, uses, or discloses their personal info Security threats A problem with the security of information or the data therein, caused by human error, malicious activity, or natural disasters Spam Unwanted email messages Unauthorized data disclosure Can occur because of human error when someone inadvertently releases data in violation of policy, or when employees unknowingly or carelessly release proprietary data to competitors or the media Pretexting A technique for gathering unauthorized info in which someone pretends to be someone else. A common scam involves a telephone caller who pretends to be from a credit card company and claims to be checking the validity of credit card numbers. Phishing is also a form of pretexting Phishing/Email spoofing A technique used for obtaining unauthorized data that uses pretexting via email. The phisher pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, social insurance numbers, account passwords and so forth. Phishers direct traffic to their sites under the guise of a legitimate business Spoofing When someone pretends to be someone else with the intent of obtaining unauthorized data. IP spoofing A type of spoofing whereby an intruder uses another site’s IP address as if it were that other site Sniffing A technique used for intercepting computer communications. With wired networks, sniffing requires a physical connection to network. With wireless networks, no such connection is required Drive-by sniffers People who take computers with wireless connections thru an area and search for unprotected wireless networks in an attempt to gain free Internet access or to gather unauthorized data Hacking Occurs when a person gains unauthorized access to a computer system. Some people hack for the sheer joy, other hackers invade systems for the malicious purpose of stealing or modifying data Denial of service (DOS) Security problem in which users are not able to access and IS; can be caused by human errors, natural disasters, or malicious activity Technical safeguards Safeguards involving hardware and software components of an IS Identification The process whereby an IS identifies a user by requiring the user to sign on with a username and password Authentication The process whereby an IS approves (authenticates) a user by checking the user’s password Smart card A plastic card similar to a credit card that has a microchip. The microchip which holds much more data than a magnetic strip is loaded with identifying data. Normally, it requires a pin Personal identification number (PIN) A form of authentication whereby the user supplies a number that only he or she knows Bus 237
More Less

Related notes for BUS 237

Log In


OR

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


OR

By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.


Submit