Textbook Notes (363,103)
Canada (158,195)
BUS 237 (186)
Maryam Ali (24)
Chapter 12

Chapter 12 Managing Info Security and Privacy.pdf

4 Pages
Unlock Document

Simon Fraser University
Business Administration
BUS 237
Maryam Ali

Chapter 12 Managing Info Security and Privacy August-03-12 9:59 PM Security Threats • Identity theft Sources Humanerror/mistakes • Accidental problems, caused by employees& non-employees Malicioushuman activity • People who intentionally destroy data or system components • Includes hackers, virus/wormwriters, spam Natural events & disasters • Loss of capability and service, also from attempts of recovery Problems Unauthorizeddata disclosure • Personal Information Protection and Electronic Documents Act (PIPEDA) ○ Personal info: info about an identifiable individual, but does no include name, title, business address, or phone number of an employeeof an organization ○ Individuals have right to know why an organization collects/uses/disclosestheir personal info ○ Requires organizations to identify anyone who is responsible for keeping personal info private and secure ○ Allows individuals to access to info, to check accuracy Pretexting • When someonedeceives by pretending to be someoneelse • Phishing ○ Pretexting via email • Spoofing ○ Someonepretending to be someoneelse ○ IP spoofing  An intruder uses another site's IP address and pretends to be that site ○ Email spoofing  Same thing as phishing Sniffing • Technique for intercepting computercommunications/connections • Wired networks:requires physical connection to network • Wireless network:no need for physical connection ○ Drive-by sniffers: take computers in an area with wireless connectionsand search for unprotected wireless networks ○ Monitor and intercept wireless traffic at will Incorrect Data Modification • Can occur by human error • System errors Hacking • A person gains unauthorized access to a computersystem Faulty Service • Result from incorrect system operation Denialof Service (DOS) • Attacks often launched maliciously Loss of Infrastructure • Can be caused by human accidents, theft, terrorist events, disgruntled employee,natural disasters Security Safeguards 3 componentsof a security program 3 componentsof a security program • Senior management ○ Establish security policy ○ Manage risk by balancing costs and benefits of security program • Safeguards ○ Protectionsagainst security threats ○ Consider disaster recoverysafeguards • Incident response ○ Planned response to security incidents Technical Safeguards • Involve hardware & software components Identification and authentication • Identify with username, authenticate with password • Smart card ○ Microchip, requires PIN to authenticate • Biometrics ○ Personal physical characteristics to authenticate ○ Strong authentication, expensive, may be invasive • Single sign-on for multiple systems ○ Don't need to sign in for every network in the organization Encryption & Firewalls Malware Protection • Malware: viruses, worms,Trojan horses, spyware, adware • Spyware & Adware ○ Spyware  Programsinstalled on user's computer without their knowledge/permission  Resides in background, observeactions and keystrokes,monitorsactivity, report to sponsoring organizations  Take usernames,passwords, sensitive info  Make marketing analyses ○ Adware  Programsinstalled on user's computer without their knowledge/permission  Produce popups, change default window, modify search results, switch search engine • Malware Safeguards ○ Install antivirus, anti-spyware  From reputable companies ○ Setup anti-malware programs to scan computerat least once a week ○ Update malware definitions  Patterns that exist in ma
More Less

Related notes for BUS 237

Log In


Don't have an account?

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.